我的Active Directory中有多个域,如下所示:
pnc.com→根域
europe.pnc.com→子域
asia.pnc.com→儿童域
americas.pnc.com→子域名
我想编写一个VBScript,可以在整个林中搜索用户并向我显示用户对象的位置。
我过去曾尝试过像这样搜索,但我必须提供确切的域名。
答案 0 :(得分:1)
您需要为下级域启用referral chasing:
Set rootDSE = GetObject("LDAP://RootDSE")
base = "<LDAP://" & rootDSE.Get("defaultNamingContext") & ">"
filter = "(&(objectClass=user)(objectCategory=Person))"
attr = "distinguishedName"
scope = "subtree"
Set conn = CreateObject("ADODB.Connection")
conn.Provider = "ADsDSOObject"
conn.Open "Active Directory Provider"
Set cmd = CreateObject("ADODB.Command")
Set cmd.ActiveConnection = conn
cmd.Properties("Chase referrals") = &h20
cmd.CommandText = base & ";" & filter & ";" & attr & ";" & scope
Set rs = cmd.Execute
...当天我写了一个wrapper class for AD queries,默认启用此功能:
'add/import class here
Set qry = New ADQuery
qry.Filter = "..."
qry.Attributes = Array("sAMAccountName", ...)
Set rs = qry.Execute
...