ADsDSOObject Provider and OpenLDAP

[Olivier Matrot]

I'm trying to use the ADsDSOObject provider to query an OpenLDAP server with
the ATL Consumer Templates.
Here is the connection string I'm using :
"Provider=ADsDSOObject;User
ID=cn=administrateur,dc=rtetest,dc=org;Password=rtekb;Encrypt
Password=False;Mode=Read;Bind Flags=0"
And the query :
"LDAP://192.168.3.118/dc=rtetest,dc=org;(&(objectClass=inetOrgPerson));sn,cn
;subtree"

The problem is that everything is fine until I run through the first
MoveNext Call. I get an DB_E_ERRORSOCCURRED.

The same credentials and query used in ADSI runs fine.

TIA.

[Yan-Hong Huang[MSFT]]

Hello Olivier,

Based on my understanding, currently you are using ATL to query an OpenLDSP server using ADSDSOObject provider. When you use
MoveNext, you got DB_E_ERRORSOCCURRED errro. Right?

I have VB code which can successfully run it. Could you please test it on your side?

'enumerate mailbox and cr
' Values to set
strServer = "karenwo"
strOrganization = "Microsoft"
strNTUser = "cn=NTuser,dc=domain"
strNTPassword = "password"

Set objADOconn = CreateObject("ADODB.Connection")
Set Com = CreateObject("ADODB.Command")
objADOconn.Provider = "ADSDSOObject"

'------------------------------------------------------------------------------

' If you want to be authenticated as someone other than currently logged on
user
' use the connection properties of User ID and Password.
'------------------------------------------------------------------------------

objADOconn.Properties("User ID") = strNTUser
objADOconn.Properties("Password") = strNTPassword

objADOconn.Open "ADs Provider"

'Create a command object on this connection
Set Com.ActiveConnection = objADOconn

'---------------------
'Set the query string.
'---------------------
searchClass = "organizationalPerson"
searchClass2 = "Remote-Address"

adDomainPath = "LDAP://" & strServer & "/o=" & strOrganization

Com.CommandText = "select ADsPath, uid, title, givenName, sn,
physicalDeliveryOfficeName,telephoneNumber from '" & adDomainPath & "' where
objectClass='" & searchClass & "'or objectClass='" & searchClass2 & "'"

'-------------------------------
'Set the preferences for search.
'-------------------------------
Com.Properties("Page Size") = 100
Com.Properties("Timeout") = 30 'seconds
Com.Properties("searchscope") = ADS_SCOPE_SUBTREE 'Define in ADS_SCOPEENUM
Com.Properties("Cache Results") = False ' do not cache the result, it results
in less memory requirements


'-------------------
'Execute the query.
'-------------------
Set RS = Com.Execute


Debug.Print "Executed"

'------------------------
' Navigate the record set.
'------------------------
While Not RS.EOF
Debug.Print "Alias = " & RS.Fields("UID").Value
Debug.Print "Name = " & RS.Fields("givenName").Value & " " & RS.Fields("sn")
Debug.Print "Title = " & RS.Fields("Title").Value
Debug.Print "Office = " & RS.Fields("physicalDeliveryOfficeName").Value
Debug.Print "Telephone = " & RS.Fields("telephoneNumber").Value
RS.MoveNext
Wend

RS.Close

I think you can revise ATL code according to it. If the problem still exists, please let me know:

1) Is the problem only happening to inetOrgPerson class?
2) When the error happens, where is the cursor? In the end of the recordset or in the beginning of the recordset?
3) If you could provide a small repro sample to us, that is much appreciated. Please also let me know detailed repro steps. You can reach
me by removing online from my email address here.

Thanks very much.

Best regards,
Yanhong Huang
Microsoft Community Support

Get Secure! ¨C www.microsoft.com/security
This posting is provided "AS IS" with no warranties, and confers no rights.

[Olivier Matrot]

I've tested your code with the following parameters :

strServer = "192.168.3.118"
strOrganization = "dc=rtetest,dc=org"
strNTUser = "cn=administrateur,dc=rtetest,dc=org"
strNTPassword = "rtekb"

There is no error but no results at all.

