Solved

ASP & LDAP Info on Users

Posted on 2007-03-27
27
438 Views
Last Modified: 2013-12-24
Hi,
A simple one for an expert, I'm sure. I'm tring to pull out info from my 2003 AD in to a web page via ASP to show basic contact info on users from specific groups. my ASP looks like this:

<%
strUser = "Domain\User"
strPassword = "Password"
SDomain = "Domain"
sLogonDomain = "User or Search"
Dim Conn2, strRS2, RS2, strConn2
Set Conn2 = Server.CreateObject("ADODB.Connection")
Set RS2 = Server.CreateObject("ADODB.Recordset")
Conn2.Provider = "ADsDSOObject"
Conn2.Properties("User ID") = strUser
Conn2.Properties("Password") = strPassword
Conn2.Properties("Encrypt Password") = True
strConn2 = "Active Directory Provider"
Conn2.Open strConn2 , strUser, strPassword
strRS2 = "SELECT givenname,sn,title,telephoneNumber,mail FROM 'LDAP://" & SDomain &"' WHERE sAMAccountName = '"&sLogonDomain &"' ORDER by name "

RS2.Open strRS2, Conn2,1,1
While RS2.EOF = False      
          response.write  rs2("givenname")
RS2.MoveNext
Wend
RS2.Close()
Set RS2 = Nothing
%>

The above works really well for a single user specified in sLogonDomain, say my own account. What i need to do is pull out the info for all the users in group such as 'Marketing'. If i specify 'Marketing' in sLogonDomain the ASP doesn't report any errors but no data comes out. Can anyont point me in the right direction?

Thanks.
0
Comment
Question by:MrPrince
  • 11
  • 9
  • 7
27 Comments
 
LVL 67

Expert Comment

by:sirbounty
Comment Utility
Your select statement isolates this to the one user...(where samaccountname=...)

strRS2 = "SELECT givenname,sn,title,telephoneNumber,mail FROM 'LDAP://" & SDomain &"' WHERE sAMAccountName = '"&sLogonDomain &"' ORDER by name "

remove that and perform testing against each one, or if you're referring to the Marketing OU, change sDomain to "ou=marketing,dc=domain,dc=com"
0
 

Author Comment

by:MrPrince
Comment Utility
Removing the Where statement causes errors with ASP.

strRS2 = "SELECT givenname,sn,title,telephoneNumber,mail FROM 'LDAP://" & SDomain & sLogonDomain &"' ORDER by name "

Also if i specify the 'Marketing' OU then only users from that OU will be searched. I have several groups in my users OU that need to be searched not at the same time though. For example the page might have a drop list running by department and an all users option at then end. If the all users seclection is pressen then the search should get all  info from staff members in that group. All groups are in my users OU. Hope that makes sense.
0
 
LVL 67

Expert Comment

by:sirbounty
Comment Utility
Use
strRS2 = "SELECT givenname,sn,title,telephoneNumber,mail FROM 'LDAP://" & SDomain

0
 

Author Comment

by:MrPrince
Comment Utility
Tried

strRS2 = "SELECT givenname,sn,title,telephoneNumber,mail FROM 'LDAP://" & SDomain

With sDomain as :

domain.co.uk
ou=marketing,dc=domain,dc=co,dc=uk
domain.co.uk/ou=marketing,dc=empiremuseum,dc=co,dc=uk

ASP throws up "Provider error '80040e14'"
0
 
LVL 67

Expert Comment

by:sirbounty
Comment Utility
strRS2 = "SELECT givenname,sn,title,telephoneNumber,mail FROM 'LDAP://dc=domain,dc=co,dc=uk'"
0
 
LVL 67

Expert Comment

by:sirbounty
Comment Utility
Make sure the LDAP section is enclosed in ' (apostrophes)
0
 

Author Comment

by:MrPrince
Comment Utility
OK nearly there i think, ASP now throws up "Table does not exist." How do i reference the group 'Staff contatcs list'?
0
 
LVL 67

Expert Comment

by:sirbounty
Comment Utility
table does not exist means it's not finding what you've got there...permissions or syntax problems, more than likely...
0
 
LVL 8

Expert Comment

by:NovoNordisk
Comment Utility
What information do you want to get?  If its just the usernames of those in the group then its much easier to use the winnt:// protocol like below:
    Dim Group
    Dim User
    Set Group = GetObject("WinNT://" & strDomain & "/" & strGroup & ",group")
    For Each User in Group.Members
      Response.Write User.Name
    Next

If you want more information about each user then you need to use the ldap:// protocol like so:

Set objGroup = GetObject("LDAP://CN=Managers,OU=Finance,DC=fabrikam,DC=com")

For Each objUser in objGroup.Members
    response.write "Name: " & objUser.DisplayName & " First name: "& objUser.givenname & " Surname: "& objUser.sn & "<br>"
Next
 
The only thing you need to do is enter the location of the group you wish to query.
0
 

Author Comment

by:MrPrince
Comment Utility
Thanks for your reply. Your suggestion certainly looks far neater than my example. I am however slightly confused about referencing groups with LDAP. My group is not located within any special OU just the Users one. Using your LDAP example would I simply write?

