LDAP için kullanılacak hesap içim mümkün olan minimum yetkiler

Selamlar Orhan Bey,

Normal etki alanı kullanıcı hesabı ile LDAP sorgularını çalışma grubuna üye bilgisayar üzerinden çalıştırabilirsiniz.

Aşağıdaki vbs kodu,

http://www.visualbasicscript.com/m_58668/tm.htm

sitesinden alınmıştır :

Option Explicit

Const ADS_SECURE_AUTHENTICATION = &H1
Const ADS_SERVER_BIND = &H200
 
' Specify a server (Domain Controller).
strServer = "MyServer"

' Specify or prompt for credentials.
strUser = "MyDomain\TestUser"
strPassword = "xyz12345"

' Determine DNS domain name. Use server binding and alternate
' credentials. The value of strDNSDomain can also be hard coded.
Set objNS = GetObject("LDAP:")
Set objRootDSE = objNS.OpenDSObject("LDAP://" & strServer & "/RootDSE", _
    strUser, strPassword, _
   ADS_SERVER_BIND Or ADS_SECURE_AUTHENTICATION)
strDNSDomain = objRootDSE.Get("defaultNamingContext")

' Use ADO to search Active Directory.
' Use alternate credentials.
Set adoCommand = CreateObject("ADODB.Command")
Set adoConnection = CreateObject("ADODB.Connection")
adoConnection.Provider = "ADsDSOObject"
adoConnection.Properties("User ID") = strUser
adoConnection.Properties("Password") = strPassword
adoConnection.Properties("Encrypt Password") = True
adoConnection.Properties("ADSI Flag") = ADS_SERVER_BIND _
    Or ADS_SECURE_AUTHENTICATION
adoConnection.Open "Active Directory Provider"
adoCommand.ActiveConnection = adoConnection

' Construct the LDAP query.
strQuery = strBase & ";" & strFilter & ";" _
    & strAttributes & ";subtree"

' Clean up.
adoRecordset.Close
adoConnection.Close