JustLDAP Search Code Examples

1. Using IIS

IIS5 (Windows 2000), 5.1 (Windows XP), or IIS6 (Windows Server 2003 family) Web servers can use JustLDAP in ASP, ASP.NET pages (or other COM / ActiveX aware server applications) to access Active Directory and return details for individual Web users. This is often used to pre-populate application forms and personalize web pages for each user etc.

(By assigning a user with "Domain Admin" rights (recommended), JustLDAP can also perform a large number of administrative functions such as unlocking accounts, resetting passwords group membership changes etc. See the JustLDAP method calls for administrative method details and sample code.)

Because JustLDAP runs in a  COM+ "application" with a domain "identity", the ASP or ASP.NET page / application does not need any special authentication changes.
Provided that IIS directory permissions are set to "Windows Integrated" so that Web browser users can negotiate an authenticated session, the IIS ASP server variable "LOGON_USER" will be set to "DOMAIN\UserID".

When creating the JustLDAP object in code, always use the version independent ProgID "JustLDAP.Admin" for CreateObject (VBScript) or Server.CreateObject (ASP Script).

(For remote domains use JustLDAPDomain.DomainAdmin.)

Using JustLDAP to return Web browser user details.

The code example below shows an ASP page calling JustLDAP to retrieve the Given Name of an Intranet browser user. Set the IIS directory permissions to "Windows Integrated" for the Web site virtual directory. This is required so that the browser user can be authenticated.


This sample uses the "Lookup" method.

<html>
<head>
</head>
<body>

<%
  Dim oLdap, oRS, Webuser, User, UserArray, ReturnedDetails
  WebUser = Request.ServerVariables("LOGON_USER")
  UserArray = split(WebUser, "\")
  User = UserArray(Ubound(UserArray))
  Set oLdap = Server.CreateObject("JustLDAP.Admin")
  Set oRS = oLdap.Lookup("sAMAccountName", User, "givenName")
  If Not isNull(oRS) then
    ReturnedDetails = oRS.GetRows
  End If
  Response.Write("<br>")
  Response.Write(ReturnedDetails(0, 0)) & "<br>"
  Response.Write("<hr>")
  Set oRS = Nothing
  Set oLdap = Nothing
%>

</body>
</html>


2. Using VBScript

Using JustLDAP to return user details from a VBScript.

The code example below shows a simple VBS script to retrieve several details of a user from their Login ID (sAMAccountName).

This sample uses the "Lookup" method.
 
Option Explicit

Dim oLdap, UserID, oRS, cntr, item
Dim Found(1, 50)

Const adVariant = 12

Set oLdap = CreateObject("JustLDAP.Admin")
UserID = InputBox("Enter your Login ID - e.g. bobuser")
If UserID = "" Then
Wscript.Echo("No Login ID entered - exiting...")
Wscript.Quit
End If

Set oRS = oLdap.Lookup("sAMAccountName", UserID, "sn, givenName, mail, employeeID, telephoneNumber, directReports")

If Not IsNull(oRS) Then
  While Not oRS.EOF
    For Each Item In oRS.Fields
      If Not IsNull(Item.Value) Then
        Found(1,cntr) = Item.Value
        If Item.Type <> adVariant then     
          Wscript.Echo(Item.Value)     
        else                              'else must be multivalued
          Wscript.Echo("- multivalued -") 'See next sample for how 
        End If                            'to use 'For Each' to
      End If                              'extract substrings from
    Next                                  'multivalued fields
    oRS.MoveNext
  Wend
End If
Set oRS = Nothing
Set oLdap = Nothing

 

NOTE: The following example calls JustLDAP where DOMAIN, Username and Password are passed to the LookupUsing method.

 i.e. (Lookup "using" the
supplied domain and credentials).

The code example below shows a simple VBS script to retrieve several details of a user from their Login ID (sAMAccountName).

We do not recommend using this search function unless the computer that JustLDAP is installed on cannot be a member of the domain. In this case, set the COM+ Identity (see JustLDAP installation), to a user with sufficient rights to the domain and the network connection to the domain. For Example: A local administrator of the local computer - those credentials also are "Domain User" credentials.

This sample uses the "LookupUsing" method.

