Cannot Reference New Attribute In Active Directory
Mar 1, 2007
We have had an existing linked server that we used to query AD and everything was working as expected. We had to add a new attribute so the AD schema was extended.
Now when I try to reference the new field I get the following error:
Server: Msg 7399, Level 16, State 1, Line 1
OLE DB provider 'ADsDSOObject' reported an error. The provider did not give any information about the error.
OLE DB error trace [OLE/DB Provider 'ADsDSOObject' IColumnsInfo::GetColumnsInfo returned 0x80004005: The provider did not give any information about the error.].
Here is the code that gives the error:
SELECT employeeNumber as Employee_Number,
NECASupervisor
FROM OpenQuery(ADSI,
'SELECT employeeNumber,NECASupervisor
from ''LDAP://OU=NECA,OU=UserAccounts,DC=neca,DC=pri''
')
This query works fine:
SELECT employeeNumber as Employee_Number
FROM OpenQuery(ADSI,
'SELECT employeeNumber
from ''LDAP://OU=NECA,OU=UserAccounts,DC=neca,DC=pri''
')
Note: The field NECASupervisor is the new AD attribute. It is in the UserAccounts OU. If I run the same type of query using VB script it finds the attribute.
hi, I am trying to run a query analyzer via query against ad. Below is the error I am getting. How to extract the directReports attribute values from windows 2003 active directory
SELECT * FROM OPENQUERY( ADSI, 'SELECT directReports FROM ''LDAP://192.168.1.24/dc=xxx,dc=com'' WHERE objectCategory = ''Person'' AND objectClass = ''user'' order by name')
Err: Server: Msg 7346, Level 16, State 2, Line 1 Could not get the data of the row from the OLE DB provider 'ADsDSOObject'. Could not convert the data value due to reasons other than sign mismatch or overflow.
Has anyone used this successfully from an OLEDB source component, or even from the Execute SQL Task? I've seen some examples of using a script component, but nothing that uses it through a connection manager.
I have recently upgraded my the server that runs SQL Server to an Active Directory Domain Controler. Now I can't connect to the SQL Server from ASP.NET Applications when the application is not located on the local machine. The error message I get is SQL Server does not exist or access is denied. I have no problems connecting with QueryAnalyer and Enterprise Manager from my workstation. I have added the Sql Server to the directory via the "Active Directory"-tab in the Property window for my Sql Server Registration i Enterprise Manager. If I copy a directory from the wwwroot on my workstation to the server the application has no problem to connect so the connectionstring seams to work fine.
we have recently completed an upgrade to 2000 server and now have AD on our network.
How do i go about querying this from any of my SQL 2000 servers?
I have found a few websites that mention adding a linked server. I have never done this and am not sure how to query a linked server, if that is the way to go.
A little background, We have a DEV Server running SQL Server 2000. This is the first of many to be migrated from out NT Domain to our new AD (active directory Domain). All Domain user accounts have already been migrated.
When they migrated this first Server running SQL Server, I am getting the following error when I try to make the owner of a job (any job) run by the SQL Server Agent a domain account in the new AD - when I switch the ownership back to our old NT Domain, it works fine.
I am getting this error: The job failed. Unable to determine if the owner (domainusername) of job testjob has server access (reason: Could not obtain information about Windows NT group/user 'domainusername'. [SQLSTATE 42000] (Error 8198)).
note that this is happening to all windows authenticated sql server accounts on this Server. All of these account are in the local Admin group on the Server.
Does anyone know what needs to be done in SQL Server to make the AD migration seemless???? I need to try and find this out before we begin migrating Production Servers. Thank you!!
Hi! I want to write a trigger that add a new computer account in my active directory when I do an Insert in my MSSQL table.
I know how to use SELECTstatements using LDAP but I want to do a INSERT statement. Is that even possible? Can you write vb code directly in SP i mssql 2000?
What I think I have to do is to have a vbscript that does the adding then call the script using exetended SP cmd execute passing the name to the script.
If someone has a another solutions please let me know!
Is it possible to, somehow, get a specific users password from active directory? The reason I ask is that I am writing a new system and really don't want the users having to remember yet another password, but rather be able to use there network password? I would like to write the logon section myself and not use any built in functions that anything may have.
Please can someone advise. I don't think it is possible but have been asked to persue the issue.
