Search For All Locations In Active Dirrectory Via LDAP

0
votes

I'm working in PL/SQL and searching LDAP ( with A.D defining the schema) for all locations. Right now I can apply a simple search and find all users. Each user has the address information via the following properties:

'physicalDeliveryOfficeName';
'streetAddress';
'l';--city
'st';--state
'postalCode';--zip code

However, I would like to search for all the locations separate from the search done for people. Is it possible to search Active directory to just find the locations(with out looking up each person) ? If so what would the search filter look like ? I tried objectClass=Physical-Location,DC=example,DC=com and didn't find any locations (beyond the schema) . I'm not sure if that's because there's a security issue, or its not possible to look up locations in that way.

1
active-directoryldap

1 Answers

0
votes

What you have listed are attributes in AD. You can return attributes in searches and search for specific values but you'll always return the objects the attributes are attached to (in this case users). You're a little light on the details of how you're searching so I'll take a stab.

You can load just the location attributes you're looking for, be it State, City, etc.

var domain = "mydomain.com";
var dn = "CN=Users,DC=mydomain,DC=com";

var ldapSearchFilter = "(objectClass=user)";
var connection = new LdapConnection(domain);
var attributeList = new string[] { "physicalDeliveryOfficeName", "l", "st"};

try
{
    var searchRequest = 
            new SearchRequest(dn, ldapSearchFilter,
                              SearchScope.OneLevel,
                              attributeList);

var searchResponse = 
            (SearchResponse)connection.SendRequest(searchRequest);

var locationList = (from SearchResultEntry entry in searchResponse.Entries 
                    select entry.Attributes["physicalDeliveryOfficeName"][0].ToString())
                    .Distinct().ToList();

catch (Exception ex)
{
    //Handle errors
}

One thing to keep in mind with this example. If the attributes aren't populated in AD, the WriteLine will throw an error when trying to read the attribute. If you are using some other search type (DirectorySearcher maybe) you should still be able to load just the attributes you want to get back.