Solved

Retrieving Users from Active directory using linked server ADSI with parameters

Posted on 2008-10-13
17
3,589 Views
Last Modified: 2013-12-24
I've linked my Active Directory Server to the SQL Server. When I issue the command blow I only recieve 1000 records:

select count(saMAccountname)
from openquery
(
ADSI,'SELECT saMAccountname
FROM ''LDAP://MyADServer''
WHERE objectCategory = ''Person'' AND objectClass = ''user''

')

Since there are quite a bit more than 1000 I trid to supply a paremeter in a stored procuder, @UserID, to filter the query.

declare @SQLStr nvarchar(500)
set @SQLStr = 'OPENQUERY(ADSI, SELECT saMAccountname FROM ''LDAP://MyADServer''
WHERE objectCategory = ''Person'' AND objectClass = ''user''
AND saMAccountname = ''' + @Userid + '*'''

SELECT     saMAccountname AS userid
FROM       OPENQUERY(ADSI, @SQLStr)

This doesn't work though. I might be off here since I' not the best in SQL Syntax. Any suggestions?

Best Regards

Tomas
0
Comment
Question by:ekenman
  • 9
  • 8
17 Comments
 
LVL 70

Expert Comment

by:Chris Dent
ID: 22701070

Hi Tomas,

I have no idea how you might do this in SQL, but you need to enable Paging for the query.

The current limit is defined in AD to prevent searches swamping the system, enabling Paging will return multiple sets of 1000 results (per page), the client will read that as a single larger data-set.

Chris
0
 

Author Comment

by:ekenman
ID: 22701162
Hi Chris,

I've tried ROW_NUMBER() OVER (saMAccountname)  but this results in an error preparing the question. Perhaps it is possible to page in a different way? I have no previous knowledge of LDAP....

Although the solution I would prefer is if it was possible to send parts of the userid as a parameter and receive a set of users from that. This to minimize the rescourses needed.

/Tomas
0
 
LVL 70

Expert Comment

by:Chris Dent
ID: 22701185

Hmmm it may be that there is no way to enable Paging at all:

http://support.microsoft.com/kb/299410

It's a bit of an old article but I can't find an update that states otherwise.

Onto the sAMAccountName filter because that would be better:

> saMAccountname = ''' + @Userid + '*'''

It looks like you have an extra quote mark. Or does this fail as well?

aMAccountname = ''' + @Userid + *'''

Or have you tried LIKE?

Chris
0
 

Author Comment

by:ekenman
ID: 22701229
Hi Chris,

No paging then...  

I think the quote marks are all right. The string looks allright if I do a SELET SQLStr, cut and paste it and run a new query. The thing is to pass the parameter inside the OPENQUERY() statement. It might not be doable????

I've tried LIKE, but that gives an error. The % wild card is not OK within the OPENQUERY either so it seems you have to use LDAP Syntax where I'm totaly lost. But I managed to figure the = and * out to get it to work.

This works perfectly:

select saMAccountname
from openquery
(
ADSI,'SELECT saMAccountname
FROM ''LDAP://MyADServer''
WHERE objectCategory = ''Person'' AND objectClass = ''user''
AND saMAccountname = ''HA*''
')

Now... How to get that parameter to replace the HA....
0
 
LVL 70

Expert Comment

by:Chris Dent
ID: 22701249

Can we use concatenation?

AND sAMAccountName = @Userid + '*'

Chris
0
 

Author Comment

by:ekenman
ID: 22701317
No, tried that too... Incorrect syntax near +

Declare @Username nvarchar(50)
set @Username = 'HA'
select saMAccountname
from openquery
(
ADSI,'SELECT saMAccountname
FROM ''LDAP://MyADServer'
WHERE objectCategory = ''Person'' AND objectClass = ''user''
AND saMAccountname = ''' + @Username + '*''
')

0
 
LVL 70

Expert Comment

by:Chris Dent
ID: 22701337

Shouldn't it be:

Declare @Username nvarchar(50)
set @Username = 'HA'
select saMAccountname
from openquery
(
ADSI,'SELECT saMAccountname
FROM ''LDAP://MyADServer''
WHERE objectCategory = ''Person'' AND objectClass = ''user''
AND saMAccountname = @Username + ''*''
')

Shouldn't need the quotes for the parameter, should we? I assume the double-quoting is to escape it as it would normally be the end of the query string?

