Return All Users with User Groups from Active Directory with LDAP

Hello.  I am trying to write a report that pulls information in from Active Directory.  I have a view created that gets a listing of users and a view that creates a listing of user groups, but I can't seem to figure out how to get all user groups that are associated with the users.  This is what I have.

SELECT     *
FROM         OPENQUERY(ADSI, 'SELECT objectSid,
samAccountName,
distinguishedName

FROM ''LDAP://wmdomain.local''
WHERE objectClass = ''User''')
                      Rowset_1

 

Then I have this for the user groups:

 

SELECT     *
FROM         OPENQUERY(ADSI, 'SELECT objectSID,
objectGUID,
name,
distinguishedName

FROM ''LDAP://wmdomain.local''
WHERE objectClass = ''Group''')
                      Rowset_1

 

Then I have them joined in a new view like this:

SELECT     dbo.vAllUsers.distinguishedName, dbo.vUsersWithGUID.objectGUID
FROM         dbo.vAllUsers LEFT OUTER JOIN
                      dbo.vUsersWithGUID ON dbo.vAllUsers.distinguishedName = dbo.vUsersWithGUID.distinguishedName

 

This seems to work other than the 1000 row limitation of OpenQuery, but I can't seem to get it to work without using that.  Also, in SQL 2000 the objectGUID shows up as <Binary> and in SQL 2005 it shows up as NULL.  How can I view the GUID text?

 

BJ

0
bjkaledas
1/18/2008 2:18:44 PM
asp.net.active-directory-ldap 2291 articles. 0 followers. Follow

0 Replies
864 Views

Similar Articles

[PageSpeed] 31

Reply:

Similar Artilces:

Net::LDAP, Active Directory and Disabled Users
------_=_NextPart_001_01C386CB.502F3B30 Content-Type: text/plain; charset="iso-8859-1" Content-Transfer-Encoding: quoted-printable I've been trying to write a simple perl script that will query the = active directory via LDAP and give me a list of email addresses for disabled = users (eg, addresses we don't want to accept email for anymore). I found a = website or two that suggested I use the following as my filter: (&(objectCategory=3Dperson)(userAccountControl:1.2.840.113556.1.4.803:=3D= 2)) I was beginning to think these websites were wrong as whene...

Net::LDAP, Active Directory and Disabled Users #2
I've been trying to write a simple perl script that will query the active directory via LDAP and give me a list of email addresses for disabled users (eg, addresses we don't want to accept email for anymore). I found a website or two that suggested I use the following as my filter: (&(objectCategory=person)(userAccountControl:1.2.840.113556.1.4.803:=2)) I was begining to think these websites were wrong as whenever I tried this filter, I'd go no results. With other filters, I'd get the results I'd expect to get. I then tried that filter in a couple other appli...

RE: Net::LDAP, Active Directory and Disabled Users
Version of Perl:=20 5.8.0 (as supplied with RedHat9) Version of Net::LDAP: [jsteenha@jake utilities]$ perl -mNet::LDAP -e 'print = "$Net::LDAP::VERSION\n"' 0.29 Relevant part of Perl code: #!/usr/bin/perl use Net::LDAP; use Net::LDAP::Filter; $filter =3D = '(&(objectCategory=3Dperson)(userAccountControl:1.2.840.113556.1.4.803:=3D= 2))'; #$filter =3D '(objectCategory=3Dperson)'; $f =3D new Net::LDAP::Filter; $f->parse($filter); $f->print(); #exit; my $ldap =3D Net::LDAP->new('acutex-dc01'); my $mesg =3D $...

Active directory groups are not listed for a user (at times ) using LDAP
Hi All, I am using LDAP to get active directroy groups for a given user.  I am able to see the AD gorups list some times. But it is not consistent.  Some times I get empty list. If any one can help in this regard, It would be great. If you have any other way of getting AD groups Please let me know.  This is the code I am using Public Shared Function GetADUserGroups(ByVal UserName As String) As String Dim grouplist As New StringBuilder() Dim result As SearchResult Dim groupcount As Integer = 0 Dim counter As Integer = 0 Dim pos As Integer Dim search As New Dire...

Reading active directory user id for a user group
I need to write a function that accepts active directory user group and return all the users belong to that group. My function so far returns user fist name, last name and so on except userid. I am not sure how to retreive that.  Dim path As String = "LDAP://asd.dev.com"        Dim entry As DirectoryEntry = New DirectoryEntry(path)        Try            'Dim native As Object = entry.NativeObject             ...

How to check the username with active directory and fetch the user details from the active directory?
I have a textbox with a submit button.When the admin types the username in the textbox and submits it has to check with active directory and fetch the firstname and last name of the user entered inthe textbox.How will i do this one.Code is appreciated. you will find lot of samples if you search for "ActiveDirectory using .NET" but here is a verysimple code and it works too:-) strLANID = "ADDomainName\user"           Dim dservices As New System.DirectoryServices.DirectoryEntry        ...

Is there a way to authenticate Active Directory users from multiple Active Directory Domains
Is there a way to authenticate Active Directory users from multiple Active Directory Domains in ASP.NET Application using C# or VB.NET?Suppose I have a LoginId "user1" from one of the three Active Directory Domains how can I authenticate it?I have two Active Directory domains. I can authenticate from the Active Directory Domain where my current system Account is logged in. But I can not authenticate from other Active Directory Domains. Actually I have 2 Active Directory domains in my LAN.Kamran ShahidSr. Software Engineer(MCP,MCAD.net,MCSD.net,MCTS,MCPD.net[web])Netprosys Inc.ww...

