?
Solved

LDAP Connection String Values

Posted on 2009-04-05
2
Medium Priority
?
9,005 Views
Last Modified: 2013-12-24
We have an application that integrates to LDAP.  The example string the vendor shows is:  'LDAP://DomainNm/ou=US,dc=company,dc=com'; however, our domain name is simply company.local.  Does this mean that the string it wants looks like LDAP://company.local,dc=company,dc=local?  I'm not sure if the "/ou=US" is something that is optional, or something that's always required.  Is there an easy way (using adsiedit, perhaps) to determine the proper string for this?

Thanks!
0
Comment
Question by:Chuck Brown
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
2 Comments
 
LVL 8

Expert Comment

by:jwarnken
ID: 24074269
This is something that depends on the structure of you domain.
I would use the rootDSE and "defaultNamingContext" from this example script to make your script dynamic enough to run in any domain
' Users .vbs
' Sample VBScript to create a User in Users .
' Author Guy Thomas http://Computerperformance.co.uk/
' Version 1.3 - September 2005
' ------------------------------------------------------'
Option Explicit
Dim strUser
Dim objRootLDAP, objContainer, objNewUser
strUser = "DomGuy2"
 
' Bind to Active Directory, Users container.
Set objRootLDAP = GetObject("LDAP://rootDSE")
Set objContainer = GetObject("LDAP://cn=Users," & _
objRootLDAP.Get("defaultNamingContext"))
 
' Build the actual User.
Set objNewUser = objContainer.Create("User", "cn=" & strUser)
objNewUser.Put "sAMAccountName", strUser
objNewUser.SetInfo
 
WScript.Quit
 
' End of free sample Create Users VBScript.

Open in new window

0
 
LVL 71

Accepted Solution

by:
Chris Dent earned 2000 total points
ID: 24076000

> Does this mean that the string it wants looks like LDAP://company.local,dc=company,dc=local?  

It would be:

LDAP://company.local/DC=company,DC=local

It splits into:

<Port>://<Server>/<LDAPBase>

Server in this case is "company.local", if you run "nslookup company.local" you should get back the IP address for each of your Domain Controllers which is why it works quite happily.

In their example they start their search / synchronisation at an Organisational Unit called USA (and everything beneath that). If you wanted to start yours at an OU called All Offices you would write it as:

LDAP://company.local/OU=All Offices,DC=company,DC=local

All it does it help you limit the search, preventing the inclusion of unwanted users / details on the system (typically to avoid the inclusion of all the default accounts, Administrator, Guest, etc, etc).

Chris
0

Featured Post

Will your db performance match your db growth?

In Percona’s white paper “Performance at Scale: Keeping Your Database on Its Toes,” we take a high-level approach to what you need to think about when planning for database scalability.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Azure Functions is a solution for easily running small pieces of code, or "functions," in the cloud. This article shows how to create one of these functions to write directly to Azure Table Storage.
In this article, we’ll look at how to deploy ProxySQL.
Video by: Steve
Using examples as well as descriptions, step through each of the common simple join types, explaining differences in syntax, differences in expected outputs and showing how the queries run along with the actual outputs based upon a simple set of dem…
Polish reports in Access so they look terrific. Take yourself to another level. Equations, Back Color, Alternate Back Color. Write easy VBA Code. Tighten space to use less pages. Launch report from a menu, considering criteria only when it is filled…

777 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question