Retrieving information from Active Directory through OLE-DB

Do you have a question? Post it now! No Registration Necessary.  Now with pictures!

In this brief tutorial I'll describe how you retrieve information from
an Active Directory through the OLE-DB extension. While it is possible
to use the LDAP extension to achieve the same goal, as you will see
using Microsoft's OLE-DB provider is much easier.

You will need to download and install the OLE-DB extension. Here's the
location once again: .
See my earlier tutorial on Indexing Service for set-up instructions.

The first thing we do is open a connect to the AD provider:

   $link = oledb_open("Provider=ADSDSOObject");

If the web server is not on the network, then we'd need to provide the
name and password of an account on the network:

   $link = oledb_open("Provider=ADSDSOObject;

Once that's done we can query the directory. A nicety of the Active
Directory Service OLE-DB provider is that it understands SQL, so you
don't need to learn a new query language. To retrieve a list of e-mail
addresses, we'd do the following:


   $link = oledb_open("Provider=ADSDSOObject");
   $table= 'LDAP://domain';
   $sql = "SELECT cn, mail
              FROM '$table'
              WHERE objectClass = 'user'
              AND objectCategory = 'person'
              AND mail = '*' ";
   while($row = oledb_fetch_assoc($res)) {


The table name used in the FROM clause is the ADsPath of the node from
which we start the search. In the example we just use the NT domain
name to search the whole directory. Depending on the complexity of your
directory you might want to specify something a little more

The objectClass = 'user' AND objectCategory = 'person' criteria
specifies that we want records of users who are actually people. The
mail = '*' part ensures that we don't get records with no e-mail
address. The "IS NOT NULL" syntax is not supported.

The result of the query would look something like this:

array(3) {
  string(16) ""
  string(14) "Bob Thomas"

cn is the "common name" of the LDAP object. For a person it's first
name plus last name. If we'd asked for displayName, then we'd have
gotten "Thomas, Bob" instead. mail is the person's e-mail address. The
zeroth element in the array is the index of the record. For some reason
the OLE-DB provider insists on returning it. It can be ignored.

Now, suppose we want to get the e-mail addresses of people in the
office whose last name starts with the letter L. To do this we do a
wildcard match on the sn (short for surname) column:

   $sql = "SELECT displayName, sn, mail
              FROM '$table'
              WHERE objectClass = 'user'
              AND objectCategory = 'person'
              AND sn = 'L*'
              AND mail = '*' ";

To find the telephone number of a particular person, we do an exact
match on the sn and givenName (i.e. first name) columns:

   $sql = "SELECT givenName, sn, telephoneNumber
              FROM '$table'
              WHERE objectClass = 'user'
              AND objectCategory = 'person'
              AND sn = 'Henderson'
              AND givenName = 'Emmanuel' ";

In addition to personal information, Active Directory also holds
information about computing resources on the network. To get a list of
computers and the operation system installed, we'd use this query:

   $sql = "SELECT cn, operatingSystem, operatingSystemServicePack
              FROM '$table'
              WHERE objectClass = 'computer' ";

To get a list of printers and their physical location:

    $sql = "SELECT printerName, physicalLocationObject
               FROM '$table'
               WHERE objectClass = 'printQueue' ";

Obviously if no had bothered to enter the location of the printer at
some point, that wouldn't be available. Active Directory isn't magic
after all. It's simply a database and you can only get what has once
been put it.

The complete Active Directory schema can be found here:

Site Timeline