Export (0) Print
Expand All

Searching for an Attribute in a Container

Microsoft® Windows® 2000 Scripting Guide

Most searching tasks start with checking objects in a container for the value of an attribute. For example, you might want to identify all objects in a container by retrieving the value of their distinguishedName or name attributes.

Scripting Steps

You can use either LDAP search dialect or SQL syntax to search for attributes in a container.

Using LDAP search dialect to perform a search to display all names in an OU

Listing 7.23 contains a script that uses LDAP search dialect to display the value of an attribute assigned to all objects in an OU. To carry out this task, the script performs the following steps:

  1. Create an ADO Connection object to access the Active Directory database by using the ADSI OLE DB provider.

    Line 1 creates a connection object using ADO, and line 2 opens the connection using the ADSI OLE DB provider.

  2. Create an ADO Command object, and assign the ADO connection to it.

    This step is necessary because the Command object holds both the connection and the query string to run against the Active Directory database.

  3. Assign the query string to the CommandText property of the ADO Command object. The string uses LDAP search dialect.

    Line 8 specifies the search base, the attribute to return, and the search scope.

    1. The search base, surrounded by angle brackets (< >), specifies the LDAP moniker to query the Management OU in the na.fabrikam.com domain.

    2. The attribute to return, which appears after two semicolons, specifies the lDAPDisplayName of the attribute that the query should return the name attribute.

    3. The search scope, appearing at the end of the query string, specifies where to perform the query onelevel, which performs the search in the Management OU. The contents of any child OUs of the management OU are not searched.

  4. Run the query by assigning the Execute method to the Command object and storing the return value in the RecordSet object, objRecordSet.

    The query string returns records containing a single field, the name field.

  5. Use a While Wend statement to display each record in objRecordSet. Use the MoveNext method of the RecordSet object to move to the next record.

  6. Close the connection object.

    This final step is optional, but it is good practice to remove objects from memory when a script has finished using them. In much larger scripts that take time to complete, removing unused objects from memory saves resources and helps ensure that a script will not be using computing resources unnecessarily.

Listing 7.23 Performing a Search to Display All Names in an OU

  
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16


Set objConnection = CreateObject("ADODB.Connection")
objConnection.Open "Provider=ADsDSOObject;"

Set objCommand = CreateObject("ADODB.Command")
objCommand.ActiveConnection = objConnection

objCommand.CommandText = _
 "<LDAP://ou=Management,dc=NA,dc=fabrikam,dc=com>;;name;onelevel"
Set objRecordSet = objCommand.Execute

While Not objRecordset.EOF
 Wscript.Echo objRecordset.Fields("name")
 objRecordset.MoveNext
Wend

objConnection.Close

Listing 7.23 is intentionally simple to show the fundamental components of a search routine that uses ADO to search the Active Directory database.

Using SQL syntax to perform a search to display all names in an OU

To use SQL syntax to duplicate the results of the query statement in Listing 7.23, specify the search scope as a property of the Command object and use SQL syntax in place of line 8.

Listing 7.24 contains a script that uses SQL syntax to display the value of an attribute assigned to objects in an OU. To carry out this, task the script performs the following steps:

  1. Set the ADS_SCOPE_ONELEVEL constant.

    This constant is part of the ADS_SCOPEENUM enumeration, which specifies the search scope of a query.

  2. Create an ADO Connection object to access the Active Directory database by using the ADSI OLE DB provider.

  3. Create an ADO Command object, and assign the ADO connection to it.

  4. Set the ADO Command objects searchscope property to ADS_SCOPE_ONELEVEL.

    This limits the search to a single container, excluding the parent object. The scope is specified in this way because it is not possible to specify the search scope in the SQL dialect.

  5. Assign the query string to the CommandText property of the ADO Command object. The string uses SQL dialect.

  6. Run the query by assigning the Execute method to the Command object and storing the return value in the RecordSet object, objRecordSet.

    The query string returns records containing a single field, the name field.

  7. Use a While Wend statement to display each record in objRecordSet. Use the MoveNext method of the RecordSet object to move to the next record.

  8. Close the connection object.

Listing 7.24 Using SQL Syntax to Perform a Search to Display All Names in an OU

  
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20


Const ADS_SCOPE_ONELEVEL = 1

Set objConnection = CreateObject("ADODB.Connection")
objConnection.Open "Provider=ADsDSOObject;"

Set objCommand = CreateObject("ADODB.Command")
objCommand.ActiveConnection = objConnection
objCommand.Properties("searchscope") = ADS_SCOPE_ONELEVEL

objCommand.CommandText = _
 "SELECT name FROM 'LDAP://ou=Management,dc=NA,dc=fabrikam,dc=com'"

Set objRecordSet = objCommand.Execute

While Not objRecordset.EOF
 Wscript.Echo objRecordset.Fields("name")
 objRecordset.MoveNext
Wend

objConnection.Close

The remaining tasks in this section show script examples that use LDAP search dialect. For more information about using SQL search dialect to perform an Active Directory search, see the Active Directory Programmers Guide link on the Web Resources page at http://technet.microsoft.com/en-us/windowsserver/bb633748.aspx.

Was this page helpful?
(1500 characters remaining)
Thank you for your feedback
Show:
© 2014 Microsoft