问题
Using Active Directory, am trying to find the SamAccountName and email of the user’s manager.
I find the logged on user in the AD by search where sAMAccountName = Domain\Account. I then retrieve the manager property, which looks like this, for example:
CN=Doe\, Jane E.,OU=Employees,OU=Users,OU=Detroit,OU=United States,DC=na,DC=gmc,DC=gmc,DC=com"
How can I use this presumed key to find the user record for this person? What field would I match on?
回答1:
If I remember correctly, that is their Distinguished Name, which means you can use it as the direct reference to their profile
LDAP://CN=Doe, Jane E.,OU=Employees,OU=Users,OU=Detroit,OU=United States,DC=na,DC=gmc,DC=gmc,DC=com
I also think it will return that name if the profile exists. If it has been deleted then I believe it runs a GUID of some sort (based on memory - this might be incorrect)
回答2:
The entry for the manager is the manager's Binding String. You can feed it back into a request to active directory by binding it to an object that will return the manager's information.
回答3:
(This is a post from old time, but I thought might be useful for others in the community)
You can use string stripping and find it like this:
REPLACE(SUBSTRING(manager, 4, CHARINDEX('OU=', manager)-5), '\', '')
Full working query (just change DOMAIN to your own):
SELECT Top 901 manager, REPLACE(SUBSTRING(manager, 4, CHARINDEX('OU=',
manager)-5), '\', '')
FROM OPENQUERY( ADSI, 'SELECT manager FROM ''LDAP://DC=DOMAIN,DC=local''
WHERE objectCategory = ''Person'' AND objectClass= ''user''
AND userprincipalname = ''*'' AND mail = ''*'' AND SN = ''*'' ')
来源:https://stackoverflow.com/questions/981621/finding-a-users-manager-record-in-active-directory