Logo Questions Linux Laravel Mysql Ubuntu Git Menu
HTML CSS JAVASCRIPT SQL PYTHON PHP BOOTSTRAP JAVA JQUERY R React Kotlin
 

How do I build this LDAP connection string?

Tags:

active-directory

ldap

I'm trying to retrieve user information in Active Directory, but am finding some things to be poorly documented. For example, the LDAP connection strings I have seen contain some keywords that I don't know the meaning of. Here's a sample:

LDAP://ofmdcoly302.ofm.wa.lcl/ou=employees,dc=ofm,dc=wa

What are the keywords "ou" and "dc" supposed to signify? In our case "ou=employees" seems to identify a particular AD node. However when I try to do a .FindAll() on the above directory entry, I get "A referral was returned from the server". I guess that means it couldn't find what I was looking for, but it might be available somewhere else? In one place I read "A referral is AD's way of saying, 'this object probably exists in another domain'".

What are "ou" and "dc" supposed to mean? And if I had this A/D structure, how would I code the LDAP connetion string to retrieve information in the "AR" node:

enter image description here

like image 463
Cyberherbalist Avatar asked Jul 12 '12 18:07

Cyberherbalist

People also ask

How do I find my LDAP connection string?

Combine the LDAP://dc1.corp.domain.com/ with the fully qualified path to the container where the binding user is located (like, say, LDAP://dc1.corp.domain.com/OU=Service Accounts,OU=Corp Objects,DC=corp,DC=domain,DC=com ) and you've got your "connection string".

How do I create a LDAP URL?

All LDAP URLs must include a scheme followed by a colon and two forward slashes (e.g., “ldap://”). The address and/or port of the target directory server. The address may be an IPv4 or IPv6 address or a resolvable name.

1 Answers

ou and dc are not keywords, they are attributes, "organizational unit" and "domain component", respectively. Attributes are defined in the directory server schema. Attributes are gathered together into entries, of which the distinguished name is the primary key.

Taken in this context, ou and dc are "distinguished name components", together comprising a "distinguished name", which is the aforementioned primary key of an LDAP entry. ou=employees,dc=ofm,dc=wa is a distinguished name composed of the various relative distinguished name components.

like image 113
Terry Gardner Avatar answered Oct 04 '22 00:10

Terry Gardner
Sign in to Comment

Related questions

Using DirectoryServices.AccountManagement, how do I get the e-mail address of an active directory security group?
LDAP filter by CN name, starts with
How can I formulate an ldap query looking for the absence of an attribute
Is it possible to retrieve data from Active Directory by impersonating a Windows authenticated user in ASP.NET?
Error 533 in Active Directory LDAP
Accessing Active Directory Records Via ASP.NET
"The specified network password is not correct." exception when changing a users password
django-auth-ldap failed authentication
Why doesn't $PSItem behave as expected when using a bracket-based -Filter argument?
Windows / Active Directory - User / Groups
Acquiring AD OU list
Using a Windows Account SID as a Security Token
LDAP query not work for group Domain Users
Developing with(out) Active Directory
Determine User Active Directory Groups from Local Machine off Network
Graph API get users from Azure AD
WindowsPrincipal.IsInRole and universal vs. global active directory groups
How do I query ActiveDirectory using LDAP with a username, not a CN?
Setting up Apache and Subversion to use LDAP (Windows Active Directory) group authentication
error on connecting to OpenLDAP using LdapConnection

Donate For Us

If you love us? You can donate to us via Paypal or buy me a coffee so we can maintain and grow! Thank you!