Skip to main content
Announcements
Have questions about Qlik Connect? Join us live on April 10th, at 11 AM ET: SIGN UP NOW
cancel
Showing results for 
Search instead for 
Did you mean: 
Not applicable

LDAP Access - Member Of

Hi Folks

I have figured out how to access LDAP, however, I am having trouble getting hold of the MemberOf values, the following query

ldap_Groups:

SQL
SELECT memberOf
FROM '$(vLDAP)' WHERE objectClass='user' AND SAMAccountName='$(vUserName)';


Returns an error as shown below (always a favourite of mine when an error message states SQL Error: No Error, provides so much information!), I am suspecting that I might need to do something special with this as the contents of memberOf field is quite large.

Anybody have any clues as to what I would need to do????



Any help greatly appreciated.

51 Replies
Not applicable
Author

Hi

Could you plz share the registry key.

I have tried to find it in my registry but its not there so i guess you need to add it somewhere. Would be nice if you put the complete path to the key and value so i can try to do it on our server.

Thanks
/Magnus

rwunderlich
Partner Ambassador/MVP
Partner Ambassador/MVP


Stephane Chivet wrote:I've granted System Access to the qvw and can updated the application as expected on local but I cannot succeed from the Publisher. I don't find what to setup to get it running? Do you have any idea?


In the QVS settings, Security tab, make sure you check both

"Allow macro execution on server"
"Allow unsafe macro execution on server"

-Rob

schivet
Contributor III
Contributor III

Hello Rob,

Both:

"Allow macro execution on server"
"Allow unsafe macro execution on server"

are checked but still not working. I will investigate more.
Thanks

rwunderlich
Partner Ambassador/MVP
Partner Ambassador/MVP

Does the userid running Publisher have read access to AD?

Are you getting an error message or just empty / incomplete results?

-Rob

schivet
Contributor III
Contributor III

Hello Rob,

The Userid has admin right so it should not be a problem.

When I run the script from the server with QlikView dev I have this error message:

but if I clic on OK, the script continues and I get the expected result: Group + Users.

If I do the same on another LDAP I don't have any problem. I guess it's something wrong with the name but I can't find what!

If I run the application with the publisher, I got this error message:

9/28/2010 9:00:46 AM: 0035 UserTable:
9/28/2010 9:00:46 AM: 0036 LOAD
9/28/2010 9:00:46 AM: 0037 name as UserName,
9/28/2010 9:00:46 AM: 0038 distinguishedName as UserDN
9/28/2010 9:00:46 AM: 0039
..............................
9/28/2010 9:00:46 AM: 0050 SQL select
9/28/2010 9:00:46 AM: 0051 name, distinguishedName
9/28/2010 9:00:46 AM: 0052
9/28/2010 9:00:46 AM: 0053 FROM 'LDAP://EMEA.xxxx.xxxx WHERE objectCategory='person'
9/28/2010 9:00:46 AM: 0054 AND name>''
9/28/2010 9:00:47 AM: Error: Field not found - <name>
9/28/2010 9:00:47 AM: General Script Error
9/28/2010 9:00:47 AM: Execution Failed
9/28/2010 9:00:47 AM: Execution finished.

If I run the same script on the other LDAP, I don't get any message but I don't get the links between the groups and the users.

Best regards

Stéphane

rwunderlich
Partner Ambassador/MVP
Partner Ambassador/MVP

First I would confirm that the LDAP server in question actualy has a field called "name". You can use an LDAP browser like the one from Softerra at http://www.softerra.com/download.htm.

If you are doing multiple servers in a script, make sure you execute a DISCONNECT / CONNECT between each server.

I received a report from another user that he fixed a problem with this code by using the IP address instead of the server name.

What type of directory is EMEA.xxxx.xxxx? Is it Active Directory or something else?

-Rob

Not applicable
Author

Hi

This application works great. But does anyone know how I can retrive only active ou:s? I have a field in in my AD thats called ou and I should not retive users that have an ou=disabled. But i only get an empty row when i tried retiveing my ou, so i changed the macro code for splitting up groups to split up my ou but that did not help.

Has  anyone successfylly retrived the ou:s?

Thanks

Daniel

Not applicable
Author

Hi Rob,

I'm using you'r app with the log parser solution, it is a fine app.

But when i make a load of the active directory users and groups, i only get the groups from the domain.

But i just want to get the local server groups in this app. Do you know what i have to do to get the local server data?

Thanx for your help,

Halmar Heijnen

rwunderlich
Partner Ambassador/MVP
Partner Ambassador/MVP

You can list local users and groups using the Net Localgroup command and direct the output to a file.

http://www.windows-commandline.com/2010/09/list-of-user-groups-command-line.html

Or you can write a VBScript or Powershell script:

http://gallery.technet.microsoft.com/scriptcenter/efd18173-21d6-4805-bf04-97f7b30d91be

-Rob

http://robwunderlich.com

jbeierschmitt
Contributor III
Contributor III

Hi Rob/Stephane,

I'm having the same problem with QlikView SR7 - I changed settings in QEMC, but the macro does not execute when I use the QEMC to run the task.  If I reload using the service account it runs fine and the macro works.

What other setting(s) is necessary to schedule this reload in QEMC?