I am assuming you are writing VBA. In Outlook, you can use ADOto make the query against the LDAP provider. The query is composed of four parts

我假设您正在编写 VBA。在 Outlook 中，您可以使用ADO对 LDAP 提供程序进行查询。查询由四部分组成

1. Base path
2. Search filter
3. attributes returned in the recordset
4. Search scope.

1. 基本路径
2. 搜索过滤器
3. 记录集中返回的属性
4. 搜索范围。

The LDAP URL that you meantioned is actually the base path of the LDAP query. You can use ADSIedit to get the base path in your local domain. Normally, if your domain is called abc.com, your base path should be something like LDAP://abc.com/DC=abc,DC=com. However, it's not always the case. Active Directory allows you to name an Active Directory domain different from the DNS domain, although most of the time, they are the same. This configuration is called disjoint namespace.

您所指的 LDAP URL 实际上是 LDAP 查询的基本路径。您可以使用 ADSIedit 获取本地域中的基本路径。通常，如果您的域名为 abc.com，则您的基本路径应该类似于 LDAP://abc.com/DC=abc,DC=com。然而，情况并非总是如此。Active Directory 允许您命名与 DNS 域不同的 Active Directory 域，尽管大多数情况下它们是相同的。这种配置称为不相交的命名空间。

For the disjoint namespace case, to find out the correct base path, you can install ADSIedit from Windows 2003 support tools. Launch the ADSIEdit by typing adsiedit.msc in command line. Right click the ADSIEdit node and click "Connect to". Then, select the naming context "RootDSE" and leave all other settings as default to connect to the local domain. If your machine is joined to the domain already, you should be automatically connected to that domain. In the top RootDSE node, you should also see what domain controller you are connected to now. Mark down the FQDN of the connected domain controller. It should be something like dc1.yourdomain.com. Then, Expand the top "RootDSE" node and you will see another "RootDSE" folder node underneath. Right click and click properties. Find the defaultNamingContext. It should be something like DC=yourdomain,DC=com.

对于不相交的命名空间情况，要找出正确的基本路径，您可以从Windows 2003 支持工具安装 ADSIedit. 通过在命令行中键入 adsiedit.msc 启动 ADSIEdit。右键单击 ADSIEdit 节点，然后单击“连接到”。然后，选择命名上下文“RootDSE”并将所有其他设置保留为默认值以连接到本地域。如果您的机器已经加入域，您应该会自动连接到该域。在顶部 RootDSE 节点中，您还应该看到您现在连接到的域控制器。标记连接的域控制器的 FQDN。它应该类似于 dc1.yourdomain.com。然后，展开顶部的“RootDSE”节点，您将在下方看到另一个“RootDSE”文件夹节点。右键单击并单击属性。找到 defaultNamingContext。它应该类似于 DC=yourdomain,DC=com。

With the domain controller name and the default naming context, you can create your base path, it should be LDAP://domain controller/default naming context

使用域控制器名称和默认命名上下文，您可以创建基本路径，它应该是 LDAP://域控制器/默认命名上下文

Sometimes you see people putting in FQDN domain name instead of domain controller name in the LDAP base path. This is legitmate only if the A record of the domain exists on the DNS server. I don't recommend using domain name. However, if you really don't want to specify a specific domain controller, you can consider to use serverless binding. LDAP://default naming context. It's an Active Directory feature. It doesn't work on other LDAP servers. You can use serverless binding only if you are running as a domain user. When you use a serverless binding, the LDAP query will simply pick the next available domain controller in the site for you. In this way, you reduce the chances of overloading that server with requests. However, this also makes your result less predictable because sometimes the data is not yet replicated from one domain controller to another domain controller.

有时您会看到人们在 LDAP 基本路径中输入 FQDN 域名而不是域控制器名称。仅当域的 A 记录存在于 DNS 服务器上时，这才是合法的。我不建议使用域名。但是，如果您真的不想指定特定的域控制器，则可以考虑使用无服务器绑定。LDAP://默认命名上下文。这是一个 Active Directory 功能。它不适用于其他 LDAP 服务器。仅当您以域用户身份运行时，才能使用无服务器绑定。使用无服务器绑定时，LDAP 查询将简单地为您选择站点中下一个可用的域控制器。通过这种方式，您可以减少因请求而使该服务器过载的机会。但是，这也会降低您的结果的可预测性，因为有时数据尚未从一个域控制器复制到另一个域控制器。

Just a side note, I am suggesting you to use the domain naming context as your search base path because I assume you want to search all the users under your domain. You can always pick some other containers as your base path. For example, LDAP://yourdomain.com/CN=Users,DC=yourdomain,DC=com. Then, the search will be done only under the Users container in your domain.

