SQL ADsDSOObject 查询:查询 LDAP 时可用的列?
声明:本页面是StackOverFlow热门问题的中英对照翻译,遵循CC BY-SA 4.0协议,如果您需要使用它,必须同样遵循CC BY-SA许可,注明原文地址和作者信息,同时你必须将它归于原作者(不是我):StackOverFlow
原文地址: http://stackoverflow.com/questions/4798802/
Warning: these are provided under cc-by-sa 4.0 license. You are free to use/share it, But you must attribute it to the original authors (not me):
StackOverFlow
ADsDSOObject query: Columns available when querying the LDAP?
提问by Dexter
I am writing a VBScript to query ADsDSOObject, and I don't quite understand the structure of the LDAP. I see how to find the available virtual tables in Active Directory, but I can't find where to look for the available virtual columns.
我正在编写一个 VBScript 来查询 ADsDSOObject,我不太了解 LDAP 的结构。我了解了如何在 Active Directory 中找到可用的虚拟表,但我找不到在哪里可以找到可用的虚拟列。
Also, if I "SELECT * FROM", it only returns the ADsPath. I'd like to select more than just "Name", "Type", and "Description" from the objectClass='Computer' group.
另外,如果我“SELECT * FROM”,它只返回 ADsPath。我想从 objectClass='Computer' 组中选择的不仅仅是“名称”、“类型”和“描述”。
Dim objCompArr
Dim currcomp
objCompArr = Array()
currcomp = -1
Set objConnection = CreateObject("ADODB.Connection")
Set objCommand = CreateObject("ADODB.Command")
objConnection.Provider = "ADsDSOObject"
objConnection.Open "Active Directory Provider"
Set objCOmmand.ActiveConnection = objConnection
objCommand.CommandText = "SELECT Name FROM 'LDAP://DC=mydomain,DC=com' WHERE objectClass = 'Computer'"
objCommand.Properties("Page Size") = 1000
objCommand.Properties("Searchscope") = ADS_SCOPE_SUBTREE
Set objRecordSet = objCommand.Execute
If Not objRecordSet.EOF Then
objRecordSet.MoveFirst
Do Until objRecordSet.EOF
currcomp = currcomp + 1
ReDim Preserve objCompArr(currcomp)
objCompArr(currcomp) = objRecordSet.Fields("Name")
objRecordSet.MoveNext
Loop
End If
回答by Tomalak
It's easiest to visually browse AD with an LDAP browser beforehand (like the one from Softerra, ADSIEdit from Microsoftor Active Directory Explorer from Sysinternals).
预先使用 LDAP 浏览器(如Softerra 的浏览器、Microsoft 的 ADSIEdit或Sysinternals 的 Active Directory Explorer)直观地浏览 AD 是最容易的。
You will be able to see all available properties on an object there and craft your query accordingly.
您将能够在那里看到对象的所有可用属性,并相应地制作您的查询。
Surname is called snfor example, first name is givenName, the login is sAMAccountName, just to name a few.
sn例如姓氏,名字是givenName,登录名是,sAMAccountName仅举几例。
You can always query for properties that are not set (or not even defined). This is not an error, as LDAP is designed to be extensible and not every property is defined on every object. You just will get empty columns as a result.
您始终可以查询未设置(或什至未定义)的属性。这不是错误,因为 LDAP 被设计为可扩展的,并不是每个属性都定义在每个对象上。结果你只会得到空列。
回答by Dexter
I found an answer here: http://msdn.microsoft.com/en-us/library/ms680987%28v=vs.85%29.aspx#windows_2000_server_attributes
我在这里找到了答案:http: //msdn.microsoft.com/en-us/library/ms680987%28v=vs.85%29.aspx#windows_2000_server_attributes
Is there anyway to pull the currently logged in user from that class? I thought Desktop-Profile would be the one, but it's causing an unspecified error during the query execution.
有没有办法从那个班级中拉出当前登录的用户?我认为 Desktop-Profile 将是一个,但它在查询执行过程中导致了一个未指定的错误。