HiI've created a stored procedure (see below) which accesses the ActiveDirectory and SQL server to get "real names" back. When I run thestored procedure in Query Analyzer it returns the expected results,however when I try to create a Web Assistant job based upon theprocedure I get the SQL-DMO message:Error 7410 Remote Access not allowed for Windows NT Useractivated bySETUSER.The procedure is being run (and the job created) as the account whichowns the SQL Server installation, and this account has AD adminpermissions.Any suggestions?CREATE VIEW dbo.vw_account_adASSELECT a.Name AS ad_name, dbo.Accounts.*FROM dbo.Accounts INNER JOINOPENQUERY(ADSI,'select SamAccountName, Name FROM''LDAP://w2k-bspad1/ ou=users,ou=bsp,DC=ad,DC=bl,DC=uk'' whereobjectcategory=''person'' ') a ONSUBSTRING(dbo.Accounts.Account_Name,CHARINDEX('', dbo.Accounts.Account_Name) + 1,LEN(dbo.Accounts.Account_Name) - CHARINDEX('',dbo.Accounts.Account_Name)) = a.SamAccountNameCREATE PROCEDURE [dbo].[usp_event_report] ASSET ANSI_NULLS ONSET ANSI_WARNINGS ONSELECT Code_Name, Account_Name + ' ('+ad_Name+')' as 'Account Name',Date_Occured, ResultFROM Usage_Codes, Usage, vw_account_adWHERE Usage.Code_ID = Usage_Codes.Code_IDAND Usage.Account_ID = vw_account_ad.Account_IDAND datepart(month,Date_Occured) = datepart(month,getdate())ORDER BY Code_Name, Account_Name, Date_OccuredGOChloe CrowderThe British Library
I have a request to build some reports that are specific to each user. Only the autheticated user should be able to see their report data and no one elses etc. How do I get data for the current autheticated user (via AD)? If this is via parameter, how do I hide the username/password in the url?
I am sure this has been done, but I couldn't find any good examples.
Can someone please tell me or provide a link explaining how I can query the active directory for usernames from sql server 2005. I'm actually creating usernames on the fly and I need to check if they already exist in the active directory. Thanks.
We want to use Active Directory with Oracle for User Authentication and accessing Oracle as well as storing the details in Oracle. Active Directory stores Information regarding Users, Groups & Policies etc.
We want to provide the access in Oracle for the users available in AD as well as export Complete User Information from active directory and keeping the updated information into some Oracle tables. What is the optimal method?
What configuration needed at Server/ Client End and How to do the same? Kindly provide the steps. Please do the needful. Thanks.
We currently have Active Directory within our domain all Server 2003 based. We also have a SQL2005 database stand alone server (not currently joined to the domain). What we would like to do is utilize single sign on. Currently our users have to log into windows, then open an "in-house" program which asks for a different set of credentials for the SQL2005 database. How do we intergrate Active Directory login to also authenticate to the SQL database? Can we just join the stand alone SQL server to the domain, then from there add the Active Directory "security groups" into the database? Could someone point me in the right direction, thanks!
I'm not sure this is an actual reporting services question but has someone else created reports for active directory in Reporting Services
I want to create a report with users and their respective manager. I have this working in reporting services but I just want the manager name how could I strip out all the other information in the manager field??
SELECT personalTitle, manager, name, employeeid, distinguishedName FROM 'LDAP://dc=xxx,dc=xxx,dc=xxxt' WHERE objectClass = 'user' AND objectCategory = 'Person' ORDER BY name
I get this as the manager name, I just want his name
Hi everybody. I have this problem: I have to access to the Active Directory of a remote server from my computer using SQL and make searches based on the LDAP of the server. Someone told me to use Add Linked Server, but I don't know how to do it with the Active Directory. Thanks for the help.
I encapsulated calls to Active Directory in a dll. This dll works very well for a call or a few calls. However when I wrote a winapp that calls many times repeatedly to this dll and consequently to DirectorySearcher, I recieve the following message after many iterations have been made: (while debugging, or in release mode same problem occurs)
Managed Debugging Assistant 'ContextSwitchDeadlock' has detected a problem in 'D:DevProjectsADQuerySysRegLoadPersGrpsSRLoadPersGrpsSRLoadPersGrpsinReleaseSRLoadPersGrps.vshost.exe'. Additional Information: The CLR has been unable to transition from COM context 0x1a0998 to COM context 0x1a0b08 for 60 seconds. The thread that owns the destination context/apartment is most likely either doing a non pumping wait or processing a very long running operation without pumping Windows messages. This situation generally has a negative performance impact and may even lead to the application becoming non responsive or memory usage accumulating continually over time. To avoid this problem, all single threaded apartment (STA) threads should use pumping wait primitives (such as CoWaitForMultipleHandles) and routinely pump messages during long running operations.
