Tricky issue joining sql table with active directory user on guid
https://stackoverflow.com/questions/11267717
-
18-06-2021 - |
italiano
english
français
española
中国
日本の
العربية
Deutsch
한국어
Português
RussianDomanda
Ok so we have some tables in SQL that identifies users by their Guid from active directory. Originally the dev team wanted to just mirror the user base in sql, but the manager insists that we keep it in active directory. So at any rate, one of the operations that we're trying to perform is taking a a table from SQL that contains the user's Guid and some other information and join that to a table that is being generated from an openquery to AD.
The problem is that if a user gets deleted from AD, the open query pukes. I'm assuming it is because we're attempting to navigate to an entry in active directory that doesn't exist and since it isn't an actual query (it's an index, essentially), its blowing up. This is the ldap string that we're using to pull the user
LDAP://<GUID=(guid here)>
or more specifically, something like
SELECT * from openquery(ADSI, '
SELECT displayName, mail
FROM LDAP://<GUID=(userGuid)>
')
Now if this were a query instead of an index, or in this case a "filter", (objectGuid=x) would simply return no results instead of throwing an error. But the problem here is that objectGuid doesn't come back to SQL as a guid, it comes back as a binary 0x102938102938 or some garbage. Now, i thought of maybe converting the Guid to hex then to binary and then attempting to query AD with that, but I dont even know where to start.
So I guess the ultimate question here is: how do i query active directory for a user by guid, without it throwing an error if that guid doesn't exist? This way I can join it to a sql query? This needs to be achievable in T-SQL, not in code using the .net DirectoryServices helpers.
I apologize if this seems scatter brained, I just wanted to put up here what we've been dealing with. Any input is appreciated, including suggestions for taking a different route. TIA
Soluzione
So a couple of things:
As far as formatting your GUID, you're going to want to do a CAST(yourColumn as varchar(38)). This link explains the formats that work - http://msdn.microsoft.com/en-us/library/windows/desktop/ms677985(v=vs.85).aspx. I don't know offhand (if/how) you can tell SQL how to format the casted value. You may need to dig up a function online that will do GUID formatting for you.
I would suggest for your join that you see if you can do your AD lookup in a table valued function, you can trap errors there and return no rows or return the row and join that way.
