• Status: Solved
  • Priority: Medium
  • Security: Public
  • Views: 1485
  • Last Modified:

How do I query an external LDAP server and add it to exchange address list

I am trying to query ldap information from an external server I have no administrative control on and from that query I want it displayed in an exchange address list. The ldap server does work from outlook but I need a way to do this from the server. I do also have to authenticate to the ldap server with a username and password.
0
tcomp
Asked:
tcomp
  • 6
  • 4
1 Solution
 
GundogTrainerCommented:
Can I confirm what you require::
1. Retrieve a list of Contacts form an LDAP source.
2. Create contacts on your exchange for these addresses so they are available in the Global Address list.

If there are hundreds of addresses and you need to keep them in sync - so old ones are deleted when new ones are created you may need to use something like SimpleSync.
If there are not so many or you not worried about deleting the contacts and recreating them every now and again they you can use a vbscript to build a list of contacts to be created and then create them.

If this seems OK, you will need to provide the property names you want to copy, eg First name, Surname,email address.
0
 
tcompAuthor Commented:
I think the fields are just their name and email and I was looking for a vbscript way to do this but not too sure where to get started. Yes both the 2 requirements you posted are what we need. Basically we want the end-user to be able to send an email to this ldap address from their blackberry, owa, and be able to manage this globally rather than by adding an ldap book in outlook like we currently do.

Also please note that the ldap server does require us to authenticate and enter a search base.
0
 
GundogTrainerCommented:
OK,
This wont be a quick solution and will need to be tweaked to get it to work - I dont suppose you know what kind of directory the external LDAP server is do you ?

Lets see if we can break this into easier steps.
Firstly can we write a script to retrieve the data from the LDAP source to a file.
See the attached code,
Set the username and password on line 1 & 2
Set the Servername and basepath on line 4

run it with cscript and see if it does anything. this is where you may may need to tweak things.
If you can get it to run and produce an output then we can try to add the additional properties to retrive to line 4 (givenname,sn,displayname etc).

LdapConUN="username"
LdapConPW="Password"

 strSQL = "<LDAP://the.server.com:389/ou=somebasepathhere>;(mail=*);cn,mail;subtree"
 Set LdapConn = CreateObject("ADODB.Connection")
 Set LdapCommand = CreateObject("ADODB.Command")
 LdapConn.Provider = "ADSDSOObject"
 Ldapconn.Open "Active Directory Provider" ,LdapConUN,LdapConPW
 set LdapCommand.Activeconnection = LdapConn
 LdapCommand.commandtext = strSQL
 LdapCommand.Properties("Page Size")=100
 Set LdapRs = LdapCommand.Execute

 wscript.echo LdapRsrecordcount 

  Do While Not LdapRs.EOF Or LdapRs.BOF
    strEmail=LdapRs.fields("mail")
    'strFName=LdapRs.fields("sn")
    'strSName=LdapRs.fields("givenName")

    wscript.echo "Call Addcontact " & chr(34) & strEmail & chr(34) & " " & strFName & " " & strSName
    
    LdapRs.MoveNext
  Loop

Open in new window

0
Problems using Powershell and Active Directory?

Managing Active Directory does not always have to be complicated.  If you are spending more time trying instead of doing, then it's time to look at something else. For nearly 20 years, AD admins around the world have used one tool for day-to-day AD management: Hyena. Discover why

 
GundogTrainerCommented:
If you can get the 1st script to build a list then a a second script can create the Contacts from it.

Iif you create an specify an OU to create the contacts in then the following should work.
if you save it as createContact.vbs then you could try this.

if you create an Addcontact.bat with the following
cscript.exe //nologo CreateContact.vbs %1 %2

The you can just use the command:
addcontact "testcontact@somedomain.com" "zzTest Contact 123"
so you can use the first script to create a bat file to create the contacts



Dim objArgs
Dim objRoot, objOU, objDomain, objContact, strYourDescription
Dim strDNS, strContainer, strContactName, strEmail

set objArgs = wscript.arguments
if objArgs.count<>2 then 
wscript.echo "Wrong number of arguments - quiting"
wscript.quit
end if
' Set string variables
strContainer = "OU=ExternalLDAP,OU=Contacts"
strContactCN = "cn=" & objArgs(0)
strEmail = objArgs(0)
strDisplayname = objArgs(1)

