ansaurus

Question

Binding to AD Objects (with varying locations)

Answer 1

A:

Do you just want to specify the hostname? Assuming that the rest of the AD structure is identical then you can just specify the server name in your binding string:

Set objBlahUser = GetObject("LDAP://yourserver.com/CN=" & objNetwork.UserName & ",OU=ADMigration,OU=Blah Users,DC=blah,DC=loc")

Tuzo 2009-08-04 21:46:51

Nope - the problem is within each domain. Domain Blah has some users in OU Blah Users, and other users in BlahBlah Users.

Izzy 2009-08-04 21:59:18

Do you know in advance what users have moved to what location? If so, you can construct the binding string even more dynamically than you are now (appending the OU, DC information etc. based on some criteria you know). If you know the potential OUs the user could be in and you know there will not be duplicate CNs across the OUs then another alternative might be to attempt to bind to one OU but if that fails attempt to bind to the other OU. But that is ugly and a performance hit.

Tuzo 2009-08-04 22:10:59

Answer 2

A:

So, there is no way to intrinsically search and select the object from the directory. I had to employ a separate function to search and return the DN of the object for later use.

userDN = GetUserDN(objNetwork.UserName,"server001","blah.loc")
If Not userDN = "Error" Then
    Set objBlahUser = GetObject("LDAP://" & userDN)
End if              



Function GetUserDN(strUserName, strServer, strDomain)
    On Error Resume Next

    Set objConnection = CreateObject("ADODB.Connection")
        objConnection.Provider = "ADsDSOObject"
        objConnection.Properties("User ID") = strDomain & "\ReadADAccount"
        objConnection.Properties("Password") = "ReadADAccountPwd"
        objConnection.Open "Active Directory Provider"


    Set objCommand = CreateObject("ADODB.Command")
    objCommand.ActiveConnection = objConnection

    objCommand.CommandText = _
        "<LDAP://" & strServer & ">;(&(objectCategory=User)" & _
             "(samAccountName=" & strUserName & "));distinguishedname;subtree"

    Set objRecordSet = objCommand.Execute

    If objRecordset.RecordCount = 0 Then
        GetUserDN = "Error"
    Else
        GetUserDN = objRecordSet(0).value
    End If

    objConnection.Close
End Function

Izzy 2009-08-05 16:25:11

Answer 3

+2 A:

The simplest way to do this is use the NameTranslate object which is built-in to Windows

Const ADS_NAME_INITTYPE_GC = 3
Const ADS_NAME_TYPE_NT4 = 3
Const ADS_NAME_TYPE_1779 = 1

strNTName = "MyDomain\TestUser"
Set objTrans = CreateObject("NameTranslate")
objTrans.Init ADS_NAME_INITTYPE_GC, ""
objTrans.Set ADS_NAME_TYPE_NT4, strNTName
strUserDN = objTrans.Get(ADS_NAME_TYPE_1779)

There is a great write up on this object here:

http://www.rlmueller.net/NameTranslateFAQ.htm

mrTomahawk 2009-08-11 18:01:37

That's awesome - thanks for the heads-up! Will definitely strip sizeable chunks of my future code out!

Izzy 2009-08-12 15:48:22

ansaurus

tags:

views:

answers:

Binding to AD Objects (with varying locations)

related questions