[2 days left] What’s wrong with your cloud strategy? Learn why multicloud solutions matter with Nimble Storage.Register Now

x
?
Solved

LDAP Connection String Values

Posted on 2009-04-05
2
Medium Priority
?
9,024 Views
Last Modified: 2013-12-24
We have an application that integrates to LDAP.  The example string the vendor shows is:  'LDAP://DomainNm/ou=US,dc=company,dc=com'; however, our domain name is simply company.local.  Does this mean that the string it wants looks like LDAP://company.local,dc=company,dc=local?  I'm not sure if the "/ou=US" is something that is optional, or something that's always required.  Is there an easy way (using adsiedit, perhaps) to determine the proper string for this?

Thanks!
0
Comment
Question by:Chuck Brown
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
2 Comments
 
LVL 8

Expert Comment

by:jwarnken
ID: 24074269
This is something that depends on the structure of you domain.
I would use the rootDSE and "defaultNamingContext" from this example script to make your script dynamic enough to run in any domain
' Users .vbs
' Sample VBScript to create a User in Users .
' Author Guy Thomas http://Computerperformance.co.uk/
' Version 1.3 - September 2005
' ------------------------------------------------------'
Option Explicit
Dim strUser
Dim objRootLDAP, objContainer, objNewUser
strUser = "DomGuy2"
 
' Bind to Active Directory, Users container.
Set objRootLDAP = GetObject("LDAP://rootDSE")
Set objContainer = GetObject("LDAP://cn=Users," & _
objRootLDAP.Get("defaultNamingContext"))
 
' Build the actual User.
Set objNewUser = objContainer.Create("User", "cn=" & strUser)
objNewUser.Put "sAMAccountName", strUser
objNewUser.SetInfo
 
WScript.Quit
 
' End of free sample Create Users VBScript.

Open in new window

0
 
LVL 71

Accepted Solution

by:
Chris Dent earned 2000 total points
ID: 24076000

> Does this mean that the string it wants looks like LDAP://company.local,dc=company,dc=local?  

It would be:

LDAP://company.local/DC=company,DC=local

It splits into:

<Port>://<Server>/<LDAPBase>

Server in this case is "company.local", if you run "nslookup company.local" you should get back the IP address for each of your Domain Controllers which is why it works quite happily.

In their example they start their search / synchronisation at an Organisational Unit called USA (and everything beneath that). If you wanted to start yours at an OU called All Offices you would write it as:

LDAP://company.local/OU=All Offices,DC=company,DC=local

All it does it help you limit the search, preventing the inclusion of unwanted users / details on the system (typically to avoid the inclusion of all the default accounts, Administrator, Guest, etc, etc).

Chris
0

Featured Post

Learn how to optimize MySQL for your business need

With the increasing importance of apps & networks in both business & personal interconnections, perfor. has become one of the key metrics of successful communication. This ebook is a hands-on business-case-driven guide to understanding MySQL query parameter tuning & database perf

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

This post looks at MongoDB and MySQL, and covers high-level MongoDB strengths, weaknesses, features, and uses from the perspective of an SQL user.
What we learned in Webroot's webinar on multi-vector protection.
This is a high-level webinar that covers the history of enterprise open source database use. It addresses both the advantages companies see in using open source database technologies, as well as the fears and reservations they might have. In this…
In this video, Percona Solutions Engineer Barrett Chambers discusses some of the basic syntax differences between MySQL and MongoDB. To learn more check out our webinar on MongoDB administration for MySQL DBA: https://www.percona.com/resources/we…
Suggested Courses

656 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question