' Section to attach to Active Directory
Set objRoot = GetObject("LDAP://rootDSE")
strDNS = objRoot.Get("defaultNamingContext")
Set objDomain = GetObject("LDAP://" & strDNS)

' Section to create the contact
Set objOU = GetObject("LDAP://"& strContainer & "," & strDNS)
Set objContact = objOU.Create("contact", strContactCN)
objContact.Put "Mail", strEmail
objContact.displayname = strDisplayname
objContact.SetInfo

Open in new window

0
 
tcompAuthor Commented:
The first script is pulling in the email and displaying it on the screen as it should. What format will it need to be saved in a file too for the second script to see it and import them as Mail Contacts into AD?
0
 
tcompAuthor Commented:
The fields I need are:

Name, email, email type, Business Phone, Office, Title, Company

Thank you for your help so far.
0
 
GundogTrainerCommented:
OK, good to see its starting to work.
I was thinking that a goSync.bat with the following:

cscript.exe //nologo GetContacts.vbs >tmpContacts.bat
tmpContacts.bat

that way you have a hard copy of the contacts and you can see whats going on and you only have to worry about 1 thing at a time.


in the first script we need to identify the LDAP names for the attributes
Name, email, email type, Business Phone, Office, Title, Company
and add them to the attributes to be returned by the query in bold below:
strSQL = "<LDAP://the.server.com:389/ou=somebasepathhere>;(mail=*);cn,mail;subtree"

try adding the following (1 at a time) to see if they work
Displayname,telephonenumber,officelocation,title,company
(I dont know what you mean by "email type" so I have ignored it for now)

and after the line strEmail=LdapRs.fields("mail")
add a corresponding line for each new attribute in the form:

if len(LdapRs.fields("attributenamehere"))>0 then strWhatever= LdapRs.fields("attributenamehere") else strWhatever=""
some of the attributes may not have a value and otherwise they will cause an error.
Then you can just add the attribute to the output string line by adding:
& " " & strWhatever
0
 
tcompAuthor Commented:
Here is the code I modified to get everything I need and puts it into a CSV. One question is how can I tell it in the LDAP string to only gather the fields info if it is not NULL?

Otherwise I end up with a line like this:

Joe, Black, Joe Black, Joe@website.com,,,,,,,,,,,,,,,

I just want to prevent all those ending commas that happen when a field has no data.
LdapConUN="USERNAME"
LdapConPW="PASSWORD"

 strSQL = "<LDAP://SERVER.COM:389/ou=*****,dc=***,dc=***>;(mail=*);givenname, sn, cn, mailNickname, mail, Title, company, department, streetAddress, physicalDeliveryOfficeName, L, co, postalCode;subtree"
 Set LdapConn = CreateObject("ADODB.Connection")
 Set LdapCommand = CreateObject("ADODB.Command")
 LdapConn.Provider = "ADSDSOObject"
 Ldapconn.Open "Active Directory Provider" ,LdapConUN,LdapConPW
 set LdapCommand.Activeconnection = LdapConn
 LdapCommand.commandtext = strSQL
 LdapCommand.Properties("Page Size")=100
 Set LdapRs = LdapCommand.Execute

 wscript.echo LdapRsrecordcount 

  Do While Not LdapRs.EOF Or LdapRs.BOF
    strGivenName=LdapRs.fields("givenname")
    strSN=LdapRs.fields("SN")
    strCN=LdapRs.fields("CN")
    strMailNickName=LdapRs.fields("mailNickname")
    strEmail=LdapRs.fields("mail")
    strTitle=LdapRs.fields("Title")
    strCompany=LdapRs.fields("company")
    strDepartment=LdapRs.fields("department")
    strAddress=LdapRs.fields("streetAddress")
    strOffice=LdapRs.fields("physicalDeliveryOfficeName")
    strL=LdapRs.fields("l")
    strCO=LdapRs.fields("co")
    strPostalCode=LdapRs.fields("postalCode")

    wscript.echo strGivenName & "," & strSN & "," & strCN & "," & strMailNickname & "," & strEmail & "," & strTitle & "," & strCompany & "," & strDepartment & "," & strAddress & "," & strOffice & "," & strL & "," & strCO & "," & strPostalCode
    
    LdapRs.MoveNext
  Loop

Open in new window

0
 
GundogTrainerCommented:
OK,
first off I wouldnt worry about the empty fields - if you dont have the empty values then you wont know for example if field 5 should actualy be 6,7,8 or 9 if you dont output empty fields.

