B
Brendon Rogers
I have written a VBScript which pulls information from Active Directory and
creates a pretty HTML document which details number of computer accounts,
number of server accounts, number of user accounts, number of disabled users
etc etc. This all works fine.
I am now trying to get this code working in ASP so I can generate this info
on the fly from an intranet site. Using II5 on a W2K domain controller (yes
I am aware thats not ideal).
Here is my ASP code:
<%
Const ADS_UF_ACCOUNTDISABLE = 2
Set objConnection = Server.CreateObject("ADODB.Connection")
objConnection.Provider = "ADsDSOObject"
objConnection.Open "Active Directory Provider"
Set objCommand = CreateObject("ADODB.Command")
objCommand.ActiveConnection = objConnection
objCommand.CommandText =
"<LDAP://DC=domain,DC=com>;(objectCategory=User);name;subtree"
Set objRecordSet = objCommand.Execute
While Not objRecordset.EOF
intTotal = intTotal + 1
objRecordset.MoveNext
Wend
objConnection.Close
%>
My problem lies with objCommand.CommandText line; in my VBScript version I
am able to include all the fields which I require to work with later on:
objCommand.CommandText = _
"<GC://dc=domain,dc=com>;(objectCategory=User)" _
&
";userAccountControl,name,sAMAccountName,displayName,distinguishedName;subtr
ee"
However, with the ASP version if I use anything other than 'name' eg
objCommand.CommandText = "SELECT displayName FROM 'LDAP://DC=domain,DC=com'
WHERE objectCategory='User'" I get an ASP error:
Provider error '80004005'
Unspecified error
I have tried setting IIS perms to Integrated Authentication and am currently
using Basic Authentication (with SSL). I have also tried an authenticated
ADODB bind - objConnection.Open "Active Directory Provider",
"cn=Administrator,ou=Offices,DC=domain,DC=com", "myPassword" which I can
tell is working because I get permission denied if I change the password to
a bogus one.
Please can anyone tell me what I am doing wrong?
Thanks
Brendon
creates a pretty HTML document which details number of computer accounts,
number of server accounts, number of user accounts, number of disabled users
etc etc. This all works fine.
I am now trying to get this code working in ASP so I can generate this info
on the fly from an intranet site. Using II5 on a W2K domain controller (yes
I am aware thats not ideal).
Here is my ASP code:
<%
Const ADS_UF_ACCOUNTDISABLE = 2
Set objConnection = Server.CreateObject("ADODB.Connection")
objConnection.Provider = "ADsDSOObject"
objConnection.Open "Active Directory Provider"
Set objCommand = CreateObject("ADODB.Command")
objCommand.ActiveConnection = objConnection
objCommand.CommandText =
"<LDAP://DC=domain,DC=com>;(objectCategory=User);name;subtree"
Set objRecordSet = objCommand.Execute
While Not objRecordset.EOF
intTotal = intTotal + 1
objRecordset.MoveNext
Wend
objConnection.Close
%>
My problem lies with objCommand.CommandText line; in my VBScript version I
am able to include all the fields which I require to work with later on:
objCommand.CommandText = _
"<GC://dc=domain,dc=com>;(objectCategory=User)" _
&
";userAccountControl,name,sAMAccountName,displayName,distinguishedName;subtr
ee"
However, with the ASP version if I use anything other than 'name' eg
objCommand.CommandText = "SELECT displayName FROM 'LDAP://DC=domain,DC=com'
WHERE objectCategory='User'" I get an ASP error:
Provider error '80004005'
Unspecified error
I have tried setting IIS perms to Integrated Authentication and am currently
using Basic Authentication (with SSL). I have also tried an authenticated
ADODB bind - objConnection.Open "Active Directory Provider",
"cn=Administrator,ou=Offices,DC=domain,DC=com", "myPassword" which I can
tell is working because I get permission denied if I change the password to
a bogus one.
Please can anyone tell me what I am doing wrong?
Thanks
Brendon