LDAP bind fails on certain cn's
-
Tuesday, November 20, 2012 11:09 AM
To begin, this is a simple lookup, there is no authentication error. Error return code is hex 5B. This is all in vbscript.
I'm trying to do a simple lookup using GetObject. I'm using another lookup to get the DN of all group managers for all groups in an OU. I then take those DN's and directly bind using GetObject ("LDAP ---) as per normal and lookup the CN and telephone number to produce a list of groups/managers/phone numbers. This works fine, save on a few particular users. The common factor in each case is that the DN contains an identifier for the office they work for, and these are people who work in more than one office, so their office ID's are separated by a "/" symbol. This is a special symbol to LDAP and it appears to be breaking the lookup by trying to find the remaining part of that DN as the container for the first part. Since this doesn't exist, it's a not found error. It works perfectly if there is no "/" in the string. Since the lookup fails, prior runs on this have been made assuming the groups have no manager. I had the program list intermediate data and found the dropouts.
Yes, I can look up all users on the domain and compare each with my list of DN's, but that's slow and ties up a DC for a while. Any better suggestions?
All Replies
-
Tuesday, November 20, 2012 11:19 AM
- Marked As Answer by PWDavis Tuesday, November 20, 2012 12:41 PM
-
Tuesday, November 20, 2012 12:41 PM
Searched for something like that, couldn't find it. Sometimes search can be frustrating. Thanks!
This is really weird, because the DN reads with commas escaped, but not the "/". Otherwise, it would not have worked at all. This appears to be some kind of oversight in the way the group manager is read by VB.
- Edited by PWDavis Tuesday, November 20, 2012 1:07 PM
.png)
