SmartNotes and Active Directory

Are your M3 users also LSN users? If so, what authentication method are you using?

Hi John,

The M3 users don't use LSN if by you mean subcribe, and use the personal settings etc. At the moment most of our smartnotes are placed on dashboards. I think the authentication for lbi is Ldap to our AD

thanks,

Jon

Jon,

I think what John is getting at is you can actually query the Framework Services database to get the username although you wont be able to get the email addresses this way.

You can also do an LDAP query as an infoset to extract the LDAP users and email addresses.

hth
matt

Exactly--assuming all of the M3 users are set up in LSN then you can query their email "delivery device" which gives you their email address.

Hi,

Ah, i see. all of our users aren't set up in LSN, as they only see the end reports, they don't need to access their detials/delivery devices under the personal settings option. I've not used it...i hope it works this way.... but i could import User device using the option 'Import User Devices' in the Admin tab of LSN.

thanks

Jon

Or like Matt suggests, you could do an LDAP query directly from LSN.

Hi Matt/John

Ahh, sorry on the wrong track completey! I've had a look in the infoset set up, and selected the LDAP query option, but i have to admit i'm a bit lost. Has anyone got an example of the page filled in that i can reverse engineer to our system?? We can set up a user name and pasword that will not expire, it the Provider URL and context factory we don't have a clue about, oh, and the query of course!!

thanks

Jon

we're using a function to get email addresses from active directory usin ldap. We're running our smart notes from views and calling the function to get the email address.

create or replace FUNCTION sn_get_ad_email
(p_userid IN varchar2)
return varchar2
IS
ldap_host varchar2(256);
ldap_port varchar2(256);
ldap_user varchar2(256);
ldap_pwd varchar2(256);
ldap_base varchar2(256);
retval PLS_INTEGER;
my_session DBMS_LDAP.session;
my_message DBMS_LDAP.MESSAGE;
my_entry DBMS_LDAP.MESSAGE;
my_attrs DBMS_LDAP.STRING_COLLECTION;
my_attr_name varchar2(256);
my_ber_element DBMS_LDAP.ber_element;
my_vals DBMS_LDAP.STRING_COLLECTION;
entry_count PLS_INTEGER;
ret_string varchar2(256) := null;
ad_user varchar2(256);
in_user varchar2(256);
begin
ldap_host := rep_rights.bi_credentials.ad_query_server;
ldap_port := rep_rights.bi_credentials.ad_query_port;
ldap_user := rep_rights.bi_credentials.ad_user;
ldap_pwd := rep_rights.bi_credentials.ad_password;
ldap_base := rep_rights.bi_credentials.ad_user_base;
retval := -1;
-- if p_id_type = 'AD' then
ad_user := p_userid;
-- else
-- in_user := trim(p_userid);
---- dbms_output.put_line('in='||in_user);
-- select web_user
-- into ad_user
-- from logan.webuser@logan.smrcy.com
-- where trim(login) = trim(in_user);
-- dbms_output.put_line('out='||ad_user);
-- end if;
my_session := DBMS_LDAP.init(ldap_host, ldap_port);
retval := DBMS_LDAP.simple_bind_s(my_session, ldap_user, ldap_pwd);
my_attrs(1) := 'mail';
retval := DBMS_LDAP.search_s(my_session,
ldap_base,
DBMS_LDAP.SCOPE_SUBTREE,
'sAMAccountName=' || trim(ad_user),
my_attrs,
0,
my_message);
entry_count := DBMS_LDAP.count_entries(my_session, my_message);
if (entry_count = 1) then
my_entry := DBMS_LDAP.first_entry(my_session, my_message);
my_attr_name := DBMS_LDAP.first_attribute(my_session, my_entry, my_ber_element);
my_vals := DBMS_LDAP.get_values(my_session, my_entry, my_attr_name);
if (my_vals.FIRST is not null) then
ret_string := substr(my_vals(my_vals.FIRST),1,256);
end if;
end if;
retval := DBMS_LDAP.unbind_s(my_session);
return ret_string;
exception
when others then
dbms_output.put_line(substr(dbms_utility.format_error_stack,1,200));
if my_session is not null then
retval := DBMS_LDAP.unbind_s(my_session);
end if;
return null;
end sn_get_ad_email;

Hi Jon,

please feel free to ping me off-line. I have an LDAP infoset example you could try.

Thanks,
Pat