从SQL Server 2008查询Active Directory [英] Querying Active Directory from Sql Server 2008
问题描述
我无法通过SQL Server查询AD。我添加了链接的服务器引用通过SQL活动目录两者(见下文),并通过SSMS图形用户界面,但我想不通的安全问题。
I cannot query AD via SQL Server. I add the linked server referencing the active directory both via SQL (see below) and through the SSMS GUI but I cannot figure out the security issues.
EXEC sp_addlinkedserver @server = 'ADSI', @srvproduct = 'Active Directory Services 2.5', @provider = 'ADSDSOObject', @datasrc = 'adsdatasource'
EXEC sp_addlinkedsrvlogin @rmtsrvname = 'ADSI', @useself = 'False', @locallogin = 'sa', @rmtuser = 'mylogin', @rmtpassword = 'mypassword'
因此查询失败说 ...该供应商表示用户没有执行该操作的权限。
SELECT * FROM OPENQUERY(ADSI, 'SELECT givenName, sn FROM ''LDAP://dc=mydomain,dc=com'' WHERE objectClass=''Person'' AND objectClass=''User''')
我大概有@locallogin,@rmtuser和@rmtpassword关闭,我混淆了每个参数的含义,以及如何正确的参数应该的;他们是否应该包括合并为一个字符串的用户名和密码,包括一个反斜杠,或者aerobase,或你有什么。
I probably have the @locallogin, @rmtuser, and @rmtpassword off and am confusing what each parameter means, and what the correct arguments should be; whether they should include user ID and password coalesced into one string including a backslash, or an aerobase, or what have you.
有什么建议?这并不重要的SQL Server数据库,它只是SS 08是更多的信息,由于智能感知的一点点。
Any suggestions? It does not matter which SQL Server database, it is just that SS 08 is more informative due to a modicum of Intellisense.
推荐答案
试验和错误导致我推断,@rmtuser参数期望域反斜线用户名;这似乎允许它可查询,对于现在
Trial and error led me to deduce that the @rmtuser parameter expects domain backslash user name; that seems to allow it to be queryable, for now.
这篇关于从SQL Server 2008查询Active Directory的文章就介绍到这了,希望我们推荐的答案对大家有所帮助,也希望大家多多支持IT屋!
