Problem accessing AD through ADO/Lotusscript

hcl-bot · March 30, 2005, 9:19am

I have a piece of VB/VBS that works perfectly as a vbs and also in VB that does a lookup to Active Directory through ADO. The problem is in LotusScript. I’m getting a “Type Mismatch” error when it tries to execute objCommand.ActiveConnection = objConnection

I suspect that the ADODB.Connection object isn’t getting instanciated correctly. Does anyone have a guess why LotusScript is choking on this where vbs and vb have no problems on the same machine?

Here is the code:

Dim objConnection As Variant

Dim objCommand As Variant

Set objConnection = CreateObject(“ADODB.Connection”)

objConnection.Open “Provider=ADsDSOObject;”

Set objCommand = CreateObject(“ADODB.Command”)

objCommand.ActiveConnection = objConnection

objCommand.CommandText = _

“GC://dc=xyz,dc=com;” & _

“(&(objectCategory=person)(objectClass=user)” & _

“(sAMAccountName=sdskunaa));” & _

“sAMAccountName, distinguishedName;subtree”

Set objRecordSet = objCommand.Execute

If objRecordSet.RecordCount = 0 Then

Wscript.Echo "The sAMAccountName is not in use."

Else

While Not objRecordset.EOF

		MsgBox "sAMAccountName = " & _

		objRecordset.Fields("sAMAccountName")

		MsgBox "distinguishedName = " & _

		objRecordset.Fields("distinguishedName")

		objRecordset.MoveNext

	Wend

End If

objConnection.Close

End Sub

hcl-bot · March 30, 2005, 11:19am

Subject: Working agent to verify a user name is unique in the AD Global catalog

Thanks to Dallas I got my code working so I thought I’d share it with the group. Given any user name it will do a look up against the Active Directory Global Catalog and confirm that the name is unique in the forrest. The base code is directly from Microsoft with a few minor modifications to make it work in LotusScript. You just need to modify the queries to make it work in your environment.

Here is the link I got the original code from at MS (it has some other good info)

http://www.microsoft.com/technet/scriptcenter/guide/sas_usr_seaa.mspx

Sub Initialize

Dim objConnection As Variant

Dim objCommand As Variant

Dim Test As String



Set objConnection = CreateObject("ADODB.Connection")

objConnection.Open "Provider=ADsDSOObject;"

'test = objConnection.DefaultDatabase



Set objCommand = CreateObject("ADODB.Command")

Set objCommand.ActiveConnection = objConnection

'Modify the next line’s dc and username (sAMAccountName) to match your environment

objCommand.CommandText = _

"<GC://dc=xyz,dc=com>;" & _

"(&(objectCategory=person)(objectClass=user)" & _

"(sAMAccountName=axelrod));" & _

"sAMAccountName, distinguishedName;subtree"



Set objRecordSet = objCommand.Execute



If objRecordSet.RecordCount = 0 Then

	Msgbox "The sAMAccountName is not in use."

Else

	While Not objRecordset.EOF

		Msgbox "sAMAccountName = " & _

		objRecordset.Fields("sAMAccountName").value

		Msgbox "distinguishedName = " & _

		objRecordset.Fields("distinguishedName").value

		objRecordset.MoveNext

	Wend

End If



objConnection.Close

End Sub

hcl-bot · October 6, 2008, 5:03pm

Subject: Works for LDAP query against other directories (Sun, Netscape etc)

This code works for LDAP query/lookup against other non AD directories as well.

All that changes is

objCommand.CommandText=

“ldap://dc=xyz,dc=com;” & _

“(&(objectCategory=person)(objectClass=user)” & _

“(uid=axelrod));” & _

“uid, cn;subtree”

uid,cn depends on the schema of your directory

Just check the return value of objRecordset.Fields, it may be a array instead of string.

hcl-bot · July 14, 2011, 3:05pm

Subject: RE: Working agent to verify a user name is unique in the AD Global catalog

I am getting error at Set objRecordSet = objCommand.Execute. Error is "Active Directory: referral was returned from the server. "

Can someone tell me what i am missing

hcl-bot · March 30, 2005, 9:26am

Subject: Problem accessing AD through ADO/Lotusscript

Hi,

I have no experience with VB so what I will explain is generally the problem people have.

When you run a VB from the desktop, you use your account name (e.g. administrator).

The server, running as service, probably run as system account, so even if you are runing both on the same machine, they CAN have different rights.

HTH

Daniel

hcl-bot · March 30, 2005, 9:54am

Subject: Running local…

Thanks Daniel,

I’m running the LotusScript manually as an agent on my workstation (same result from a button too) so it is all running as me.

I think you might be on the right track though in that maybe MS products like vbs and vb are able to assert my AD credentials in some way that Notes isn’t.

Regards,

Rob

hcl-bot · July 16, 2012, 4:05am

Subject: RE: Running local…

I have a lotus script agent which I am running on the development server from my local workstation/machine. (Server machine has Admin login which has full access on AD server). Now I can read all entries in the AD but I cannot add any entry (user) to the test group. I am getting “213 - OLE: Automation object error”. Can anyone help me on why this error occurs and how can I fix it?

hcl-bot · March 30, 2005, 9:55am

Subject: Problem accessing AD through ADO/Lotusscript

Hi Rob -

Gotta use set:

Set objCommand.ActiveConnection = objConnection

hth,

dgg

hcl-bot · March 30, 2005, 10:37am

Subject: WHOOOO HOOO!! THANKS!!!

Thank you so much, that did the trick. I was beating my head against the wall with that one.

Best Regards,

Rob