Anyway you could do the creating within the script if your passing a lot of values, and just use the output as a log file.

for testing purposes I would set the filter to only return a single record by setting a specific mail address as per thefirst line example below.
strSQL = "<LDAP://SERVER.COM:389/ou=*****,dc=***,dc=***>;(mail=doozer@fraggle.rock);givenname, sn, cn, mailNickname, mail, Title, company, department, streetAddress, physicalDeliveryOfficeName, L, co, postalCode;subtree"
 Set LdapConn = CreateObject("ADODB.Connection")
 Set LdapCommand = CreateObject("ADODB.Command")
 LdapConn.Provider = "ADSDSOObject"
 Ldapconn.Open "Active Directory Provider" ,LdapConUN,LdapConPW
 set LdapCommand.Activeconnection = LdapConn
 LdapCommand.commandtext = strSQL
 LdapCommand.Properties("Page Size")=100
 Set LdapRs = LdapCommand.Execute

 wscript.echo LdapRsrecordcount 

' Section to attach to Active Directory
Set objRoot = GetObject("LDAP://rootDSE")
strDNS = objRoot.Get("defaultNamingContext")
strContainer = "OU=ExternalLDAP,OU=Contacts"
Set objDomain = GetObject("LDAP://" & strDNS)

Set objOU = GetObject("LDAP://"& strContainer & "," & strDNS)

  Do While Not LdapRs.EOF Or LdapRs.BOF
    strGivenName=LdapRs.fields("givenname")
    strSN=LdapRs.fields("SN")
    strCN=LdapRs.fields("CN")
    strMailNickName=LdapRs.fields("mailNickname")
    strEmail=LdapRs.fields("mail")
    strTitle=LdapRs.fields("Title")
    strCompany=LdapRs.fields("company")
    strDepartment=LdapRs.fields("department")
    strAddress=LdapRs.fields("streetAddress")
    strOffice=LdapRs.fields("physicalDeliveryOfficeName")
    strL=LdapRs.fields("l")
    strCO=LdapRs.fields("co")
    strPostalCode=LdapRs.fields("postalCode")

    wscript.echo strGivenName & "," & strSN & "," & strCN & "," & strMailNickname & "," & strEmail & "," & strTitle & "," & strCompany & "," & strDepartment & "," & strAddress & "," & strOffice & "," & strL & "," & strCO & "," & strPostalCode

    strContactCN = "cn=" & strEmail
    strDisplayname = strGivenName & " " & strSN
    ' Section to create the contact

    'Ignore errors if the contact already exists.
    On Error Resume next
    Set objContact = objOU.Create("contact", strContactCN)
    on error goto 0

    objContact.Put "Mail", strEmail
    objContact.displayname = strDisplayname
    objContact.Put "SN",strSN
    objContact.Put "Givenname",strGivenName
    objContact.Put "physicalDeliveryOfficeName",strOffice
    objContact.SetInfo
    set objcontact=nothing
    
    LdapRs.MoveNext
  Loop

Open in new window

0
 
GundogTrainerCommented:
Did you get anywhere with the above or has been abandoned ?
0

Featured Post

[Webinar] Kill tickets & tabs using PowerShell

Are you tired of cycling through the same browser tabs everyday to close the same repetitive tickets? In this webinar JumpCloud will show how you can leverage RESTful APIs to build your own PowerShell modules to kill tickets & tabs using the PowerShell command Invoke-RestMethod.

  • 6
  • 4
Tackle projects and never again get stuck behind a technical roadblock.
Join Now