Continue & breakAll after the above error thrown caused this system error code to be generated: H80131c25
Here's one of the subs in the dll that is causing the problem. After multiple calls to the directorySearcher, one or another call fails with the above error. (on the FindOne method here, but on the .GetDirectoryEntry method in another sub, random which one fails, it's the number of iterations that is the problem) Question I have is: Is the only way to stop this error to reduce or slow down the calls to DirectorySearcher?
Private Sub GetGroupName(ByVal GroupName As String, ByRef strDistinguishedName As String, ByRef strMsg As String) Dim strFilter As String Dim entry As DirectoryEntry Try strFilter = "(&(objectClass=group)(cn=" + GroupName + "))" Dim myArr() As String = {"distinguishedName"} Dim mysearchroot As DirectoryEntry = New DirectoryEntry(myLDAPPath) Dim myDirectorySearcher As New DirectorySearcher(mysearchroot, strFilter, myArr, SearchScope.Subtree) Dim mySearchResult As SearchResult = myDirectorySearcher.FindOne If mySearchResult Is Nothing Then Throw New Exception("Get Group Name: No groups by name: " & GroupName) End If entry = mySearchResult.GetDirectoryEntry() strDistinguishedName = entry.Properties.Item("distinguishedName").Value.ToString 'cleanup entry = Nothing mySearchResult = Nothing myDirectorySearcher.Dispose() mySearchResult = Nothing Catch e As Exception strMsg = "Failed to Get Distinguished Group Name for: " + GroupName + " " + e.Message strDistinguishedName = "" End Try
[code] SELECT * FROM OPENQUERY(ADSI, 'SELECT name FROM 'LDAP://mydomain' WHERE objectClass='User'')
[/code it worked just fine. but i want to select everything from active directory base on NT account (the account that user uses for their window logs in) and the user has to belong to a certain group (for instance: group = student)
now how do i do that? can you guys help. thank you
Just like out of the box windows authentication and authorization is supported, has anyone integrated reporting services with Active Directory or at least point me to the correct resource?
We are writing an enterprise application in which the user logs in by entering their username and password in a form. The user will enter their actual Active Directory credentials. I want to pass the username and password to a stored procedure that will check for a valid user account in an Active Directory. In Sql Server 2005 I know I could write a small .NET library that uses System.DirectoryServices , register it in SQL and access it from an stored procedure.
Can it be done in Sql server 2000?
The reason we are not just autheticating in the .NET code of the application is that we found that it does not work on Windows 98 cleints, hence the need to go through sql server.
I look for and try to get data from Active Directory to MSSQL Server, but have same error:
Msg 7321, Level 16, State 2, Line 1 An error occurred while preparing the query "SELECT name FROM 'LDAP://office.experter.group' WHERE objectCategory = 'Person' AND objectClass = 'user'" for execution against OLE DB provider "ADsDSOObject" for linked server "ADSI".
for the code:
select * from openquery ( ADSI,'SELECT name FROM ''LDAP://office.experter.group'' WHERE objectCategory = ''Person'' AND objectClass = ''user''' )
I want the list of Users from Active Directory.I have created the linked server in SQL 2005.After that I queried
SELECT * FROM OPENQUERY (ADSI, 'SELECT givenName, sn FROM LDAP:// DC=xxx,DC=COM')
I got following error message.
An error occurred while preparing the query "select givenname,sn from 'LDAP://xxx.COM'" for execution against OLE DB provider "ADSDSOObject" for linked server "ADSI".
what are the security settings and permissions required to set?
In sql server 2005 i want to connect to active directory of exchange server ... there is one option in which we can search outlook but its not fruitful ... please guide ...
Sometimes a user name will change in Active Directory and I have to change the name in SQL Server as well. So what I do is first delete the old user name from SQL Server's logins. However I wont be able to see the new user name in SQL Server to add it as a legit user until I roboot the server. Is there somekind of code I can execute to resynchronize with Active Directory again?