Can you please provide a command in LDAP format ?

"Yan-Hong Huang[MSFT]" <yhh...@online.microsoft.com> wrote in message
news:A7fhiPrT...@cpmsftngxa10.phx.gbl...

[Olivier Matrot]

It seems that OpenLDAP is not a V3 compliant server because the only
attribute that I can obtain in a search is AdsPath. There is no schema
information cached on the system when I run the code.

http://support.microsoft.com/default.aspx?scid=http://support.microsoft.com:80/support/kb/articles/q251/1/95.asp&NoWebContent=1

"Olivier Matrot" <olivier...@online.nospam> wrote in message
news:uA4QjseU...@TK2MSFTNGP09.phx.gbl...

[Yan-Hong Huang[MSFT]]

Hi Olivier,

If so, I suggest you also refer to http://www.openldap.org/ besides posting
here. There are several FAQs and maillists on OpenLdap server, where you
can get quicker help on the features that it suports now.

By the way, I noticed that the newest version of OpenLDAP is 2.2.13 now.

[Olivier Matrot]

Here is the response they gave me :
>> Hello,
>>

>> In accordance with the Request for Comments (RFC) 2251, LDAP version

>> 3 servers are expected to expose a subSchemaSubEntry attribute off

>> the root of the directory service enterprise (the rootDSE).

>>

>> Is it true for OpenLDAP ?

>

> Yes. Try

> ldapsearch -b cn=subschema -s base subschemasubentry ldapsearch -b

> cn=subschema -s base objectclass=subschema +

>

Now in order to determine where is the problem, I need to know if there is a
way to get debug information from the ADSDSOObject provider.

"Yan-Hong Huang[MSFT]" <yhh...@online.microsoft.com> wrote in message

news:ePii85n...@cpmsftngxa10.phx.gbl...

[Olivier Matrot]

I switched to Sun ONE Directory Server, which is LDAP V3 Compliant.

Using ADSI directly, it's working fine. I can create/Delete/Modify or Search
for objects for all attributes. I've found that the schema is cached on the
system as explained in 251189 ( INFO: Locating an LDAP Server Schema Cached
by ADSI )

Using ADSDSOObject Provider (which is read only), I can successfully search
but only retrieve the ADsPath attribute. I think that this is because I'm
doing a simple bind and have no schema information, which in turns prevent
the data conversion.

Could you confirm ?

"Yan-Hong Huang[MSFT]" <yhh...@online.microsoft.com> wrote in message

news:EsFzBQ2U...@cpmsftngxa10.phx.gbl...
> Hello Olivier,
>
> I am sorry if I have any misunderstanding here. Do you mean you want to
trace into the ADSDSOObject provider source code for
> debugging? I don't thing there is public symbol for ADSDSOObject provider.
You need to contact PSS to have one SP debug it for you if
> necessary.
>
> By the way, does the reply from OpenLDAP means your query is supposted to
be OK on that server?
>
> All the public symbol packages are on
http://msdl.microsoft.com/download/symbols. That is our public symbol
server.
>
> If you feel there is any we can do, please feel free to post here and we
will follow up. Thanks very much.

[Olivier Matrot]

Forget about it, it is working correctly now for both OpenLDAP & Sun ONE
Directory Server. I was using a string variable for multi-values attributes
8-(

Thank you very much.

"Olivier Matrot" <olivier...@online.nospam> wrote in message

news:O924sD3U...@tk2msftngp13.phx.gbl...

[Olivier Matrot]

Just one more thing.
It seems that with VB you can't work with multi-values attributes on LDAP V3
Directory Servers ! But I haven't tested your code with AD.

"Olivier Matrot" <olivier...@online.nospam> wrote in message

news:O924sD3U...@tk2msftngp13.phx.gbl...

[Yan-Hong Huang[MSFT]]

Hello Olivier,

My VB code is just for demo and so it may need to be changed under your situation. Anyway, I am glad that you have resolved the problem
by changing to multi-values attributes.

One more thing, if it is convenient for you, I suggest you share the code here so that the whole community could benefit from it. :)

Thanks very much and it is my pleasure to work with you.