Manager of OU

In the future could you please break up your question in to paragraphs so that it's easier for us to read.

I need to know what you have tried so far.
You're going to have to set up your web application to use Windows Authentication...

You should be able to grab the current user.

Please note that Windows Authentication has it's draw backs and you should research it before deciding to implement it.

-Frinny

Sorry. My thoughts at this point are just symbols. Miracle I can make sense of them. Now to the specs of everything:

Project Background: Intranet set on IIS as a file system. AD is connected via a forest. RootDSE works due to one Domain Controller holding only One AD.

Problem: I have a DirectorySearch er fetching all the attributes and then calling them via Other code follows in the same suit of the phone and department and so on. I need to find the manager of the department of the person who is accessing the site(if that makes any sense) and putting that name in the text field named depthead. Finding the manager of the OU has been quite difficult.

Sought Solution 1: Wrote an array to look at the current users managers manager. It's innacurate because it's only finding a heirarchy of the people not the manager of the OU. Example: Person 1 is being managerd by person 2 and person 2 by person 3 and that person is the manager of the OU(department) but they are in turn managed by the big guy Person 4. And you can't tell it to stop at 3 because some only have 2 people above them and so on.

Sought Solution 2: managedBy. This doesn't return anything. No true or false or string of any kind. IT's just blank. I have multiple programs that have tried to pull this attribute out to see if there is a value but it isn't there.

Sought Solution 3: SDS.Parent property. I haven't really been able to unlock the full potential of this one. And Joe Kaplan(author of Active Directory programming) has been helping me out and said this is the best way to go. I just can't find enough literature or code to make a proper example to see how it works and what it does.

Hope this is spread out and catergorized and in a good format for you. I am trying to keep the langoliers from eating the thoughts I am not using so everything, like I said, is a mess up in the top room. And no I didn't get a weekend.

Am I right in thinking you're after the MetaData of the accessible AD information?

I may be entirely unable to help even so, but I may have done some digging myself in a similar area (All in VBScript though) and might have some notes at work that might help some. I'll post something for you if I can find anything that looks related (It's been a while since I did it I'm afraid so my memory of it is more than a little rusty).

That is much better. My sympathies are with you :)

I wish more members even COULD lay it out clearly like that. Normally a request like that is followed by further gibberish, but now with attitude because they've gone to the extra effort for you.

I'm afraid that what I found was probably not too helpful for your particular requirement :(

Here are a couple of links though. I wish I could say they were more relevant to you but I'm not sure. I hope at least they will give a starting point into discovering the relevant area of the LDAP tree that you need.

http://msdn.microsoft. com/en-gb/library/aa772170.aspx
http://forums.asp.net/p/993762/1295799.aspx

I know the following code won't be relevant to you as it stands, but it gives an illustration of the sort of handling required to access the main LDAP object.

Thanks a lot of the work you have done. I was ordered to take a break for a few hours(or else I would have burned through the night still trying to figure it out). One of those "it's almost there" situations that I can't let sit.

I then barted with my boss to make groups. Hoooraaayyyy. I Hope to find some way to logic out who is who's dept head. But no one seems to be able to know how to get the manager of the OU. Any other help would be much appreciated and thanks for helping me in great length. I can't let enough poeple know how good it feels to know someone out there took a few minutes out of their day to help.

If anymore solutions on my end or your guys' end come about please post them here. If I solve this. You can be sure that it will be here in all it's glory.

I'll certainly try to bear this thread in mind if I play in that area again, although I don't find anything in my AD that even refers to Managers for user accounts (I'm very rusty in this whole area though as I've not worked on this for some months).

What I know about the Manager Attribute is that it returns the whole string in which the manager of the user is. cn=manager name, ou=IT,ou=compan y, dc=blah, dc=blah. If your run a split on ',' you can single out the name and post it to a string.

My boss says there is a setting for Managed By of the Ou. But I have tried the managedBy. Maybe I am not doing that properly. I tried an array that checked the ou runs the ou against the managedBy and it returned no value. It ran just no value. If anyone has an array that they know might work please send it to me.

I think the field is actually "manager".
I have found some other, older, stuff, which may help you to see some of this information more clearly yourself. I will dig for some further clarification for you.

PS. If I can find them I will post the links where I learned most of the info from.

The following is an example of how to extract information related to AD into a file (C:\NewDomain\S TPUsers.Ldf).
This example selects only those items of objectClass=Use r whose scriptPath is set to LogOn.Cmd.
It shows all the available information for each object found. It connects to the local DC. I run this on the DC itself for simplicity.

Some potentially useful links.

The first has a link to getting the AD Schema which may be enough to answer all your questions ;)


The next one has help with LDAP filtering.


This one has general help (with scripting examples) on AD user accounts.


These help with LDIFDE. This is a command line tool that I found invaluable in helping me determine teh schema of the AD areas I was using. See previous post for a simple example.

I found the Manager item in the AD Users and Computers interface now. It's in the Organization tab, vertically half-way down.

How that is structured in your organisation depends on you. The top man could have a blank manager, or he could point to himself. Your code could handle that either way (Let's just hope no numb-nuts has put a loop in there :D).