I am developing a script to allow users to write to Active Directory. The problem is that, when I leave a field blank, it results in an error. When, however, I put a value in, even a space, it seems happy. I have the following code:
<%@LANGUAGE="VBScript">
%>
<%
if isEmpty(request.form("subval")) then
response.write("You did not submit the form, please <a href='ldap.asp'>go back</a>")
else
'If the subval field is empty, we know the form has been submitted OK
dim firstname, lastname, email, telephonenumber, mobile, description
ADUser = "LDAP://OU=Staff,OU=Users,DC=example,DC=internal"
' Make AD connection and run query
subval = request.querystring("account_name")
'This value held the CN earlier, it is now overwriten here
Set objCon = Server.CreateObject("ADODB.Connection")
objCon.provider ="ADsDSOObject"
objCon.Properties("User ID") = "EXAMPLE\Exampe"
objCon.Properties("Password") = "TestPassword"
objCon.Properties("Encrypt Password") = TRUE
objCon.open "Active Directory Provider"
Set objCom = CreateObject("ADODB.Command")
Set objCom.ActiveConnection = objCon
objCom.CommandText ="select sAMAccountName, distinguishedName FROM '"+ ADUser +"' where sAMAccountname='"& subval &"'"
Set objRS = objCom.Execute
distinguishedName = objRS.Fields("distinguishedName")
objRS.Close
objCon.Close
Set objRS = Nothing
Set objCom = Nothing
'We select the distinguishedName from AD
firstname = request.form("firstname")
lastname = request.form("lastname")
email = request.form("email")
telephonenumber = request.form("telephonenumber")
mobile = request.form("mobile")
description = request.form("description")
Const ADS_PROPERTY_UPDATE = 2
Set objUser = GetObject _ ("LDAP://" & distinguishedName)
if (IsNull(firstname)) Then
firstname = " "
end if
if (IsNull(lastname)) Then
lastname = " "
end if
if (IsNull(email)) Then
email = " "
end if
if (IsNull(telephonenumber)) Then
telephonenumber = " "
end if
if (IsNull(mobile)) Then
mobile = " "
end if
if (IsNull(description)) Then
description = " "
end if
objUser.Put "givenName", firstname
objUser.Put "mail", email
objUser.Put "sn", lastname
objUser.Put "mobile", mobile
objUser.Put "description", description
objUser.Put "telephoneNumber", telephonenumber
objUser.SetInfo
Response.Write("User data for "& subval &" has been modified")
end if
%>
The error I get whenever I leave a field blank is why I am trying to inject spaces into the variables since that seems to work in my form.
The error I get is on the SetInfo line
error '8007200b' /updateldap.asp, line 68
I'm not sure what I can try since I've done all the stuff I can think of
8007200b = LDAP_INVALID_SYNTAX (The attribute syntax specified to the directory service is invalid)
I would say that you have worked out what the issue is. LDAP attributes cannot be NULL. You probably don't even need to have spaces, an empty string might work as well.
e.g.