Improve company productivity with a Business Account.Sign Up

x
  • Status: Solved
  • Priority: Medium
  • Security: Public
  • Views: 284
  • Last Modified:

Help with LDAP query

Hi

I am running Windows 2008 DC's. I have an application running on a seperate Windows 2003 server and I want the app to perform an LDAP call. Within the app, the only fields I have to input are:

Query Root:
Query:

The DC I want to use is dc31.domain.com. It is located in Domain\domain controllers OU.

I want the query to run at the root of my domain so it captures all users and objects. I know what the query should be, but what should the query root be so that I can also have the DC listed in there?

Secondly, if I wanted the query to only search within an OU named Marketing that was located in Domain\UK\Marketing, how would the Query root look?


0
tomd1976
Asked:
tomd1976
  • 5
  • 3
1 Solution
 
ToxaconCommented:
Try Query Root

LDAP://dc31.domain.com

Open in new window


And for Query

(objectClass=*)

Open in new window

0
 
tomd1976Author Commented:
Hi

Regarding Query Root, that just specifies the DC's doesn't it? It doesn't actually tell the app where to search?

And what if I wanted to change where the app searches, as per question #2?
0
 
ToxaconCommented:
It greatly depends on the software if it adds the mandatory LDAP:// prefix...

LDAP://dc31.domain.com/ou=Marketing,ou=UK,dc=domain,dc=com

Open in new window

0
Problems using Powershell and Active Directory?

Managing Active Directory does not always have to be complicated.  If you are spending more time trying instead of doing, then it's time to look at something else. For nearly 20 years, AD admins around the world have used one tool for day-to-day AD management: Hyena. Discover why

 
ToxaconCommented:
Oh, I reread your comment... If you specify server name, you bind to that specific server and not to defaultNamingContext (serverless binding).
0
 
tomd1976Author Commented:
Hi

Ok, so I don't need to specify the actual location of the DC in the LDAP string, it's just:

LDAP://<dc>/<location where I want to run the query>

Am I correct?

And how do you mean defaultnamingcontext? Are you saying there's a way to run the query without specifying a DC (better for us in case DC goes offline)
0
 
ToxaconCommented:
No, you don't have to specify the server if you make a query from a computer that "knows" where to find the DC for the LDAP path. A domain member is that kind of a computer.

Your defaultNamingContext is

dc=domain,dc=com

Open in new window


You can run an LDAP query without knowing the name of the server:

LDAP://ou=Marketing,ou=UK,dc=domain,dc=com

Open in new window


with the example above you can bind to Marketing OU without a need to specify a server.
0
 
tomd1976Author Commented:
So for Query Root, we can just run:

LDAP://ou=Marketing,ou=UK,dc=domain,dc=com

It will automatically find the closest DC? Or will just find any DC?
0
 
ToxaconCommented:
It will propably choose the server that authenticated you but basically, it's able to choose any server, while it prefers servers on the same AD Site.
0
Question has a verified solution.

Are you are experiencing a similar issue? Get a personalized answer when you ask a related question.

Have a better answer? Share it in a comment.

Join & Write a Comment

Featured Post

Get expert help—faster!

Need expert help—fast? Use the Help Bell for personalized assistance getting answers to your important questions.

  • 5
  • 3
Tackle projects and never again get stuck behind a technical roadblock.
Join Now