Sorry this is a bit vague, I didn't want to test it on my SQL server, it's a bit busy ;)

Chris
0
 

Author Comment

by:ekenman
ID: 22701373
No, it doesn't work :(. After the "OPENQUERY(ADSI," the first Open Quotation mark for the whole SQL query starts, and ends just before the last bracket. And there seems to be no logic for parameters within theese. At least not with the Syntax we're trying...
0
PRTG Network Monitor: Intuitive Network Monitoring

Network Monitoring is essential to ensure that computer systems and network devices are running. Use PRTG to monitor LANs, servers, websites, applications and devices, bandwidth, virtual environments, remote systems, IoT, and many more. PRTG is easy to set up & use.

 
LVL 70

Expert Comment

by:Chris Dent
ID: 22701386

Hmm that's really quite annoying. I'll see if I can get an SQL server running that won't mind if I add in the ADSI pieces.

Chris
0
 

Author Comment

by:ekenman
ID: 22701403
Chris, It's very much appriciated!!
0
 
LVL 70

Expert Comment

by:Chris Dent
ID: 22701456

Odd, I can't use parameters at all in the query. Does it work if the user name is correct in the parameter?

Chris
0
 

Author Comment

by:ekenman
ID: 22701473
You have to add a linked server to the AD-server first.

EXEC sp_addlinkedserver 'ADSI', 'Active Directory Services 2.5', 'ADSDSOObject', 'adsdatasource'

The first parameter, ADSI, is the name you'll use in querying the linked server. Active Directory Services 2.5 is the product name, ADSDSOObject is the provider, and adsdatasource is the built-in data source name
0
 

Author Comment

by:ekenman
ID: 22701477
Oh... I missunderstood. You got it
0
 

Author Comment

by:ekenman
ID: 22701485
No, I get the Error near +. I tried & also, any other suggestions?
0
 
LVL 70

Accepted Solution

by:
Chris Dent earned 500 total points
ID: 22701507

Yeah, this one, it's messy, but it works. Need to be pretty careful with the apostrophe's in there, hell of a lot of them.

Chris
Declare @Username nvarchar(50)

set @Username = 'HA'
 

Declare @Query nvarchar(2000)
 

SET @Query = 'SELECT * FROM 

OPENQUERY(ADSI, 

''SELECT samAccountName, givenName, sn, legacyExchangeDN 

FROM ''''LDAP://DC=corp,DC=monitise,DC=net'''' 

WHERE objectClass=''''Person'''' 

AND objectClass = ''''User'''' 

AND sAMAccountName = ''''' + @Username + '*'''''') 

WHERE givenName IS NOT NULL'
 

EXEC(@Query)

Open in new window

0
 

Author Comment

by:ekenman
ID: 22701527
Chris, You're the man!!! Thank you!!!!
0
 
LVL 70

Expert Comment

by:Chris Dent
ID: 22701531

Glad I could help :)

Chris
0

Featured Post

NAS Cloud Backup Strategies

This article explains backup scenarios when using network storage. We review the so-called “3-2-1 strategy” and summarize the methods you can use to send NAS data to the cloud

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Load balancing is the method of dividing the total amount of work performed by one computer between two or more computers. Its aim is to get more work done in the same amount of time, ensuring that all the users get served faster.
This article shows gives you an overview on SQL Server 2016 row level security. You will also get to know the usages of row-level-security and how it works
Using examples as well as descriptions, and references to Books Online, show the documentation available for date manipulation functions and by using a select few of these functions, show how date based data can be manipulated with these functions.
Via a live example, show how to extract insert data into a SQL Server database table using the Import/Export option and Bulk Insert.

911 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

22 Experts available now in Live!

Get 1:1 Help Now