April 21, 2006 at 12:54 pm
Hello all,
I was hoping to use xp_logininfo (SQL 2000) to query AD to determine if the windows logins (groups and users) are still valid AD objects. In other words, if any of the AD logins (groups or users) have been deleted from AD, then we'd like to know about it so we can delete them from SQL. xp_logininfo (see bol) states that it should return a 0 (success) or 1 (failure) when you run it.
For example, I can successfully run EXEC xp_logininfo 'domain_name\acct_or_group_name' and get a return code of 0 as long as I supply a VALID AD user or group name. My understanding of the bol documentation is that if I supply an INVALID AD user or group name, then I should get a return code of 1. THIS IS NOT THE CASE. Instead, I get:
Server: Msg 8198, Level 16, State 22, Procedure xp_logininfo, Line 58
Could not obtain information about Windows NT group/user 'domain_name\invalid_user_or_group'.
The whole principle of what I'm trying to develop requires that I determine if the group or user that I'm passing in xp_logininfo is a valid AD object.
I can't seem to find any other extended xp's that provide what I'm seeking. Here's the exact code that produces the error mentioned.
DECLARE @rc int
EXEC @rc = xp_logininfo 'domain_name\valid_AD_user_or_group_name'
SELECT @rc
IF @rc = 0
BEGIN
PRINT 'GOOD GROUP'
END
ELSE
PRINT 'ERROR OCCURED'
If you change the call to xp_logininfo in the code above to an invalid group, then you get the error, not the return code of 1 that I'm seeking!!
Any ideas or help in achieving this would be greatly appreciated.
Thanks in advance,
Dave
April 21, 2006 at 1:04 pm
You may use a DOS script using dsquery (from the server machine) or dsget utilities.
Regards,Yelena Varsha
Viewing 2 posts - 1 through 1 (of 1 total)
You must be logged in to reply to this topic. Login to reply