0

I'm having issues with our Domain Administrator changing the name of our domain org units without any warning. I have the AD path listed in my web.config. When he changes the names my reference in the code breaks. Is there another way to reference i.e. some sort of 'OU ID'?

<appSettings>
    <add key="adStructure" value="OU=Org Name 2,OU=Org Name 1,dc=test,dc=test2,dc=test3"/>
</appSettings>

I'm trying to get a list of all groups within OU Org Name 2.

Matt
  • 349
  • 2
  • 10

2 Answers2

2

Yes, you can take advantage of otherWellKnownObjects. http://msdn.microsoft.com/en-us/library/ms679095(v=vs.85).aspx. You will need to populate a GUID and initial path to each OU in there, and then in the future when the OU is moved or renamed, AD will keep track. You simply bind by GUID instead of DN.

This link explains how - http://msdn.microsoft.com/en-us/library/ms676295(v=vs.85).aspx.

Brian Desmond
  • 4,473
  • 1
  • 13
  • 11
0

If the user accounts or other bjects you are accessing have an unique property for accessing them you could perform an LDAP/AD search query for getting the list of objects you need - independent of the distinguished name (DN) and therefore independent of the OU the are located in.

For details how to search in the AD see here:

If you are looking for user objects an alternative would be a group containing all user accounts related to your application - as the Active Directory automatically updates/generates the distinguished name of the members.

Community
  • 1
  • 1
Robert
  • 39,162
  • 17
  • 99
  • 152
  • I'm trying to get a list of all groups within a particular OU. So while the search method is helpful I still need a way to narrow down by OU. Modifying my question as I forgot to include that. – Matt Aug 30 '11 at 18:39
  • What about adding/using a special attribute to the OU and then search for this attribute? – Robert Aug 30 '11 at 19:57