从 SQL Server 问题查询 LDAP
声明:本页面是StackOverFlow热门问题的中英对照翻译,遵循CC BY-SA 4.0协议,如果您需要使用它,必须同样遵循CC BY-SA许可,注明原文地址和作者信息,同时你必须将它归于原作者(不是我):StackOverFlow
原文地址: http://stackoverflow.com/questions/8404744/
Warning: these are provided under cc-by-sa 4.0 license. You are free to use/share it, But you must attribute it to the original authors (not me):
StackOverFlow
Querying LDAP from SQL Server issue
提问by Rondel
I'm having some trouble configuring a SQL statement to perform an openquery on LDAP from SQL Server. I followed the instructions as laid out here: Querying Active Directory from SQL Server 2005but I'm having some trouble putting the final pieces together.
我在配置 SQL 语句以从 SQL Server 对 LDAP 执行 openquery 时遇到了一些问题。我按照此处列出的说明进行操作:从 SQL Server 2005 查询 Active Directory,但我在将最终部分放在一起时遇到了一些麻烦。
Firstly, I didn't know where my LDAP server was. So I did a nslookupand found the default server as:
首先,我不知道我的 LDAP 服务器在哪里。所以我做了一个nslookup,发现默认服务器为:
abc.domain.popo.local
I configured my OPENQUERYas
我将我的配置OPENQUERY为
SELECT * FROM OPENQUERY( ADSI, 'SELECT * FROM ''LDAP://DC=abc,DC=domain,DC=popo,DC=local'' WHERE
objectCategory = ''User''')
However, I get an error saying that
但是,我收到一个错误说
An error occurred while preparing the query "SELECT * FROM 'LDAP://DC=abc,DC=domain,DC=popo,DC=local' WHERE objectCategory = 'User'" for execution against OLE DB provider "ADSDSOObject" for linked server "ADSI".
准备查询“SELECT * FROM 'LDAP://DC=abc,DC=domain,DC=popo,DC=local' WHERE objectCategory = 'User'”以针对链接的 OLE DB 提供程序“ADSDSOObject”执行时出错服务器“ADSI”。
What is the likely issue here? Am I setting up the DCincorrectly (because I don't even know what DC means)? Or is it more likely that I just have the wrong server altogether for LDAP?
这里可能的问题是什么?我是否设置DC错误(因为我什至不知道 DC 是什么意思)?或者更有可能我只是为 LDAP 设置了错误的服务器?
回答by Jake Feasel
It looks to me like you're trying to query against a Windows Active Directory (which functionally appears as LDAP). By default, AD will not allow anonymous querying - you have to authenticate with a trusted username and password. Also, you need to check with your sysadmin to make sure you have the proper base value ("DC=abc,DC=domain,DC=popo,DC=local").
在我看来,您正在尝试查询 Windows Active Directory(功能上显示为 LDAP)。默认情况下,AD 不允许匿名查询 - 您必须使用受信任的用户名和密码进行身份验证。此外,您需要与您的系统管理员核对以确保您拥有正确的基本值(“DC=abc,DC=domain,DC=popo,DC=local”)。
回答by marc_s
See Richard Mueller's ADO / SQL search tips- do they help? (Richard's site is a real treasure trove of LDAP and Active Directory references and tips - highly recommended!)
请参阅 Richard Mueller 的ADO/SQL 搜索技巧- 它们有帮助吗?(Richard 的站点是 LDAP 和 Active Directory 参考资料和技巧的真正宝库 - 强烈推荐!)
From what I've seen on this site, you might be having the wrong objectCategory- try using Personinstead of User(which I believe is an objectClass):
从我在本网站上看到的内容来看,您可能有误objectCategory- 尝试使用Person而不是User(我认为是objectClass):
SELECT * FROM OPENQUERY(ADSI,
'SELECT * FROM ''LDAP://DC=abc,DC=domain,DC=popo,DC=local''
WHERE objectCategory = ''Person''')
回答by Quantum Elf
Make sure that "abc" isn't the actual name of a domain controller in that domain; hence in that case your OPENQUERY should omit that and be:
确保“abc”不是该域中域控制器的实际名称;因此在这种情况下,您的 OPENQUERY 应该省略它并且是:
SELECT * FROM OPENQUERY( ADSI, 'SELECT * FROM ''LDAP://DC=domain,DC=popo,DC=local'' WHERE objectCategory = ''Person'' AND objectClass = ''user''')
SELECT * FROM OPENQUERY( ADSI, 'SELECT * FROM ''LDAP://DC=domain,DC=popo,DC=local'' WHERE objectCategory = ''Person'' AND objectClass = ''user''')
