Late to the party. :) I'm pretty sure there is no .NET in here. This is VB6.
I'm pretty sure Eric's diagnosis was correct though. Otherwise, I probably wouldn't know. I don't really use IADsContainer or its .NET version. I search for everything. Joe K. -----Original Message----- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of Mulnick, Al Sent: Thursday, February 03, 2005 9:31 AM To: [email protected] Subject: RE: [ActiveDir] LDAP and Win2003 Question Based on the code presented, it looks more like a bug in .NET. That's exactly how the iadscontainer::getobject method is supposed to be used. If there is any order dependency, it's with .NET, but I would not have expected it to care about the order. I'd post this to a vb.net newsgroup and see what comes back. Unless Joe K. is around and sees something off the bat :) Al -----Original Message----- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of Eric Fleischman Sent: Wednesday, February 02, 2005 11:58 PM To: [email protected] Subject: RE: [ActiveDir] LDAP and Win2003 Question We don't guarantee the order that a set of values in a given attribute is returned to the client. That said, if you depend on order, you'll have problems now or in the future. It's not a matter of if, only when. :) You want to make any code you have which relies on order become order insensitive. That should resolve this issue if I understand it correctly. ~Eric ________________________________ From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of Elena Mananova (DSL AK) Sent: Wednesday, February 02, 2005 8:17 PM To: [email protected] Subject: [ActiveDir] LDAP and Win2003 Question Hi In the current system we used to have business layer (accessing user details in LDAP) and LDAP running on two servers, both of which were Windows 2000. Recently we have migrated business layer server to Windows 2003 machine. Now we have problem. We can't access data of some of the users. The business layer code retrieving user details is written in VB and as follows: Dim oDS As IADs Dim sDN As String dim moUsers As IADsContainer sDN = "LDAP://ldapserver:389/ou=users,o=abc,c=nz"; Set oDS = GetObject("LDAP:") Set moUsers = oDS.OpenDSObject(sDN, "cn=admin,o=abc,c=nz", "Password", 0) Set oDS = Nothing Dim oPList As IADsPropertyList Dim oUser As User Set oPList = moUsers.GetObject("inetOrgPerson", "cn=myUserName") If oPList Is Nothing Then RaiseError Else Set oUser = New User oUser.Initialise oPList Set GetUser = oUser Set oUser = Nothing End If When viewing user details in LDAP (we are using JXplorer tool) there is a minor difference between the way the users' data is displayed for those users that we can retrieve details for and those that we can't. Besides the standard object classes (top, person, organizationalPerson and inetOrgPerson) we also have custom classes. These are abcOrgPerson, abcOrgPerson2 and nxAccountInfo. The users that we can retrieve data for have these classes displayed in the following order: nxAccountInfo abcOrgPerson2 abcOrgPerson inetOrgPerson top person organizationalPerson For the "non-working" users this order is: inetOrgPerson nxAccountInfo abcOrgPerson2 abcOrgPerson top person organizationalPerson I have tried to manually change the class order but it did work. I am not quite sure why the order is different. The line of code that fails is Set oPList = moUsers.GetObject("inetOrgPerson", "cn=myUserName") If I change "inetOrgPerson" parameter to "abcOrgPerson2" then the "non-working" users' details can be retrieved but not the "working" users' details. So it seems that the class order matters for Windows 2003 (LDAP is still sitting on Wind2000 machine however). This same scenario runs without problems from the Win2000 business layer machine. If anyone can share any advice or ideas it will be highly appreciated. I have not had much experience with Active Directories and it's a mystery for me. Thanks List info : http://www.activedir.org/List.aspx List FAQ : http://www.activedir.org/ListFAQ.aspx List archive: http://www.mail-archive.com/activedir%40mail.activedir.org/ This message is for the designated recipient only and may contain privileged, proprietary, or otherwise private information. If you have received it in error, please notify the sender immediately and delete the original. Any other use of the email by you is prohibited. List info : http://www.activedir.org/List.aspx List FAQ : http://www.activedir.org/ListFAQ.aspx List archive: http://www.mail-archive.com/activedir%40mail.activedir.org/
