Geek Answers Handbook

Get List of LDAP Users Using PLSQL

One of the new requirements for our database application is to synchronize the contents of the user table with users in Active Directory. So basically I need to connect to the Active Directory server and get a list of usernames from the plsql procedure.

What I have achieved so far is connecting to an active directory server, using my own credentials, and requesting some attributes.

Example:

ldap_password := '****';
ldap_user     := 'cn=me,OU=Users,OU=mygroup,DC=mytown,DC=mycompany,DC=com';
ldap_base     := 'OU=Users,OU=mygroup,DC=mytown,DC=mycompany,DC=com';
search_filter := '(&(objectClass=Person)!((sn=him)(cn=me)))';
res_attrs(1)  := 'displayName';
res_attrs(2)  := 'cn';
res_attrs(3)  := 'telephoneNumber';

It seems I can only request my own attributes or someone else if I already know who it is someone else.

  • How to get a list of usernames?
  • Is this possible with any account or does it require an account with the appropriate privileges?
+5
3

script. . DBMS_LDAP.SCOPE_SUBTREE

+4

, Active Directory Oracle LDAP, , , . LDAP/AD, , , /, ( id/psw pswrd, pswrd, AD. , AD, , , - .

@ http://www.oracle-base.com/articles/9i/LDAPFromPLSQL9i.php

, Filter ( , , )

l_attrs(1) := '*'; -- retrieve all attributes
l_retval :=
    DBMS_LDAP.search_s(ld       => l_session,
                       base     => l_ldap_base,
                       scope    => DBMS_LDAP.SCOPE_SUBTREE,
                       filter   => 'objectclass=*',
                       attrs    => l_attrs,
                       attronly => 0,
                       res      => l_message);
+3

Active Directory 4 .

  • sAMAccountName (aka Pre-Windows2000 name) - 20 , .
  • userPrinicipalName, sAMAccountName@domain.name, , , AD . ( , - reset 2000 6000 AD.
  • displayName, ADUC (dsa.msc, Active Directory - )
  • CN= DN. ADUC, CN . - LDAP.

, ? , .

, , .

+1

More articles:


All Articles