• Status: Solved
  • Priority: Medium
  • Security: Public
  • Views: 3884
  • Last Modified:

Retrieving Users from Active directory using linked server ADSI with parameters

I've linked my Active Directory Server to the SQL Server. When I issue the command blow I only recieve 1000 records:

select count(saMAccountname)
from openquery
(
ADSI,'SELECT saMAccountname
FROM ''LDAP://MyADServer''
WHERE objectCategory = ''Person'' AND objectClass = ''user''

')

Since there are quite a bit more than 1000 I trid to supply a paremeter in a stored procuder, @UserID, to filter the query.

declare @SQLStr nvarchar(500)
set @SQLStr = 'OPENQUERY(ADSI, SELECT saMAccountname FROM ''LDAP://MyADServer''
WHERE objectCategory = ''Person'' AND objectClass = ''user''
AND saMAccountname = ''' + @Userid + '*'''

SELECT     saMAccountname AS userid
FROM       OPENQUERY(ADSI, @SQLStr)

This doesn't work though. I might be off here since I' not the best in SQL Syntax. Any suggestions?

Best Regards

Tomas
0
ekenman
Asked:
ekenman
  • 9
  • 8
1 Solution
 
Chris DentPowerShell DeveloperCommented:

Hi Tomas,

I have no idea how you might do this in SQL, but you need to enable Paging for the query.

The current limit is defined in AD to prevent searches swamping the system, enabling Paging will return multiple sets of 1000 results (per page), the client will read that as a single larger data-set.

Chris
0
 
ekenmanAuthor Commented:
Hi Chris,

I've tried ROW_NUMBER() OVER (saMAccountname)  but this results in an error preparing the question. Perhaps it is possible to page in a different way? I have no previous knowledge of LDAP....

Although the solution I would prefer is if it was possible to send parts of the userid as a parameter and receive a set of users from that. This to minimize the rescourses needed.

/Tomas
0
 
Chris DentPowerShell DeveloperCommented:

Hmmm it may be that there is no way to enable Paging at all:

http://support.microsoft.com/kb/299410

It's a bit of an old article but I can't find an update that states otherwise.

Onto the sAMAccountName filter because that would be better:

> saMAccountname = ''' + @Userid + '*'''

It looks like you have an extra quote mark. Or does this fail as well?

aMAccountname = ''' + @Userid + *'''

Or have you tried LIKE?

Chris
0
The new generation of project management tools

With monday.com’s project management tool, you can see what everyone on your team is working in a single glance. Its intuitive dashboards are customizable, so you can create systems that work for you.

 
ekenmanAuthor Commented:
Hi Chris,

No paging then...  

I think the quote marks are all right. The string looks allright if I do a SELET SQLStr, cut and paste it and run a new query. The thing is to pass the parameter inside the OPENQUERY() statement. It might not be doable????

I've tried LIKE, but that gives an error. The % wild card is not OK within the OPENQUERY either so it seems you have to use LDAP Syntax where I'm totaly lost. But I managed to figure the = and * out to get it to work.

This works perfectly:

select saMAccountname
from openquery
(
ADSI,'SELECT saMAccountname
FROM ''LDAP://MyADServer''
WHERE objectCategory = ''Person'' AND objectClass = ''user''
AND saMAccountname = ''HA*''
')

Now... How to get that parameter to replace the HA....
0
 
Chris DentPowerShell DeveloperCommented:

Can we use concatenation?

AND sAMAccountName = @Userid + '*'

Chris
0
 
ekenmanAuthor Commented:
No, tried that too... Incorrect syntax near +

Declare @Username nvarchar(50)
set @Username = 'HA'
select saMAccountname
from openquery
(
ADSI,'SELECT saMAccountname
FROM ''LDAP://MyADServer'
WHERE objectCategory = ''Person'' AND objectClass = ''user''
AND saMAccountname = ''' + @Username + '*''
')

0
 
Chris DentPowerShell DeveloperCommented:

Shouldn't it be:

Declare @Username nvarchar(50)
set @Username = 'HA'
select saMAccountname
from openquery
(
ADSI,'SELECT saMAccountname
FROM ''LDAP://MyADServer''
WHERE objectCategory = ''Person'' AND objectClass = ''user''
AND saMAccountname = @Username + ''*''
')

Shouldn't need the quotes for the parameter, should we? I assume the double-quoting is to escape it as it would normally be the end of the query string?

Sorry this is a bit vague, I didn't want to test it on my SQL server, it's a bit busy ;)

Chris
0
 
ekenmanAuthor Commented:
No, it doesn't work :(. After the "OPENQUERY(ADSI," the first Open Quotation mark for the whole SQL query starts, and ends just before the last bracket. And there seems to be no logic for parameters within theese. At least not with the Syntax we're trying...
0
 
Chris DentPowerShell DeveloperCommented:

Hmm that's really quite annoying. I'll see if I can get an SQL server running that won't mind if I add in the ADSI pieces.

Chris
0
 
ekenmanAuthor Commented:
Chris, It's very much appriciated!!
0
 
Chris DentPowerShell DeveloperCommented:

Odd, I can't use parameters at all in the query. Does it work if the user name is correct in the parameter?

Chris
0
 
ekenmanAuthor Commented:
You have to add a linked server to the AD-server first.

EXEC sp_addlinkedserver 'ADSI', 'Active Directory Services 2.5', 'ADSDSOObject', 'adsdatasource'

The first parameter, ADSI, is the name you'll use in querying the linked server. Active Directory Services 2.5 is the product name, ADSDSOObject is the provider, and adsdatasource is the built-in data source name
0
 
ekenmanAuthor Commented:
Oh... I missunderstood. You got it
0
 
ekenmanAuthor Commented:
No, I get the Error near +. I tried & also, any other suggestions?
0
 
Chris DentPowerShell DeveloperCommented:

Yeah, this one, it's messy, but it works. Need to be pretty careful with the apostrophe's in there, hell of a lot of them.

Chris
Declare @Username nvarchar(50)
set @Username = 'HA'
 
Declare @Query nvarchar(2000)
 
SET @Query = 'SELECT * FROM 
OPENQUERY(ADSI, 
''SELECT samAccountName, givenName, sn, legacyExchangeDN 
FROM ''''LDAP://DC=corp,DC=monitise,DC=net'''' 
WHERE objectClass=''''Person'''' 
AND objectClass = ''''User'''' 
AND sAMAccountName = ''''' + @Username + '*'''''') 
WHERE givenName IS NOT NULL'
 
EXEC(@Query)

Open in new window

0
 
ekenmanAuthor Commented:
Chris, You're the man!!! Thank you!!!!
0
 
Chris DentPowerShell DeveloperCommented:

Glad I could help :)

Chris
0

Featured Post

Free Tool: Subnet Calculator

The subnet calculator helps you design networks by taking an IP address and network mask and returning information such as network, broadcast address, and host range.

One of a set of tools we're offering as a way of saying thank you for being a part of the community.

  • 9
  • 8
Tackle projects and never again get stuck behind a technical roadblock.
Join Now