Microsoft KB Archive/301920

= HOWTO: Search for a RightsGUID or a SchemaIDGuid =

Article ID: 301920

Article Last Modified on 7/13/2004

-

APPLIES TO


 * Microsoft Windows 2000 Server
 * Microsoft Windows 2000 Advanced Server
 * Microsoft Active Directory Service Interfaces 2.5
 * Microsoft Active Directory Client Extension
 * Microsoft Visual C++ 6.0 Service Pack 5

-



This article was previously published under Q301920



SUMMARY
This article illustrates how to use an Active Directory Services Interfaces (ADSI) Lightweight Directory Access Protocol (LDAP) query to locate either an extended right or a schema object using its RightsGUID or SchemaIDGuid.



MORE INFORMATION
The code that is provided in this article searches the Extended Rights container for the matching RightsGUID. If this search is not successful, the code performs a second LDAP search on the Schema container, searching for a SchemaIDGuid.

The sample demonstrates how to:
 * 1) Properly encode binary data into an LDAP query by using the ADsEncodeBinaryData API.
 * 2) Use the IDirectorySearch interface.
 * 3) Use Active Template Library (ATL) Smart Pointers to manager reference counting of interface pointers.

Steps to Use the Code Contained in this Article

 * 1) Create an empty Windows 32 console application in Visual Studio.
 * 2) Click the FileView tab.
 * 3) From the File menu, click New, and select C++ Source File.
 * 4) In the File Name edit control, type main.cpp and click OK.
 * 5) Copy the code from the &quot;Main.cpp Code&quot; section of this article and paste it into the Visual C++ project.
 * 6) From the Project menu, click Settings. Click the Link tab.
 * 7) Add adsiid.lib and activeds.lib to the Object/Library Modules.
 * 8) Click the Debug tab.
 * 9) In the Program Arguments edit control type {59ba2f42-79a2-11d0-9020-00c04fc2d3cf}, and then click OK.
 * 10) Press CTRL+F5 to build and execute the project.

Visual C++ Code
The following Visual C++ Code illustrates how to find an extended right or a schema object when given a GUID.

Main.cpp Code

 * 1) define _WIN32_WINNT 0x0500

// // main.cpp : Defines the entry point for the console application. //
 * 1) include 
 * 2) include 
 * 3) include 
 * 4) include 
 * 5) include 
 * 6) include 
 * 7) include 
 * 8) include 

///////////////////////////////////////////////////////////////////////////////// // Helper Functions // ShowError -> Displays and Error Message // PrintGUIDFromVariant -> Displays a guid in StringFromGUID2 format using a variant //

// **************************************************************** // PrintGUIDFromVariant // Prints out a GUID in string format. // **************************************************************** VOID PrintGUIDFromVariant(VARIANT varGUID) {   HRESULT hr; void HUGEP *pArray; WCHAR szGUID[40]; LPGUID pGUID; DWORD dwLen = sizeof(GUID); hr = SafeArrayAccessData( V_ARRAY(&varGUID), &pArray ); pGUID = (LPGUID)pArray; // Convert GUID to string. ::StringFromGUID2(*pGUID, szGUID, 40); // Print the GUID wprintf(L&quot;,%s&quot;,szGUID); SafeArrayUnaccessData( V_ARRAY(&varGUID) ); VariantClear(&varGUID); } //****************************************************************** // Simple Error display function. // ShowError //****************************************************************** void ShowError( char *szRoutine, HRESULT hr ) {   LPTSTR pMessage; FormatMessage( FORMAT_MESSAGE_ALLOCATE_BUFFER | FORMAT_MESSAGE_FROM_SYSTEM | FORMAT_MESSAGE_IGNORE_INSERTS,                    NULL,                    hr,                    0,                    (char *) &pMessage,                    100,                    NULL );

MessageBox( NULL, pMessage, szRoutine, NULL );