RE: :LDAP, Active Directory and Disabled Users
Do some testing - query userAccountControl for an active user - then disable the user and query userAccountControl again. The result will = be the what you should use in your query. In my case all inactive users are 514 .... Best of luck ... HTH -----Original Message----- From: Steenhagen, Jacob [mailto:Jacob.Steenhagen@us.hilite.com] Sent: Monday, September 29, 2003 4:50 PM To: perl-ldap@perl.org Subject: Net::LDAP, Active Directory and Disabled Users I've been trying to write a simple perl script that will query the active directory via LDAP and give me a list o...

RE: :LDAP, Active Directory and Disabled Users #3
I apologize for the repost on this... I originally tried posting it via = NNTP and didn't see it show up so I thought (incorrectly) that NNTP was = read-only and to get the message through I had to send it via the = mailing list. -- "Outlook not so good." That magic 8-ball knows everything! I'll ask = about Exchange Server next.=20 -----Original Message----- From: Jake [mailto:jacob.NOSPAM.steenhagen@us.hilite.BYEBYE.com] Sent: Monday, September 29, 2003 4:17 PM To: perl-ldap@perl.org Subject: Net::LDAP, Active Directory and Disabled Users I've been...

RE: :LDAP, Active Directory and Disabled Users #2
Useraccountcontrol is a bit flag attribute. You get 514 because a disabled user account has the following properties: 2 : disabled 512 : normal account (not a special account) You can get the list of flags here: http://msdn.microsoft.com/library/default.asp?url=/library/en-us/netdir/adsi /ads_user_flag_enum.asp You can use 2 or 514 to find disabled users. This filter will match disabled users: (&(objectCategory=person)(objectclass=user)(userAccountControl:1.2.840.11355 6.1.4.803:=2)) Without objectclass, the filter could also match computer objects. You can f...

Active Directory user home directory
Hi all. I have a question, how to sync home directorires of users from Identity Vault to Active Directory? Into AD there are 2 LDAP attributes calleds homeDrive (the network drive letter) and homeDirectory that is the network path used to map during user login. My doubt is about the eDirectory volume information. The volume will be not sync to the AD because AD does not recognize this information, right? So, how to sync? I was thinking about create 2 eDirectory attributes where I can write theese informations. What do you think about this? Anyone can help me? Best regards...

User Managment for WORKGROUPS, or Without using LDAP & Active Directory.
Hello Guys, I am very new to this forum objective. here i have one query which is related to the Windows User Management (e.g. User Creation, Resetting Password's, unlocking the user etc.) I am creating a console which will be used to monitor & administer the Windows. now my host server & destination servers are in WORKGROUP, so i am not able to communicate with this server using Active Directory or LDAP for user management.To get the information i am using WMI.As per my knowledge, we can use ACTIVE Directory or LDAP only within domain. So, to resolve this what ...

Active Directory LDAP Query using current windows user for AD login
I have the following AD LDAP query that gives me all of the users in a specific group, and it works just fine, however on Lines 3 and 10, how can I pass the authentication token of the current windows user (i.e. User.Identity.Name) to Active Directory so that the user viewing this web page is the one that is being authenticated in AD to query AD?  The web app uses Integrated Windows Authentication.  Anonymouse access is turned off (and cannot be turned on for security purposes).  All domain users are already able to query Active Directory.  I'm in a corporat...

Active Directory- Users and Groups
Hi All, I have a requirement to pull the information from the Active Directory based on the Users and Groups. I would be greatful if you could provide some sample code on the following two:- 1. Based on the user input(Login ID) how to pull the information from the AD 2. Based on the user input(Group Name) how to pull groups from the AD  Many Thanks, Madhu        Friend, this will help on using the Active Directory features to begin with http://www.15seconds.com/issue/060525.htm http://www.wwwcoder.com/main/parentid/272/site/5...

Web resources about - Return All Users with User Groups from Active Directory with LDAP - asp.net.active-directory-ldap

Wikipedia:Quick directory - Wikipedia, the free encyclopedia
This page is a handy directory to various locations of interest in Wikipedia. Only dynamic pages should be listed here, no policy pages etc. ...

Wikipedia:WikiProject Council/Directory - Wikipedia, the free encyclopedia
Wikipedia® is a registered trademark of the Wikimedia Foundation, Inc. , a non-profit organization.

Business Directory Listings: Eight Smart Tips for You to Get Started
If you are considering a business directory listing for your small business, congratulations – you are on the right track. Local SEO, local customers, ...

LinkedIn Lookup iOS app aims to replace your company’s awful intranet employee directory
... continue reading at 9to5Mac . What do you think? Discuss "LinkedIn Lookup iOS app aims to replace your company’s awful intranet employee directory" ...

Atlas Partner Directory Launched
... just for Facebook and Instagram –advertising platform Atlas has one, as well. On that note, Atlas Tuesday introduced the Atlas Partner Directory ...

The British Library’s ‘Save Our Sounds’ Program Creates Directory of UK Sound Collections
The long-feared deterioration of the world's sound collections is a coming to a head with the British Library's last-ditch initiative called ...

First look: Microsoft Azure Active Directory Domain Services puts it all in the cloud
On Oct. 14, Microsoft announced the preview release of Azure Active Directory Domain Services or, as I like to call it, a domain in a cloud. ...

Researchers find way to steal Windows Active Directory credentials from the Internet
The technique could enable attackers to attack Windows servers hosted in the cloud

NorthPark at 50: Store directory from mall’s 1965 opening is a blast from the past
Grab a glass of wine, get on the phone with your best girlfriend from high school and check out this original map/directory of NorthPark Center. ...

Azure Active Directory Enables One-Step MDM in Windows 10
DAILY VIDEO: Microsoft enables one-step MDM in Windows 10; IRS breach more extensive than first reported; Georgia Tech finds 11 deep security ...

Resources last updated: 12/3/2015 3:28:01 PM