我正在尝试使用VBA从Excel查询LDAP。当我使用OR关键字通过CN获取记录时它可以正常工作,但是使用IN关键字它会失败:
失败(错误80040e14):
Function GetUsersProperty(ByVal users As String, ByVal returnField As String)
Dim usersProperty As New Collection
Set cmd = CreateObject("ADODB.Command")
Set cn = CreateObject("ADODB.Connection")
Set rs = CreateObject("ADODB.Recordset")
cn.Open "Provider=ADsDSOObject;"
cmd.CommandText = _
"SELECT cn, " & returnField & _
" FROM 'LDAP://" & GetObject("LDAP://RootDSE").get("defaultNamingContext") & _
"' WHERE objectClass = 'User' AND objectCategory = 'Person' AND cn IN (" & users & ")"
'assuming there are multiple users names in colons inside 'users' separated with comma
cmd.ActiveConnection = cn
Set rs = cmd.Execute
'On Error Resume Next
While rs.EOF <> True And rs.BOF <> True
usersProperty.Add Item:=rs.Fields(returnField).Value, Key:=rs.Fields("cn").Value
rs.MoveNext
Wend
Set GetUsersProperty = usersProperty
Set cmd = Nothing
Set cn = Nothing
Set rs = Nothing
End Function
如果我使用
替换WHERE下的cmd.CommandText,则无效
"' WHERE objectClass = 'User' AND objectCategory = 'Person' AND (cn = " & user1 & " OR cn = " & user2 & ")"
问题在于,由于更容易理解和更容易列表形成,我使用IN。是否可以这样做?
答案 0 :(得分:0)
我找到了问题的答案 - 由于LDAP架构限制,我不想采取的行动。
有一篇非常好的文章,描述了在查询LDAP时不应该发生什么:http://mysqldump.azundris.com/archives/74-LDAP-is-not-relational.html