LDAP queries not returning the same data
-
I have a utility which loops through our LDAP fetching all of the CN values out to a .csv file, I am validating this against an Excel document which contains our phone number list. The problem is that for some people, I do not find a LDAP entry. I have another utility which takes as input the Username of someone and dumps out all of the attributes found in our LDAP and when I use this utility to find a person which is not listed on the main dump file, I do find him. :confused: I wrote both utilities, so the fetching logic is very similar. The looping utility uses:
Dim de As New DirectoryEntry("LDAP://DC=us,DC=myCompany,DC=com")
ds.Filter = "(&(objectCategory=person))"
While the single user verifier uses:
Dim de As New DirectoryEntry("LDAP://DC=us,DC=myCompany,DC=com")
ds.Filter = String.Format("(SAMAccountName={0})", Me.tboxUserName.Text)
I have looked at the LDAP properties of 2 users; UserA is the guy I don't have in my .csv file and UserB who is listed in the .csv file and nothing obviously jumps out at me being different. Where should I be looking to resolve this issue? If I can find a user directly by his username, then he should be part of the .csv export file. Right? Thanks in advance for your guidance.
-
I have a utility which loops through our LDAP fetching all of the CN values out to a .csv file, I am validating this against an Excel document which contains our phone number list. The problem is that for some people, I do not find a LDAP entry. I have another utility which takes as input the Username of someone and dumps out all of the attributes found in our LDAP and when I use this utility to find a person which is not listed on the main dump file, I do find him. :confused: I wrote both utilities, so the fetching logic is very similar. The looping utility uses:
Dim de As New DirectoryEntry("LDAP://DC=us,DC=myCompany,DC=com")
ds.Filter = "(&(objectCategory=person))"
While the single user verifier uses:
Dim de As New DirectoryEntry("LDAP://DC=us,DC=myCompany,DC=com")
ds.Filter = String.Format("(SAMAccountName={0})", Me.tboxUserName.Text)
I have looked at the LDAP properties of 2 users; UserA is the guy I don't have in my .csv file and UserB who is listed in the .csv file and nothing obviously jumps out at me being different. Where should I be looking to resolve this issue? If I can find a user directly by his username, then he should be part of the .csv export file. Right? Thanks in advance for your guidance.
The obvious place to start is the
objectCategory. If you modify your second example to:ds.Filter = String.Format("(&(objectCategory=person)(SAMAccountName={0}))", Me.tboxUserName.Text)
can you still find the missing user?
"These people looked deep within my soul and assigned me a number based on the order in which I joined." - Homer
-
I have a utility which loops through our LDAP fetching all of the CN values out to a .csv file, I am validating this against an Excel document which contains our phone number list. The problem is that for some people, I do not find a LDAP entry. I have another utility which takes as input the Username of someone and dumps out all of the attributes found in our LDAP and when I use this utility to find a person which is not listed on the main dump file, I do find him. :confused: I wrote both utilities, so the fetching logic is very similar. The looping utility uses:
Dim de As New DirectoryEntry("LDAP://DC=us,DC=myCompany,DC=com")
ds.Filter = "(&(objectCategory=person))"
While the single user verifier uses:
Dim de As New DirectoryEntry("LDAP://DC=us,DC=myCompany,DC=com")
ds.Filter = String.Format("(SAMAccountName={0})", Me.tboxUserName.Text)
I have looked at the LDAP properties of 2 users; UserA is the guy I don't have in my .csv file and UserB who is listed in the .csv file and nothing obviously jumps out at me being different. Where should I be looking to resolve this issue? If I can find a user directly by his username, then he should be part of the .csv export file. Right? Thanks in advance for your guidance.
David Mujica wrote:
ds.Filter = "(&(objectCategory=person))"
Sounds like a collection of "all persons".
David Mujica wrote:
(SAMAccountName={0})
Sounds like a more specific collection; is there a person that's not a user? A disabled user? http://www.ldapexplorer.com/en/manual/109050000-famous-filters.htm[^]
Bastard Programmer from Hell :suss: If you can't read my code, try converting it here[^]
-
The obvious place to start is the
objectCategory. If you modify your second example to:ds.Filter = String.Format("(&(objectCategory=person)(SAMAccountName={0}))", Me.tboxUserName.Text)
can you still find the missing user?
"These people looked deep within my soul and assigned me a number based on the order in which I joined." - Homer
Tried your suggestion and the answer is YES, I could find the user with that criteria. I'm using the following code in my "Ldap Dump" routine:
For Each sr As SearchResult In ds.FindAll()
I thought I read somewhere about getting LDAP information in "pages". Am I OK by using the above logic to extract the user list? This is really a head scratcher. :confused:
-
David Mujica wrote:
ds.Filter = "(&(objectCategory=person))"
Sounds like a collection of "all persons".
David Mujica wrote:
(SAMAccountName={0})
Sounds like a more specific collection; is there a person that's not a user? A disabled user? http://www.ldapexplorer.com/en/manual/109050000-famous-filters.htm[^]
Bastard Programmer from Hell :suss: If you can't read my code, try converting it here[^]
By combining the objectCategory=person and SAMAccountName={0} into one filter, I am capable of finding my user. The problem seems to be that when I loop through the LDAP, I'm not getting all of the users.
-
I have a utility which loops through our LDAP fetching all of the CN values out to a .csv file, I am validating this against an Excel document which contains our phone number list. The problem is that for some people, I do not find a LDAP entry. I have another utility which takes as input the Username of someone and dumps out all of the attributes found in our LDAP and when I use this utility to find a person which is not listed on the main dump file, I do find him. :confused: I wrote both utilities, so the fetching logic is very similar. The looping utility uses:
Dim de As New DirectoryEntry("LDAP://DC=us,DC=myCompany,DC=com")
ds.Filter = "(&(objectCategory=person))"
While the single user verifier uses:
Dim de As New DirectoryEntry("LDAP://DC=us,DC=myCompany,DC=com")
ds.Filter = String.Format("(SAMAccountName={0})", Me.tboxUserName.Text)
I have looked at the LDAP properties of 2 users; UserA is the guy I don't have in my .csv file and UserB who is listed in the .csv file and nothing obviously jumps out at me being different. Where should I be looking to resolve this issue? If I can find a user directly by his username, then he should be part of the .csv export file. Right? Thanks in advance for your guidance.
Got it ! I added the following to my code and now the user in question is showing up in the "LDAP dump" file.
ds.PageSize = 2000
Thanks to all for replying to my post. :thumbsup:
-
Got it ! I added the following to my code and now the user in question is showing up in the "LDAP dump" file.
ds.PageSize = 2000
Thanks to all for replying to my post. :thumbsup:
Thanks for posting the resolution.
Happiness will never come to those who fail to appreciate what they already have. -Anon
