Bind to Active Directory user

TheMSsForum.com: The Microsoft Software Forum

Hi,

I'd like to bind to a user in Active Directory but not by using the display
name but by the sAMAccountName attribute.

The operation should be done like this....
Set objUser = GetObject _
("LDAP://cn=Joe Bloggs,ou=Management,dc=NA,dc=fabrikam,dc=com")
objUser.IsAccountLocked = False
objUser.SetInfo

...but I want to bind using the logon id "JBloggs" (obviously this doesn't
work)
Set objUser = GetObject _
("LDAP://cn=JBloggs,ou=Management,dc=NA,dc=fabrikam,dc=com")
objUser.IsAccountLocked = False
objUser.SetInfo

What is the best way to go about this?

thanks for any reply
Top

Re: Bind to Active Directory user by wrk

wrk
Wed Jul 09 03:55:34 CDT 2003

Thanks Richard, I will give this a try.


"Richard Mueller [MVP]" <rlmueller@ameritech.net> wrote in message
news:%2330vJrbRDHA.940@TK2MSFTNGP11.phx.gbl...
> wrk wrote:
>
> > I'd like to bind to a user in Active Directory but not by using the
> display
> > name but by the sAMAccountName attribute.
> >
> > The operation should be done like this....
> > Set objUser = GetObject _
> > ("LDAP://cn=Joe Bloggs,ou=Management,dc=NA,dc=fabrikam,dc=com")
> > objUser.IsAccountLocked = False
> > objUser.SetInfo
> >
> > ...but I want to bind using the logon id "JBloggs" (obviously this
doesn't
> > work)
>
> Hi,
>
> First, there is an attribute of user objects called displayName. However,
> you bind using the Distinguished Name (DN) of the user, not the
displayName.
> The DN includes the cn (Common Name) attribute, which is labeled "Name" in
> the Active Directory Users and Computers MMC. I think the cn attribute is
> what you refer to as display name.
>
> You want to use the NameTranslate object to convert the sAMAccountName (NT
> logon name) to the Distinguished Name. Here's an example below. I get the
> domain name from the RootDSE object. Otherwise, you could hard code the
> NetBIOS domain name.
>
> strNTName = "JBloggs"
>
> ' Determine DNS domain name from RootDSE object.
> Set objRootDSE = GetObject("LDAP://RootDSE")
> strDNSDomain = objRootDSE.Get("defaultNamingContext")
>
> ' Use the NameTranslate object to find the NetBIOS domain name from the
> ' DNS domain name.
> Set objTrans = CreateObject("NameTranslate")
> objTrans.Init 3, strDNSDomain
> objTrans.Set 1, strDNSDomain
> strNetBIOSDomain = objTrans.Get(3)
> ' Remove trailing backslash.
> strNetBIOSDomain = Left(strNetBIOSDomain, Len(strNetBIOSDomain) - 1)
>
> ' Use the NameTranslate object to convert the NT user name to the
> ' Distinguished Name required for the LDAP provider.
> objTrans.Init 1, strNetBIOSDomain
> ' Trap error if sAMAccountName does not exist.
> On Error Resume Next
> Err.Clear
> objTrans.Set 3, strNetBIOSDomain & "\" & strNTName
> strUserDN = objTrans.Get(1)
> If Err.Number <> 0 Then
> Err.Clear
> On Error GoTo 0
> Wscript.Echo "User " & strNTName & " not found"
> Else
> On Error GoTo 0
> ' Bind to the user object in Active Directory with the LDAP provider.
> Set objUser = GetObject("LDAP://" & strUserDN)
> objUser.IsAccountLocked = False
> objUser.SetInfo
> End If
>
> Note - the IsAccountLocked property method can be used to unlock user
> accounts, but cannot reveal whether or not the account is locked (if the
> LDAP provider is used).
>
> --
> Richard
> Microsoft MVP Scripting and ADSI
> HilltopLab web site - http://www.rlmueller.net
> --
>
>


Top