How to query the User List from MS Active Directory

Board Support
Board Support Employee
500 Likes Photogenic
edited June 2023 in Support Articles

If have several tens if not hundreds of users it's likely you're adopting the Enterprise Security Application to manage their credentials

In such situation you need a fast and easy method to get your Users' List into the Application Database, possibly querying your MS Active Directory.

 

It is important to know that Microsoft Provides an OLE-DB provider to connect to Active Directory Service. 

image

 

If not available as part of your OS yet, you can easily download it from several and different MS Packages. Just Google.

At this point your can build a Board Data Connection (OLE-DB Type) with a proper Connection String

 

image.png

such as

Provider=ADSDSOObject; Integrated Security = SSPI

 Username and Password can be explicitly named (UserID and Password)  or integrated through Windows Authentication (Integrated Security=SSPI)

 Attention after clicking on "Save & Connect" button you get a warning message ("Empty or not available Database" ) . Please ignore it ; AD Data are not in a database format , its schema is not available.

Build now your Board Data-reader configuring a Manual Query. Please see the sample below :

Select userAccountControl, employeetype, physicalDeliveryOfficeName, department, company, title,
from 'LDAP://myADServer.com/OU=OrganizationalUnit,DC=DOMAIN,DC=NAME'
WHERE objectClass='user' and objectClass = 'person'

 

This Query returns the list of all the users and some of their most popular attributes you may need.

Comments

  • Unknown
    Unknown Active Partner
    edited February 2018

    The same approach can be used for a variety of other systems accessible through properly formatted connection strings. Here is a resource for connection strings for other apps and systems. 

     

    ConnectionStrings.com - Forgot that connection string? Get it here! 

  • Fabio Donatellis
    Fabio Donatellis Employee
    Fourth Anniversary 10 Comments 25 Likes Level 100: Foundations of Building in Board
    edited February 2018

    Connection string is only one way to configure a driver.

    In Board can be used only if an OLE DB provider 64bit is installed on the server.

     

    Fabio

  • Unknown
    Unknown
    edited April 2018

    Is there a way to leverage this that works around the 1000 row limit in the AD query?  We need to download over 20,000 users.  We considered breaking it out into 26 data readers by alphabet using first character of user name but still this didn't resolve as some letters have over 2K records.

  • Unknown
    Unknown Active Partner
    edited April 2018

    I suspect that's a limitation of the ODBC connection. You may want to pull the list down with a script first, and then load it as a CSV file. Here is an article explaining how to do so.

     

    Powershell Script to export Active Directory users to CSV 

Categories