顺便提一下，我建议您使用域命名上下文作为搜索基础路径，因为我假设您要搜索域下的所有用户。您始终可以选择一些其他容器作为您的基本路径。例如，LDAP://yourdomain.com/CN=Users,DC=yourdomain,DC=com。然后，搜索将仅在您域中的用户容器下进行。

An alternative quick lookup is to run nslookup from Windows - Run

另一种快速查找是从 Windows 运行 nslookup - 运行

This should give you the Default Server. See here for more info:

这应该为您提供默认服务器。请参阅此处了解更多信息：

https://serverfault.com/questions/78089/find-name-of-active-directory-domain-controller

https://serverfault.com/questions/78089/find-name-of-active-directory-domain-controller

You can then connect with AD Explorer (http://technet.microsoft.com/en-ca/sysinternals/bb963907.aspx) to make sure that it is correct.

然后，您可以连接 AD Explorer ( http://technet.microsoft.com/en-ca/sysinternals/bb963907.aspx) 以确保它是正确的。

Building on Harvey's answer, if you need to do this on a Windows 7 computer, you will need Remote Server Administration Tools for Windows 7 with Service Pack 1 (SP1).

基于 Harvey 的回答，如果您需要在 Windows 7 计算机上执行此操作，则需要Windows 7 的远程服务器管理工​​具 Service Pack 1 (SP1)。

Open the start menu, there may be a menu called 'Administrative Tools' on the right-hand side. If so, it should have 'ADSI Edit' in it.

打开开始菜单，右侧可能有一个名为“管理工具”的菜单。如果是这样，它应该有“ADSI Edit”。

If the menu is not available, or if ADSI Edit is not in the menu, Then follow the following (annotated) instructions from Windows help:

如果菜单不可用，或者菜单中没有 ADSI Edit，则按照 Windows 帮助中的以下（带注释的）说明进行操作：

Click Start, click Control Panel, and then click Programs.

In the Programs and Features area, click Turn Windows features on or off.

If you are prompted by User Account Control to allow the Windows Features dialog box to open, click Continue.

In the Windows Features dialog box, expand Remote Server Administration Tools.

Select the remote management tools that you want to install (Role administration tools > AD DS and AD LDS tools > AD DS Tools > Active Directory Administration Center), and then click OK.

Configure the Start menu to display the Administration Tools shortcut, if it is not already there.

Right-click Start, and then click Properties.

On the Start Menu tab, click Customize.

In the Customize Start Menu dialog box, scroll down to System Administrative Tools, and then select Display on the All Programs menu and the Start menu. Click OK.

Shortcuts for snap-ins installed by Remote Server Administration Tools (including ADSI Edit) for Windows 7 are added to the Administrative Tools list on the Start menu.

单击开始，单击控制面板，然后单击程序。

在程序和功能区域中，单击打开或关闭 Windows 功能。

如果用户帐户控制提示您允许打开 Windows 功能对话框，请单击继续。

在 Windows 功能对话框中，展开远程服务器管理工​​具。

选择要安装的远程管理工具（角色管理工具 > AD DS 和 AD LDS 工具 > AD DS 工具 > Active Directory 管理中心），然后单击确定。

配置开始菜单以显示管理工具快捷方式（如果尚不存在）。

右键单击“开始”，然后单击“属性”。

在开始菜单选项卡上，单击自定义。

在“自定义开始菜单”对话框中，向下滚动到“系统管理工具”，然后在“所有程序”菜单和“开始”菜单上选择“显示”。单击确定。

用于 Windows 7 的远程服务器管理工​​具（包括 ADSI Edit）安装的管理单元的快捷方式已添加到“开始”菜单上的“管理工具”列表中。