Multidirectory - search from root of domain

Version 1
    This document was generated from CDN thread

    Created by: paul caligari on 14-04-2010 10:24:31 PM
    Hi All,

    I am hoping someone can help me with a question I have with the multidirectory script. I have managed to get this working fine when pointing directly to individual OUs in a domain but not when pointing to the domain itself. My organisation has multiple sub domains in one Active Directory forest.

    Ie:
    Domain.int
    -       Sub1.Domain.int
    -       Sub2.Domain.int
    -       Etc etc
     
    My question: Is it possible to search each sub domain at the root using multidirectory rather than just OUs? That way I can broaden our search to cover all sub domains in the forest.

    So far in my testing, the phone displays a 500 ¿ Internal server error and I receive an Operations Error in the IIS logs.
     
    2010-04-14 21:49:21 xx.xx.x.xx GET /ASP/multidirectory/AllDirs.asp - 80 - xx.xx.x.xx Allegro-Software-WebClient/4.34 200 0 0 31
    2010-04-14 21:49:22 xx.xx.x.xx GET /ASP/multidirectory/AllDirs.asp action=search&id=-1 80 - xx.xx.xx.xx Allegro-Software-WebClient/4.34 200 0 0 31
    2010-04-14 21:49:24 xx.xx.x.xx GET /ASP/multidirectory/AllDirs.asp action=list&id=-1|175|800a0001|Operations_error 80 - xx.xx.xx.xx Allegro-Software-WebClient/4.34 500 0 0 187

    My multidirectory setup is as follows.
    dirs[0] = new Directory("SubDomain1", "DC.sub1.domain.int", "DC=sub1,DC=domain,DC=int", "389", "CN=ldapvoip,CN=Users,DC=sub1,DC=domain,DC=int", "pass123", "");
    dirs[1] = new Directory("SubDomain2", "DC.sub2.domain.int", "DC=sub2,DC=domain,DC=int", "389", "CN=ldapvoip,CN=Users,DC=sub2,DC=domain,DC=int", "pass123", "");
     
    I am using the same AD credentials for my other multidirectory script linking to individual OUs and these work perfectly.

    Any ideas?


    Thanks 

    Subject: RE: Multidirectory - search from root of domain
    Replied by: CHRIS CHARLEBOIS on 15-04-2010 01:58:23 PM
    Does that ldapvoip ID have the rights to veiw objects at that level?  My first thought is to verify the permissions, either by using an LDAP browsing program with the ldapvoip ID, or by running the Multidirectory script with an administrator's ID.

    Subject: RE: Multidirectory - search from root of domain
    Replied by: paul caligari on 15-04-2010 09:02:02 PM
    Hi Chris,
     
    Thanks for the reply.
     
    I am able to use AD Explorer (http://technet.microsoft.com/en-us/sysinternals/bb963907.aspx) with ldapvoip as the logon credentials to browse the entire domain structure without a problem. That said, the ldapvoip account is just a standard domain user, so it can't hurt to check if this is permission issue using my domain admin credentials.
     
    I will let you know how it goes.
     
    Thanks
    Paul

    Subject: RE: Multidirectory - search from root of domain
    Replied by: paul caligari on 15-04-2010 10:20:47 PM
    Hi,
     
    I just added ldapvoip as a member of the domain admins. Still get the same error, so that rules out permissions. Any other ideas?
     
    Paul

    Subject: RE: Multidirectory - search from root of domain
    Replied by: paul caligari on 18-04-2010 04:16:11 AM
    Hi all,
     
    I found the answer to my problem. For anyone else having this issue, if you want to search from the root of the domain, you must use port '3268' instead of '389'. This will allow you to search the entire directory.
     
    Now I just need to figure out how to not display users with a blank telephoneNumber object in the directory.
     
    Cheers,
    Paul