Step 1: Creating a Linked Server.
EXEC sp_addmediaserver 'adsi', 'active Directory Services 100', 'adsdsoobject', 'adsdatasource'
Step 2: Creating a SQL Server Authenticated Login
EXEC sp_add1_srvlogin @ rmtsrvname = N 'adsi', @ locallogin = NULL, @ useself = N 'false', @ rmtuser = N 'domain \ account', @ rmtpassword = N 'Password'
For SQL Server authorized logon, you can use sp_addjavassrvlogin system stored procedure configuration to connect to the appropriate logon/password for the Directory Service.
See here: http://blogs.msdn.com/euanga/archive/2007/03/22/faq-how-do-i-query-active-directory-from-sql-server.aspx
If SQLServer uses Windows-authorized logon, you only need to use self- ing to access AD by using SQL Server Security delegation. Simply put, you can directly run the Step 3 Statement.
Step 3: Querying the Directory Service.
Copy codeThe Code is as follows:
-- Query for a list of User entries in an OU using the SQL query dialect
Select convert (varchar (50), [Name]) as FullName,
Convert (varchar (50), Title) as Title,
Convert (varchar (50), TelephoneNumber) as PhoneNumber
From openquery (ADSI,
'Select Name, Title, TelephoneNumber
From ''ldap: // OU = Directors, OU = Atlanta, OU = Intellinet, DC = vizability, DC = intellinet, DC = com''
Where objectClass = ''user ''')
-- Query for a list of Group entries in an OU using the SQL query dialect
Select convert (varchar (50), [Name]) as GroupName,
Convert (varchar (50), [Description]) GroupDescription
From openquery (ADSI,
'Select Name, Description
From ''ldap: // OU = VizAbility Groups, DC = vizability, DC = intellinet, DC = com''
Where objectClass = ''group ''')
Reference:
Http://msdn2.microsoft.com/en-us/library/aa772380.aspx
Http://www.atlantamdf.com/presentations/AtlantaMDF_111201_examples.txt
Note: by default, 1000 objects are queried. How can this problem be solved?
Method 1: cycle through letters. See the following:
Copy codeThe Code is as follows:
Create table # tmpADUsers
(EmployeeId varchar (10) NULL,
SAMAccountName varchar (255) not null,
Email varchar (255) NULL)
GO
/** // * AD is limited to send 1000 records in one batch. In an ADO interface you can define this batch size, not in OPENQUERY.
Because of this limitation, we just loop through the alphabet.
*/
DECLARE @ brief STR varchar (255)
DECLARE @ nAsciiValue smallint
DECLARE @ sChar char (1)
SELECT @ nAsciiValue = 65
WHILE @ nAsciiValue <91
BEGIN
SELECT @ sChar = CHAR (@ nAsciiValue)
EXEC master .. xp_sprintf @ brief str output, 'select employeeId, SAMAccountName, Mail from openquery (ADSI, ''select Mail, SAMAccountName, employeeID FROM ''' LDAP: // dc = central, dc = mydomain, dc = int ''' WHERE objectCategory = ''' Person ''' AND SAMAccountName = ''' % s *'''''') ', @ sChar
INSERT # tmpADUsers
EXEC (@ brief Str)
SELECT @ nAsciiValue = @ nAsciiValue + 1
END
Drop table # tmpADUsers
The above method originated from: http://www.sqlservercentral.com/Forums/Topic231658-54-1.aspx#bm231954
My recommended method: I found it at Microsoft.How to Use NTDSUtil to modify the maxPageSize limit for the server
1. |
ClickStart, And then clickRun. |
2. |
InOpenText box, typeNtdsutil, And then press ENTER. To view help at any time, type?At the command prompt. |
Modifying policy settings
1. |
At the Ntdsutil.exe command prompt, typeLDAP policies, And then press ENTER. |
2. |
At the LDAP policy command prompt, typeSetSettingToVariable, And then press ENTER. For example, typeSet MaxPoolThreads to 8.
This setting changes if you add another processor to your server. |
3. |
You can useShow ValuesCommand to verify your changes.
To save the changes, useCommit Changes. |
4. |
When you finish, typeQ, And then press ENTER. |
5. |
To quit Ntdsutil.exe, at the command prompt, typeQ, And then press ENTER. |
Source:
Http://support.microsoft.com/kb/315071/en-us
Http://support.microsoft.com /? Scid = kb % 3Bzh-cn % 3B299410 & x = 16 & y = 10
How to use SQL to query Active Directory object Syntax: http://www.microsoft.com/china/technet/community/columns/scripts/sg0505.mspx#EMBAC