I have this ADOQuery:
SQL.Text := 'SELECT samAccountName FROM ''GC://' + sADForestName + ''' ' +
'WHERE objectCategory=''user'' ' +
'AND distinguishedName=''' + sADUserName + ''' ' +
'AND memberOf=''' + sADGroupName + '''';
And this is work fine to get group for user, but I need also check nested groups using LDAP_MATCHING_RULE_IN_CHAIN:
SQL.Text := 'SELECT samAccountName FROM ''GC://' + sADForestName + ''' ' +
'WHERE objectCategory=''user'' ' +
'AND distinguishedName=''' + sADUserName + ''' ' +
'AND memberOf:1.2.840.113556.1.4.1941:=''' + sADGroupName + '''';
But this request does not executed, I'm got error when calling ADOQuery.Open; (translated from Russian): "There was one or more errors while processing the command"
This is my error with request?
Thank you all guys, I found decision using ADOCommand:
var ADOConnection, ADOCmd, Res: Variant;
ADOConnection := CreateOleObject('ADODB.Connection');
ADOCmd := CreateOleObject('ADODB.Command');
try
ADOConnection.Provider := 'ADsDSOObject';
ADOConnection.Open('Active Directory Provider');
ADOCmd.ActiveConnection := ADOConnection;
ADOCmd.Properties('Page Size') := 100;
ADOCmd.Properties('Timeout') := 30;
ADOCmd.Properties('Cache Results') := False;
sBase := '<GC://' + sADForestName+ '>';
sFilter := '(&(objectCategory=person)(objectClass=user)' +
'(distinguishedName=' + sADUserName + ')' +
'(memberOf:1.2.840.113556.1.4.1941:=' + sADGroupName + '))';
sAttributes := 'sAMAccountName';
ADOCmd.CommandText := sBase + ';' + sFilter + ';' + sAttributes + ';subtree';
Res := AdoCmd.Execute;
if Res.EOF then User := ''
else User := Res.Fields[0].Value;
finally
ADOCmd := NULL;
ADOConnection.Close;
ADOConnection := NULL;
end;