|
server
newsgroups
|
|||||||||||||||||||||||
|
|||||||||||||||||||||||
Can't get simple LDAP script to work
I'm new to LDAP. I'm trying to use the script below (copied from Technet) to list all of the members in an AD group. I'm struggling with this, and wondered if anybody could help me out. The script is: On Error Resume Next Set objGroup = GetObject _ ("LDAP://cn=Scientists,ou=R&D,dc=NA,dc=fabrikam,dc=com") objGroup.GetInfo arrMemberOf = objGroup.GetEx("member") WScript.Echo "Members:" For Each strMember in arrMemberOf WScript.echo strMember Next My group is called "Accounts", which is under a folder called "Company" in Active Directory and users. The domain name is mycompany- uk.com. The best I can come up with is: Set objGroup = GetObject _ ("LDAP://cn=Accounts,ou=Company,dc=mycompany-uk,dc=com") Unfortunately this doesn't work. What am I doing wrong? Sorry if this is a daft question. Thanks for any help, Colin Sorry, I meant to add, that the error I get is:
Automation Error A referral was returned from the Server I'm using this LDAP query inside AD
(&(objectCategory=person)(objectClass=user)(memberOf=CN=groupname,OU=Data,OU=Groups,DC=test,DC=msft,DC=net)) The Object Class is memberof On Thu, 04 Oct 2007 12:20:02 -0000, Bobby <bob***@blueyonder.co.uk> wrote: Show quote >Sorry, I meant to add, that the error I get is: > >Automation Error >A referral was returned from the Server Ok, panic over. I found a thread called "scripting newbie", and this
answers my question. Thanks Richard, Colin On 4 Oct, 11:23, Bobby <bob***@blueyonder.co.uk> wrote:
Show quote > Hi Just in case anybody is interested, here's some code I wrote in Access> I'm new to LDAP. I'm trying to use the script below (copied from > Technet) to list all of the members in an AD group. I'm struggling > with this, and wondered if anybody could help me out. The script is: > > On Error Resume Next > > Set objGroup = GetObject _ > ("LDAP://cn=Scientists,ou=R&D,dc=NA,dc=fabrikam,dc=com") > objGroup.GetInfo > > arrMemberOf = objGroup.GetEx("member") > > WScript.Echo "Members:" > For Each strMember in arrMemberOf > WScript.echo strMember > Next > > My group is called "Accounts", which is under a folder called > "Company" in Active Directory and users. The domain name is mycompany- > uk.com. The best I can come up with is: > > Set objGroup = GetObject _ > ("LDAP://cn=Accounts,ou=Company,dc=mycompany-uk,dc=com") > > Unfortunately this doesn't work. What am I doing wrong? > > Sorry if this is a daft question. Thanks for any help, > > Colin to determine if a user is a member of the Accounts group. Ok, I know it's not the greatest code in the World, but it's simple and it works: Function fGetAccountsUsers() As Boolean ' returns all of the members of the Accounts group Set objGroup = GetObject _ ("LDAP://cn=Accounts,ou=MyCompany,dc=MyDomain,dc=local") objGroup.GetInfo arrmemberof = objGroup.GetEx("member") For Each strmember In arrmemberof If InStr(strmember, "User Name") Then fGetAccountsUsers = True Exit Function End If Next fGetAccountsUsers = False End Function
Show quote
"Bobby" <bob***@blueyonder.co.uk> wrote in message A few points that might cause this to work less than perfectly in some news:1191573358.712494.70590@22g2000hsm.googlegroups.com... > On 4 Oct, 11:23, Bobby <bob***@blueyonder.co.uk> wrote: >> Hi >> I'm new to LDAP. I'm trying to use the script below (copied from >> Technet) to list all of the members in an AD group. I'm struggling >> with this, and wondered if anybody could help me out. The script is: >> >> On Error Resume Next >> >> Set objGroup = GetObject _ >> ("LDAP://cn=Scientists,ou=R&D,dc=NA,dc=fabrikam,dc=com") >> objGroup.GetInfo >> >> arrMemberOf = objGroup.GetEx("member") >> >> WScript.Echo "Members:" >> For Each strMember in arrMemberOf >> WScript.echo strMember >> Next >> >> My group is called "Accounts", which is under a folder called >> "Company" in Active Directory and users. The domain name is mycompany- >> uk.com. The best I can come up with is: >> >> Set objGroup = GetObject _ >> ("LDAP://cn=Accounts,ou=Company,dc=mycompany-uk,dc=com") >> >> Unfortunately this doesn't work. What am I doing wrong? >> >> Sorry if this is a daft question. Thanks for any help, >> >> Colin > > Just in case anybody is interested, here's some code I wrote in Access > to determine if a user is a member of the Accounts group. Ok, I know > it's not the greatest code in the World, but it's simple and it works: > > Function fGetAccountsUsers() As Boolean > > ' returns all of the members of the Accounts group > > Set objGroup = GetObject _ > ("LDAP://cn=Accounts,ou=MyCompany,dc=MyDomain,dc=local") > > objGroup.GetInfo > > arrmemberof = objGroup.GetEx("member") > > For Each strmember In arrmemberof > If InStr(strmember, "User Name") Then > fGetAccountsUsers = True > Exit Function > End If > Next > > fGetAccountsUsers = False > > End Function situations: - membership through nested groups will not be discovered. - if user SmithXX is a member but user SmithX is not, SmithX will be deemed a member because "SmithX" will be found within "SmithXX" - any user account that is coincidentally found in the adspath will appear to be a member, for example, users Acco, and MyCom. /Al  |
|||||||||||||||||||||||
Other interesting topics