I’m trying to retrieve user information in Active Directory, but am finding some things to be poorly documented. For example, the LDAP connection strings I have seen contain some keywords that I don’t know the meaning of. Here’s a sample:
LDAP://ofmdcoly302.ofm.wa.lcl/ou=employees,dc=ofm,dc=wa
What are the keywords “ou” and “dc” supposed to signify? In our case “ou=employees” seems to identify a particular AD node. However when I try to do a .FindAll() on the above directory entry, I get “A referral was returned from the server”. I guess that means it couldn’t find what I was looking for, but it might be available somewhere else? In one place I read “A referral is AD’s way of saying, ‘this object probably exists in another domain'”.
What are “ou” and “dc” supposed to mean? And if I had this A/D structure, how would I code the LDAP connetion string to retrieve information in the “AR” node:
This entry has two mistakes: it’s not using root (dc=lcl), you also skipped one ou, should be
ou=employees,ou=Users - OFMGOV,dc=ofm,dc=wa,dc=lclTBH if your really want to understand this notation I would suggest using ADSI Edit instead of ADUC that you probably use ATM – it will show you path the same way, so it will be easier to translate. It will also prevent you from shooting yourself in a foot with special containers like ‘CN=Users’ and ‘CN=Computers’:
For the OU you have highlighted it would most likely be:
ou=AR,ou=Citrix,ou=Users - OFMGOV,dc=ofm,dc=wa,dc=lcl