IIS5 (Windows 2000), 5.1 (Windows XP), or IIS6 (Windows Server 2003 family) Web servers can use JustLDAP in ASP, ASP.NET pages (or other COM / ActiveX aware server applications) to access Active Directory and return details for individual Web users. This is often used to pre-populate application forms and personalize web pages for each user etc.

(By assigning a user with "Domain Admin" rights (recommended), JustLDAP can also perform a large number of administrative functions such as unlocking accounts, resetting passwords group membership changes etc. See the JustLDAP method calls for administrative method details and sample code.)

Because JustLDAP runs in a  COM+ "application" with a domain "identity", the ASP or ASP.NET page / application does not need any special authentication changes.
Provided that IIS directory permissions are set to "Windows Integrated" so that Web browser users can negotiate an authenticated session, the IIS ASP server variable "LOGON_USER" will be set to "DOMAIN\UserID".

Using JustLDAP to return Web browser user details.

The code example below shows an ASP page calling JustLDAP to retrieve the Given Name of an Intranet browser user. Set the IIS directory permissions to "Windows Integrated" for the Web site virtual directory. This is required so that the browser user can be authenticated.

This sample uses the "Lookup" method.

2. Using VBScript

Using JustLDAP to return user details from a VBScript.

The code example below shows a simple VBS script to retrieve several details of a user from their Login ID (sAMAccountName).

This sample uses the "Lookup" method.
 

Option Explicit Dim oLdap, UserID, oRS, cntr, item Dim Found(1, 50) Const adVariant = 12 Set oLdap = CreateObject("JustLDAP.Admin") UserID = InputBox("Enter your Login ID - e.g. bobuser") If UserID = "" Then Wscript.Echo("No Login ID entered - exiting...") Wscript.Quit End If Set oRS = oLdap.Lookup("sAMAccountName", UserID, "sn, givenName, mail, employeeID, telephoneNumber, directReports") If Not IsNull(oRS) Then   While Not oRS.EOF     For Each Item In oRS.Fields       If Not IsNull(Item.Value) Then         Found(1,cntr) = Item.Value         If Item.Type <> adVariant then                Wscript.Echo(Item.Value)              else                              'else must be multivalued           Wscript.Echo("- multivalued -") 'See next sample for how          End If                            'to use 'For Each' to       End If                              'extract substrings from     Next                                  'multivalued fields     oRS.MoveNext   Wend End If Set oRS = Nothing Set oLdap = Nothing

NOTE: The following example calls JustLDAP where DOMAIN, Username and Password are passed to the LookupUsing method.

 i.e. (Lookup "using" the supplied domain and credentials).

The code example below shows a simple VBS script to retrieve several details of a user from their Login ID (sAMAccountName).

We do not recommend using this search function unless the computer that JustLDAP is installed on cannot be a member of the domain. In this case, set the COM+ Identity (see JustLDAP installation), to a user with sufficient rights to the domain and the network connection to the domain. For Example: A local administrator of the local computer - those credentials also are "Domain User" credentials.

This sample uses the "LookupUsing" method.

Large data set retrievals

Using JustLDAP to do a bulk search for every user in VBScript.

A major feature of JustLDAP is that it is not restricted to the usual 1000 item limit for querying Active Directory. JustLDAP will run for as long as is necessary to retrieve the information. For example, if you have 70,000 employees to scan, no problem, JustLDAP will retrieve the details.

JustLDAP also automatically ensures that the Domain Controllers are not overloaded by this larger data retrieval query. This type of query should be set to run from a scheduled task that launches the VBScript. That way, you do not need to wait around 'logged on' to your computer. The task will run happily in the background.

The code example below shows a VBScript that can be run from a scheduled task. It retrieves some details of ALL users by setting the Login ID (sAMAccountName) to a wildcard asterisk '*' meaning 'ALL'.

An output text file is written to disk. This could easily be modified to instead do a direct "put" of the details into a database using ADO and VBScript.

To retrieve more details, simply add more Microsoft Active Directory attribute names (comma separated) to the 'Attributes' string as shown in the code.

NOTE: Watch out for multivalued attributes and date-time attributes, (long integers). See our FAQ on these attributes.

This sample uses the "Lookup" method.

' ' This script searches ALL users in Active Directory for: ' LoginID (sAMAccountName), Employe ID and Surname. ' The results are written to a file. ' Const ForReading = 1, ForWriting = 2, ForAppending = 8 ' Active Directory attributes retrieved by JustLDAP Attributes = "sAMAccountName, employeeID, sn" ' Open a text file for results Set fso = CreateObject("Scripting.FileSystemObject") Set ts = fso.OpenTextFile("C:\userdata.txt", ForWriting, True) Set objLdap = CreateObject("JustLDAP.Admin") Set oRS = objLdap.Lookup("sAMAccountName", "*", Attributes) 'Enumerate the results putting a dash "-" on null, (empty) to make things easy. Do While Not oRS.EOF   If Not IsNull(oRS.Fields("sAMAccountName")) Then     sAMAccountName = oRS.Fields("sAMAccountName")       If Not Isnull(oRS.Fields("employeeID")) Then         employeeID = oRS.Fields("employeeID")       Else         employeeID = "-"       End If     If Not Isnull(oRS.Fields("sn")) Then       sn = oRS.Fields("sn")     Else       sn = "-"     End If     ts.WriteLine sAMAccountName & "," & employeeID & "," & sn   End If   oRS.MoveNext Loop ts.close ' Close the file Set fso=Nothing Set oRS=Nothing Set objLdap=Nothing

Download the trial version - justldap.zip

Copyright 2006 Eastern Digital Pty. Ltd. Australia.  ABN 87 004 274 051
Home | Contact us | Products | Downloads | Support | Privacy Policy