Home/ Questions/Q 5992103
In Process

The Archive Base Latest Questions

Editorial Team
  • 0
Asked: 2026-05-22T23:29:00+00:00

I’ve been asked to look at windows service which retrieves data from an Active

  • 0

I’ve been asked to look at windows service which retrieves data from an Active Directory tree using the win32 LDAP API and outputs JSON data to a text file. It works fine but I need to modify it so that the i get the ‘pre windows 2000’ login name. The service is written in c++.

The service already successfully retrieves various other attribute strings using:

PTSTR *pszValues=ldap_get_values(pLdap,pEntry,szAttribute);

and:

if (_tcscmp(szAttribute,TEXT("uUsnChanged"))==0)            // uSNChanged is an example of an attribute
pItemInfo->uUsnChanged=_tcstoui64(pszValues[0],NULL,10);    // pItemInfo is a struct defined elsewhere to hold the results for any given entry

i looked on http://msdn.microsoft.com/en-us/library/ms679021(v=VS.85).aspx to see if there is an attribute for ‘pre windows 2000’ login or something similar in the hope that I could just add this as another ‘szAttribute’ (to replace “uUsnChanged” in this example) and had no luck. Looking at the API i have been unable to come up with a way of getting this information.

i found the attribute ‘sAMAccountName’ which i thought would provide the information needed but it only gives me the name part of the DOMAIN/name format. Typical, it’s the other part i want!

does anyone have any ideas on how to get the ‘pre windows 2000’ string from ‘pEntry’?

@JPBlanc We are getting the correct nETBIOSName attribute now when running it on the test server. The app works on the assumption that there is a maximum of one nETBIOSName attribute per DC. It finds it by doing the following:

gets the default host using ldap_init(NULL,0)

get the ‘configuration naming context’ using ldap_search_s(pLdap,NULL,LDAP_SCOPE_BASE,NULL,pszAttrs,FALSE,&pResults); passing in the connection handle as the first parameter

retrieves the ‘configurationNamingContext’ attribute using ldap_get_values(pLdap,pEntry,TEXT("configurationNamingContext"));

concatenates “CN=Partitions,” to the beggining of the string giving something like “CN=Partitions,CN=Configuration,DC=domain,DC=com,DC=au”

it then performs a search using ldap_search_s(pLdap,szPartitionNC,LDAP_SCOPE_SUBTREE,TEXT("(nETBIOSName=*)"),pszAttrs,FALSE,&pResults);

then it loops through the results looking for anything with a ‘nETBIOSName’ attribute and once it finds one it breaks out of the loop and returns the value.

Do you know if this is sufficient to work in any AD configuration?

Share

Leave an answer

You must login to add an answer.

Need An Account,

1 Answer

  1. Editorial Team

    Be careful, the Domain part of the ‘pre windows 2000 domain’ can be completly different from the user Principal Name (user@domain) use to logon onto Active-Directory. the DOMAIN is the Primary Domain Controleur name or the Netbios domain name. DOMAIN is created during domain creation, by default it’s part of the DNS name, but it can be completly changed during domain creation.

    You can find it with nETBIOSName attribute :

    ldifde -f netbios.ldf -d "CN=Partitions,CN=Configuration,DC=your-DNS-Name" -r "(netbiosname=*)"

    A best filter would be

    (&(objectcategory=crossref)(dnsHostName=<DomainDNSName>)(netbiosname=*))
    • 0