LDAP://CN=Staff ContactsOU=Users,DC=fabrikam,DC=com
0
 
LVL 8

Expert Comment

by:NovoNordisk
Comment Utility
What is your group called?
0
 

Author Comment

by:MrPrince
Comment Utility
Staff Contacts, among others.
0
 
LVL 8

Expert Comment

by:NovoNordisk
Comment Utility
Then yes assuming its simply in the users container it would be:

LDAP://CN=Staff Contacts,OU=Users,DC=fabrikam,DC=com

To be sure you can right click the group in active directory and go to object to see its path
0
Threat Intelligence Starter Resources

Integrating threat intelligence can be challenging, and not all companies are ready. These resources can help you build awareness and prepare for defense.

 

Author Comment

by:MrPrince
Comment Utility
Wicked thanks, I'll check it our tomorrow when i'm at work.
0
 
LVL 67

Expert Comment

by:sirbounty
Comment Utility
Actually Users is a container as well (and you're missing a comma there).
Try this:

LDAP://CN=Staff Contacts,CN=Users,DC=fabrikam,DC=com
0
 
LVL 67

Expert Comment

by:sirbounty
Comment Utility
Left this open and didn't refresh first...so the comma statement is bogus, but the container for Users still needs to be altered..
0
 

Author Comment

by:MrPrince
Comment Utility
Using the code:

Set objGroup = GetObject("LDAP://CN=Managers,OU=Finance,DC=fabrikam,DC=com")

For Each objUser in objGroup.Members
    response.write "Name: " & objUser.DisplayName & " First name: "& objUser.givenname & " Surname: "& objUser.sn & "<br>"
Next

I get ASP error '80005000'. As far as I know an '80005000' error is an 'invalid path' error. If I run the script from Windows:

Set objGroup = GetObject("LDAP://CN=Staff Contacts List,CN=Users,DC=empiremuseum,DC=co,DC=uk")

For Each objUser in objGroup.Members
    msgbox objUser.DisplayName
Next

It works fine. Any ideas about the '80005000'? Thanks.
0
 
LVL 8

Expert Comment

by:NovoNordisk
Comment Utility
What do you mean if you run it from windows it works?
0
 

Author Comment

by:MrPrince
Comment Utility
As a vbs file.
0
 
LVL 8

Expert Comment

by:NovoNordisk
Comment Utility
Well in that case it probably means what ever user your ASP pages are running as does not have enough rights to query active directory.  If you are using IIS with an anonymous account try changing it to a different account and see if that works
0
 

Author Comment

by:MrPrince
Comment Utility
Wicked. Very nearly there. How would iIorder my list by givenname?
0
 
LVL 67

Accepted Solution

by:
sirbounty earned 65 total points
Comment Utility
You would have to build an ArrayList/SortedList with your detail and sort it by that field...I'm fairly certain that you can't simply drop an "Order By" clause in the command statement...
0
 
LVL 8

Assisted Solution

by:NovoNordisk
NovoNordisk earned 65 total points
Comment Utility
Yes you need an array like:

Dim arrNames()
intSize = 0

Set objGroup = GetObject("LDAP://CN=Accountants,OU=Finance,DC=fabrikam,DC=com")

For Each strUser in objGroup.Member
    Set objUser =  GetObject("LDAP://" & strUser)
    ReDim Preserve arrNames(intSize)
    arrNames(intSize) = objUser.givenName
    intSize = intSize + 1
Next

For i = (UBound(arrNames) - 1) to 0 Step -1
    For j= 0 to i
        If UCase(arrNames(j)) > UCase(arrNames(j+1)) Then
            strHolder = arrNames(j+1)
            arrNames(j+1) = arrNames(j)
            arrNames(j) = strHolder
        End If
    Next
Next

For Each strName in arrNames
    Response.write strName & "<br>"
Next

For more info see http://www.microsoft.com/technet/scriptcenter/resources/qanda/nov04/hey1122.mspx
0
 

Author Comment

by:MrPrince
Comment Utility
Many thanks for the help from both of you. It works great now. No more multiple updates!
0
 
LVL 8

Expert Comment

by:NovoNordisk
Comment Utility
Hmmm so although I provided an exact answer I only got assisted!?
0
 
LVL 67

Expert Comment

by:sirbounty
Comment Utility
Glad I could assist you.
Thanx.
0
 

Author Comment

by:MrPrince
Comment Utility
NovoNordisk, I clicked on your answer first, so i'm not sure why it was assigned as assisted. It should be the other way around, although i decided to equally award points - not to take anything away from sirbounty.
0

Featured Post

6 Surprising Benefits of Threat Intelligence

All sorts of threat intelligence is available on the web. Intelligence you can learn from, and use to anticipate and prepare for future attacks.

Join & Write a Comment

Have you ever needed to get an ASP script to wait for a while? I have, just to let something else happen. Or in my case, to allow other stuff to happen while I was murdering my MySQL database with an update. The Original Issue This was written…
Creating and Managing Databases with phpMyAdmin in cPanel.
Video by: Steve
Using examples as well as descriptions, step through each of the common simple join types, explaining differences in syntax, differences in expected outputs and showing how the queries run along with the actual outputs based upon a simple set of dem…
Polish reports in Access so they look terrific. Take yourself to another level. Equations, Back Color, Alternate Back Color. Write easy VBA Code. Tighten space to use less pages. Launch report from a menu, considering criteria only when it is filled…

728 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

10 Experts available now in Live!

Get 1:1 Help Now