September 2003
Intermediate to advanced
624 pages
15h 49m
English
Content preview from Active Directory CookbookBecome an O’Reilly member and get unlimited access to this title plus top books and audiobooks from O’Reilly and nearly 200 top publishers, thousands of courses curated by job role, 150+ live events each month,
Start your free trial
4.6. Searching the Global Catalog
Problem
You want to perform a forest-wide search using the global catalog.
Solution
Using a graphical user interface
Open LDP.
From the menu, select Connection → Connect.
For Server, enter the name of a global catalog server.
For Port, enter 3268.
Click OK.
From the menu, select Connection → Bind.
Enter credentials of a user.
Click OK.
From the menu, select Browse → Search.
For BaseDN, type the base distinguished name where to start the search.
For Scope, select the appropriate scope.
For Filter, enter an LDAP filter.
Click Run.
Using a command-line interface
> dsquery *<BaseDN>-gc -scope<Scope>-filter "<Filter>" -attr "<AttrList>"
Using VBScript
' This code searches the global catalog ' ------ SCRIPT CONFIGURATION ------ strBase = "<GC://<BaseDN>>;" strFilter = "<Filter>;" strAttrs = "<AttrList>;" strScope = "<Scope>" ' ------ END CONFIGURATION --------- set objConn = CreateObject("ADODB.Connection") objConn.Provider = "ADsDSOObject" objConn.Open "Active Directory Provider" set objRS = objConn.Execute(strBase & strFilter & strAttrs & strScope) objRS.MoveFirst while Not objRS.EOF Wscript.Echo objRS.Fields(0).Value objRS.MoveNext wend
Discussion
The global catalog facilitates forest-wide searches. When you perform a normal LDAP search over port 389, you are searching against a particular partition in Active Directory, whether that is the Domain naming context, Configuration naming context, Schema naming context, or application partition. If you have multiple domains ...