Option Explicit

Dim oLdap, UserID, oRS, cntr, item, Domain, Username, Password, SubValue
Const adVariant = 12

UserID = InputBox("Enter a Login ID to search for - e.g. bobuser")
If UserID = "" Then
  Wscript.Echo("No Login ID entered - exiting...")
  Wscript.Quit
End If


Domain = InputBox("Enter Domain DNS name e.g. company.com")
If Domain = "" Then
  Wscript.Echo("No Domain entered - exiting...")
  Wscript.Quit
End If

Username = InputBox("Enter a login ID that is valid for the domain e.g. robot42")
If Username = "" Then
  Wscript.Echo("No login access account name entered - exiting...")
  Wscript.Quit
End If

Password = InputBox("Enter account password - e.g. secretpw")
If UserID = "" Then
  Wscript.Echo("No account password entered - exiting...")
  Wscript.Quit
End If

Set oLdap = CreateObject("JustLDAP.Admin")

Set oRS = oLdap.LookupUsing("sAMAccountName", UserID, "sn, givenName, mail, employeeID, telephoneNumber, directReports", Domain, Username, Password)

If Not IsNull(oRS) Then
  While Not oRS.EOF
    For Each Item In oRS.Fields
      If Not IsNull(Item.Value) Then
        If Item.Type <> adVariant then    'Check for "multivalued"
          Wscript.Echo(Item.Value)        'fields like 'directReports'
        else
          For Each SubValue in Item.Value
            Wscript.Echo(SubValue)        'Display each item in the
          Next                            'multivalued field
        End If
      End If
    Next
oRS.MoveNext
Wend
End If
Set oRS = Nothing
Set oLdap = Nothing

 

Large data set retrievals

Using JustLDAP to do a bulk search for every user in VBScript.

A major feature of JustLDAP is that it is not restricted to the usual 1000 item limit for querying Active Directory. JustLDAP will run for as long as is necessary to retrieve the information. For example, if you have 70,000 employees to scan, no problem, JustLDAP will retrieve the details.

JustLDAP also automatically ensures that the Domain Controllers are not overloaded by this larger data retrieval query. This type of query should be set to run from a scheduled task that launches the VBScript. That way, you do not need to wait around 'logged on' to your computer. The task will run happily in the background.

The code example below shows a VBScript that can be run from a scheduled task. It retrieves some details of ALL users by setting the Login ID (sAMAccountName) to a wildcard asterisk '*' meaning 'ALL'.

An output text file is written to disk. This could easily be modified to instead do a direct "put" of the details into a database using ADO and VBScript.

To retrieve more details, simply add more Microsoft Active Directory attribute names (comma separated) to the 'Attributes' string as shown in the code.

NOTE: Watch out for multivalued attributes and date-time attributes, (long integers). See our FAQ on these attributes.

This sample uses the "Lookup" method.
'
' This script searches ALL users in Active Directory for:
' LoginID (sAMAccountName), Employe ID and Surname.
' The results are written to a file.
'

Const ForReading = 1, ForWriting = 2, ForAppending = 8

' Active Directory attributes retrieved by JustLDAP

Attributes = "sAMAccountName, employeeID, sn"


' Open a text file for results

Set fso = CreateObject("Scripting.FileSystemObject")
Set ts = fso.OpenTextFile("C:\userdata.txt", ForWriting, True)

Set objLdap = CreateObject("JustLDAP.Admin")

Set oRS = objLdap.Lookup("sAMAccountName", "*", Attributes)

'Enumerate the results putting a dash "-" on null, (empty) to make things easy.

Do While Not oRS.EOF

  If Not IsNull(oRS.Fields("sAMAccountName")) Then

    sAMAccountName = oRS.Fields("sAMAccountName")

      If Not Isnull(oRS.Fields("employeeID")) Then
        employeeID = oRS.Fields("employeeID")
      Else
        employeeID = "-"
      End If

    If Not Isnull(oRS.Fields("sn")) Then
      sn = oRS.Fields("sn")
    Else
      sn = "-"
    End If
    ts.WriteLine sAMAccountName & "," & employeeID & "," & sn

  End If
  oRS.MoveNext

Loop

ts.close ' Close the file

Set fso=Nothing
Set oRS=Nothing
Set objLdap=Nothing

 

Download the trial version - justldap.zip



 

Google
 
Web easterndigitalsoftware.com

Copyright 2006 Eastern Digital Pty. Ltd. Australia.  ABN 87 004 274 051
Home | Contact us | Products | Downloads | Support | Privacy Policy