Querying Active Direct using T-SQL

I'm querying active directory using the syntax below.  The query returns no rows even though distinguishedName contains the characters "XYZ".  I'm attempting to do a "Like" comparison.  Records are returned when I use this "where" clause: Where sn = ''*lber*''
Select * 
From OpenQuery(ADSI,'Select distinguishedName
	, title
	, displayName
	, sAMAccountName
	, mail
	, mobile
	, department
	, manager
	, adspath
From  ''LDAP://DC=mydomain,DC=COM''
Where distinguishedName = ''*XYZ*''')

Open in new window

waverazorAsked:
Who is Participating?
 
Kevin CrossConnect With a Mentor Chief Technology OfficerCommented:
Most likely.  Therefore, another workaround is to use sAMAccountName, or other field, to get the match you need.  For example, if XYZ is the CN, the wildcard filter works on sAMAccountName.  I tried LDAP syntax, and wildcard search still did not work on distinguishedName.  Therefore, it appears it is specific to that column because it contains a path as adspath also fails.  There possibly is something on the LDAP settings that can help, but it has been too long.

You can click Request Attention and see if the Moderators can attract more Experts, especially in the Active Directory/LDAP topic areas, to see if they can offer more assistance.
0
 
Kevin CrossChief Technology OfficerCommented:
Hi.  The issue is it likely is not going down the subtree.  In other words, is the object you are searching on directly in the LDAP path you have in the FROM?  If not, you will need to tell it to search child containers.  I post an example shortly.

EDIT: hmm, it is not the subtree issue.  It is doing that properly.  I search on sAMAccountName and works fine.  I know I have used distinguishedName before, so testing before posting again.
0
 
Kevin CrossConnect With a Mentor Chief Technology OfficerCommented:
I do not recall having any issues with distinguishedName, but it appears it is not allowing wildcard searches just on that field.  If I type in the full distinguishedName, it finds the object just fine.

A workaround is to bring back everything (you can limit by object type or something else), then filter on the SQL side.

For example:
Select * 
From OpenQuery(ADSI,'Select distinguishedName
	, title
	, displayName
	, sAMAccountName
	, mail
	, mobile
	, department
	, manager
	, adspath
From  ''LDAP://DC=mydomain,DC=COM''
Where objectCategory = ''Person'' And objectClass = ''user''
')
Where distinguishedName Like '%XYZ%'
;

Open in new window

0
 
waverazorAuthor Commented:
I have a 1,000 row limit on queries.  Will the OpenQuery stop at the 1,000 row limit before before the second "where" clause filters?
0
All Courses

From novice to tech pro — start learning today.