When you think ASP, think...
Recent Articles
All Articles
ASP.NET Articles
Related Web Technologies
User Tips!
Coding Tips

Sample Chapters
JavaScript Tutorials
MSDN Communities Hub
Official Docs
Stump the SQL Guru!
XML Info
Author an Article
Print this page.
Published: Tuesday, April 18, 2000

Querying an LDAP Server using Active Directory and ADO

By Julian

In order to do an ADO query against an LDAP database using Active Directory, you must install the latest version of ADSI (I believe it's currently v2.5). If you are running Windows 2000, Active Directory is already built in. To learn more about LDAP, Acitve Directory, and ADSI, check out these resources:

In our example the query is run against a Site Server LDAP database to get a listing of the users. The SQL statement consistes of:

SQLStmt = "SELECT cn " & _
          "FROM 'LDAP://LDAPSERVER:1003/o=microsoft/ou=members' " & _
          "WHERE objectClass='*'"

The first thing you will notice that's different, is that the table source becomes the LDAP server, port and node you wish to query. The field name cn (common name) is the Attribute value you wish to return. The WHERE part of the statement returns all items that are an objectClass. Note: SELECT * does not work with the ADs Provider!

In the next part of the code we instantiate an ADO Connection object, and set it's provider to: ADSDSOObject.

Set Conn = CreateObject("ADODB.Connection")
Conn.Provider = "ADSDSOObject"

Since I have setup my Site Server LDAP database to disallow Anonymous acces, I am going to do an authenticated bind. Doing an authenticated bind to an LDAP Server requires that the user you are binding to has Administrative rights. The Administrator password must also be supplied.

Conn.Open "ADs Provider", _
          "cn=Administrator,ou=members,o=microsoft", _

Once the connection has been suceesfully opened, the SQL Statement is executed creating an ADO recordset.

Set rs = Conn.Execute(SQLStmt)

And if all goes well, we should be able to iterate the ADO recordset. The Property Value is usually returned as a Variant. So keep in mind, that some items may be returned as Arrays. Generally single value properties are Strings and multi-value properties are Arrays.

Do While Not rs.EOF Or rs.BOF
   ReturnValue = rs.Fields(0)
   If IsArray(ReturnValue) Then
        For I = LBound(ReturnValue) To UBound(ReturnValue)
            If ReturnValue(I) <> "" Then
                Response.Write ReturnValue(I) & "<BR>"
            End If
        Response.Write ReturnValue & "<BR>"
   End If

Try querying your LDAP Schema. Have fun!

Happy Programming!

ASP.NET [1.x] [2.0] | ASPFAQs.com | Advertise | Feedback | Author an Article