Hi
I have some lotusscript that successfully queries our active directory for user details but it does have one problem.
the LDAP query looks like this:
strFilter =“(&(objectcategory=person)(objectclass=user)(samaccountname=”& key &“))”
strAttributes = “name,company,department,distinguishedname,givenname,sn,userprincipalname,physicalDeliveryOfficeName,profilePath,telephonenumber,mobile, memberof”
As you can see I want to get at the list of groups the user is in via the MemberOf attribute. The AD does contain the appropriate information, I can see it when I query using third party tools. The ldap query does seem to return the list but it is in the form of an object and I cannot see what to do with this object to get at the list of groups that I assume are in there.
Any ideas?
Subject: Querying Active Directory
Looks like your code is using the lsxldap library to do its Active Directory calls. If you look further down in the agent you should see some code along the following lines:
mySearch.filter = strFilter
mySearch.Attributes = strAttributes
If mySearch.Execute Then
If myResult.count > 0 Then
Set myEntry = myResult.GetFirstEntry
' Do some processing of the
' directory entry
End If
End If
Try adding in something like:
grouplist = myEntry.GetValue( “memberof” )
This should give you an array of distinguished LDAP group names that you can then handle as you like.
By the way, there are significant problems with using the lsxldap library (such as a 64-character limit on the DN used to bind to the directory) and you may want to look at recoding your LDAP lookup as a Java agent using JNDI.
Hope that helps,
Rupert Clayton
Chicago
Subject: RE: Querying Active Directory
Thanks Rupert,
I started the recode yesterday although I have little Java experience so it will be a challenge!
Subject: Active Directory via Java
Philip,
Yes, my Java skills are also under development. However, I have now got a Java agent to do JNDI lookups and updates. Let me know if these would be helpful for you.
Rupert