• Status: Solved
  • Priority: Medium
  • Security: Public
  • Views: 9073
  • Last Modified:

LDAP Connection String Values

We have an application that integrates to LDAP.  The example string the vendor shows is:  'LDAP://DomainNm/ou=US,dc=company,dc=com'; however, our domain name is simply company.local.  Does this mean that the string it wants looks like LDAP://company.local,dc=company,dc=local?  I'm not sure if the "/ou=US" is something that is optional, or something that's always required.  Is there an easy way (using adsiedit, perhaps) to determine the proper string for this?

Chuck Brown
Chuck Brown
1 Solution
This is something that depends on the structure of you domain.
I would use the rootDSE and "defaultNamingContext" from this example script to make your script dynamic enough to run in any domain
' Users .vbs
' Sample VBScript to create a User in Users .
' Author Guy Thomas http://Computerperformance.co.uk/
' Version 1.3 - September 2005
' ------------------------------------------------------'
Option Explicit
Dim strUser
Dim objRootLDAP, objContainer, objNewUser
strUser = "DomGuy2"
' Bind to Active Directory, Users container.
Set objRootLDAP = GetObject("LDAP://rootDSE")
Set objContainer = GetObject("LDAP://cn=Users," & _
' Build the actual User.
Set objNewUser = objContainer.Create("User", "cn=" & strUser)
objNewUser.Put "sAMAccountName", strUser
' End of free sample Create Users VBScript.

Open in new window

Chris DentPowerShell DeveloperCommented:

> Does this mean that the string it wants looks like LDAP://company.local,dc=company,dc=local?  

It would be:


It splits into:


Server in this case is "company.local", if you run "nslookup company.local" you should get back the IP address for each of your Domain Controllers which is why it works quite happily.

In their example they start their search / synchronisation at an Organisational Unit called USA (and everything beneath that). If you wanted to start yours at an OU called All Offices you would write it as:

LDAP://company.local/OU=All Offices,DC=company,DC=local

All it does it help you limit the search, preventing the inclusion of unwanted users / details on the system (typically to avoid the inclusion of all the default accounts, Administrator, Guest, etc, etc).

Question has a verified solution.

Are you are experiencing a similar issue? Get a personalized answer when you ask a related question.

Have a better answer? Share it in a comment.

Join & Write a Comment

Featured Post

Get expert help—faster!

Need expert help—fast? Use the Help Bell for personalized assistance getting answers to your important questions.

Tackle projects and never again get stuck behind a technical roadblock.
Join Now