我有这个ADOQuery:
SQL.Text := 'SELECT samAccountName FROM ''GC://' + sADForestName + ''' ' +
'WHERE objectCategory=''user'' ' +
'AND distinguishedName=''' + sADUserName + ''' ' +
'AND memberOf=''' + sADGroupName + '''';
这对于用户来说是合适的, 但我还需要使用LDAP_MATCHING_RULE_IN_CHAIN检查嵌套组:
SQL.Text := 'SELECT samAccountName FROM ''GC://' + sADForestName + ''' ' +
'WHERE objectCategory=''user'' ' +
'AND distinguishedName=''' + sADUserName + ''' ' +
'AND memberOf:1.2.840.113556.1.4.1941:=''' + sADGroupName + '''';
但是这个请求没有执行,我在调用ADOQuery.Open时遇到错误; (翻译自俄语):“处理命令时有一个或多个错误”
这是我的错误请求?
答案 0 :(得分:1)
谢谢大家,我找到了使用ADOCommand的决定:
var ADOConnection, ADOCmd, Res: Variant;
ADOConnection := CreateOleObject('ADODB.Connection');
ADOCmd := CreateOleObject('ADODB.Command');
try
ADOConnection.Provider := 'ADsDSOObject';
ADOConnection.Open('Active Directory Provider');
ADOCmd.ActiveConnection := ADOConnection;
ADOCmd.Properties('Page Size') := 100;
ADOCmd.Properties('Timeout') := 30;
ADOCmd.Properties('Cache Results') := False;
sBase := '<GC://' + sADForestName+ '>';
sFilter := '(&(objectCategory=person)(objectClass=user)' +
'(distinguishedName=' + sADUserName + ')' +
'(memberOf:1.2.840.113556.1.4.1941:=' + sADGroupName + '))';
sAttributes := 'sAMAccountName';
ADOCmd.CommandText := sBase + ';' + sFilter + ';' + sAttributes + ';subtree';
Res := AdoCmd.Execute;
if Res.EOF then User := ''
else User := Res.Fields[0].Value;
finally
ADOCmd := NULL;
ADOConnection.Close;
ADOConnection := NULL;
end;