Help with LDAP query

Hi

I am running Windows 2008 DC's. I have an application running on a seperate Windows 2003 server and I want the app to perform an LDAP call. Within the app, the only fields I have to input are:

Query Root:
Query:

The DC I want to use is dc31.domain.com. It is located in Domain\domain controllers OU.

I want the query to run at the root of my domain so it captures all users and objects. I know what the query should be, but what should the query root be so that I can also have the DC listed in there?

Secondly, if I wanted the query to only search within an OU named Marketing that was located in Domain\UK\Marketing, how would the Query root look?


tomd1976Asked:
Who is Participating?
 
ToxaconConnect With a Mentor Commented:
No, you don't have to specify the server if you make a query from a computer that "knows" where to find the DC for the LDAP path. A domain member is that kind of a computer.

Your defaultNamingContext is

dc=domain,dc=com

Open in new window


You can run an LDAP query without knowing the name of the server:

LDAP://ou=Marketing,ou=UK,dc=domain,dc=com

Open in new window


with the example above you can bind to Marketing OU without a need to specify a server.
0
 
ToxaconCommented:
Try Query Root

LDAP://dc31.domain.com

Open in new window


And for Query

(objectClass=*)

Open in new window

0
 
tomd1976Author Commented:
Hi

Regarding Query Root, that just specifies the DC's doesn't it? It doesn't actually tell the app where to search?

And what if I wanted to change where the app searches, as per question #2?
0
Easily manage email signatures in Office 365

Managing email signatures in Office 365 can be a challenging task if you don't have the right tool. CodeTwo Email Signatures for Office 365 will help you implement a unified email signature look, no matter what email client is used by users. Test it for free!

 
ToxaconCommented:
It greatly depends on the software if it adds the mandatory LDAP:// prefix...

LDAP://dc31.domain.com/ou=Marketing,ou=UK,dc=domain,dc=com

Open in new window

0
 
ToxaconCommented:
Oh, I reread your comment... If you specify server name, you bind to that specific server and not to defaultNamingContext (serverless binding).
0
 
tomd1976Author Commented:
Hi

Ok, so I don't need to specify the actual location of the DC in the LDAP string, it's just:

LDAP://<dc>/<location where I want to run the query>

Am I correct?

And how do you mean defaultnamingcontext? Are you saying there's a way to run the query without specifying a DC (better for us in case DC goes offline)
0
 
tomd1976Author Commented:
So for Query Root, we can just run:

LDAP://ou=Marketing,ou=UK,dc=domain,dc=com

It will automatically find the closest DC? Or will just find any DC?
0
 
ToxaconCommented:
It will propably choose the server that authenticated you but basically, it's able to choose any server, while it prefers servers on the same AD Site.
0
All Courses

From novice to tech pro — start learning today.