LocalFree( pMessage ); } //\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\ // Main process for this sample. // // Locate either the Extended Right or class/attribute in the schema that matches // the GUID passed in argv[1] // // Schema ID GUID of the user object //    {BF967ABA-0DE6-11D0-A285-00AA003049E2} // // Rights GUID of a the General-Information extended right //    {59ba2f42-79a2-11d0-9020-00c04fc2d3cf} // int main(int argc, char* argv[]) {   HRESULT hr = CoInitialize(NULL); CComPtr  pIADsObj; CComBSTR bObject = argv[1]; CComBSTR bQueryString; BOOL bFindSchemaIDGUID = TRUE; BOOL bFound = FALSE; if ( argc < 2 ) {       printf(&quot;Must enter a GUID in the form {XXXXXXXX-XXXX-XXXX-XXXX-XXXXXXXXXXXX}.\nTerminating program...\n&quot;); return 0; }   //     // Verify that the string starts with  a '{' //    char *arg = argv[1]; char szRightsGUID[40]; if( (argv[1][0] != '{') || (strlen( argv[1] ) > 40) ) {              printf(&quot;Must enter a GUID in the form {XXXXXXXX-XXXX-XXXX-XXXX-XXXXXXXXXXXX}.\nTerminating program...\n&quot;); return 0; }   else {       //         // We need a copy of the GUID without the &quot;{}&quot;s, strip them // The form of GUID string used in the RightsGUID property of an extended right. //        char *pSpot = szRightsGUID; char *p; for( p = (char *)argv[1];*p;p++ ) {           if( (*p != '{') && (*p != '}') ) {               *pSpot = *p; pSpot++; }       }        *pSpot = NULL; }   //     // Convert the GUID into its binary form //    CLSID inputGUID; CLSIDFromString( bObject.m_str, &inputGUID ); //    // Binary encode the GUID to use in an LDAP search of the Schema container //    LPOLESTR pEncodedGUID; ADsEncodeBinaryData( (PBYTE)&inputGUID, sizeof(CLSID), &pEncodedGUID); //    // Prepare to search the Extended Rights container via // the ConfigurationNamingContext value of the RootDSE object //    CComPtr  pRootDSE; CComPtr  pIADsExtendedRights; CComBSTR bLDAPQueryStr; hr = ADsGetObject(L&quot;LDAP://RootDSE&quot;, IID_IADs, (void **) &pRootDSE); CComBSTR bExtendedRightsLDAPpath; VARIANT vVarTmp; VariantInit(&vVarTmp); hr = pRootDSE->Get(L&quot;configurationNamingContext&quot;, &vVarTmp); bExtendedRightsLDAPpath = L&quot;LDAP://CN=Extended-Rights,&quot;; bExtendedRightsLDAPpath.AppendBSTR( vVarTmp.bstrVal); //    // Retrieve an IADs object interface for the Extended Rights Container // and QI for an IDirectorySearch interface //    hr=ADsGetObject( bExtendedRightsLDAPpath.m_str, IID_IADs, (void **)&pIADsExtendedRights); CComQIPtr  pISearchExtendedRights(pIADsExtendedRights); pIADsExtendedRights.Release; //    // Buid the query string... //    bLDAPQueryStr = TEXT(&quot;(RightsGUID=&quot;);    bLDAPQueryStr.Append( szRightsGUID );    bLDAPQueryStr.Append( &quot;)&quot;); //    // Setup the Attributes and search preferences //    // Perform a subtree search //    ADS_SEARCHPREF_INFO prefInfo[2]; prefInfo[0].dwSearchPref = ADS_SEARCHPREF_SEARCH_SCOPE; prefInfo[0].vValue.dwType = ADSTYPE_INTEGER; prefInfo[0].vValue.Integer = ADS_SCOPE_SUBTREE; //    // Set the maximum records returned to 1000 ( maximum for AD ) //    prefInfo [1].dwSearchPref = ADS_SEARCHPREF_PAGESIZE ; prefInfo [1].vValue.dwType = ADSTYPE_INTEGER; prefInfo [1].vValue.Integer = 1000; //    // Set the preferences... //    hr = pISearchExtendedRights->SetSearchPreference( prefInfo, 2); //    // Prepare a list of atrributes to return in the query... // in our case, we want the Common Name and the SchemaIDGuid //    LPWSTR pszAttr[] = { L&quot;cn&quot;}; ADS_SEARCH_HANDLE hSearch; DWORD dwCount= sizeof(pszAttr)/sizeof(LPWSTR); //    // Open schema container, and request and IDirectorySearch interface from it    // Uset the LDAP://RootDSE to obtain the LDAP path to the Schema container //    hr=pISearchExtendedRights->ExecuteSearch(bLDAPQueryStr.m_str, pszAttr, dwCount, &hSearch ); if (!SUCCEEDED(hr)) {       pISearchExtendedRights.Release; ShowError(&quot;Error executing LDAP search:\n&quot;, hr); }   //     // Now enumerate the result //    ADS_SEARCH_COLUMN col; //    &quot;0-1-2-35&quot; while( pISearchExtendedRights->GetNextRow(hSearch) != S_ADS_NOMORE_ROWS ) {       // Get attributes //        // CN        // hr = pISearchExtendedRights->GetColumn( hSearch, pszAttr[0], &col ); if ( SUCCEEDED(hr) ) {           printf(&quot;Found Extended Right: %S\nThat matched RightsGUID: %s\n&quot;,(LPWSTR)col.pADsValues->CaseIgnoreString, argv[1]); pISearchExtendedRights->FreeColumn( &col ); bFindSchemaIDGUID = FALSE; bFound=TRUE; }   }    pISearchExtendedRights->CloseSearchHandle( hSearch ); pISearchExtendedRights.Release; //    // Check to see if the GUID passed to the console application was a    // RightsGUID that matched an Extended Right. //    // If the RightsGUID search failed, then try to search for a    // SchemaIDGUID in the schema... //    if( bFindSchemaIDGUID ) {       //         // Setup the query into the Schema to find the matching SchemaIDGuid //        bLDAPQueryStr = L&quot;&quot;; bLDAPQueryStr = L&quot;(schemaIDGuid=&quot;;       bLDAPQueryStr.Append( pEncodedGUID );        bLDAPQueryStr.Append( L&quot;)&quot;); //        // Declare an IADs object and build the path to the // the schema container. //        CComPtr  pIADsSchema; CComBSTR bSchemaLDAPpath; VARIANT vVar; VariantInit( &vVar ); hr = pRootDSE->Get(L&quot;schemaNamingContext&quot;, &vVar ); bSchemaLDAPpath = L&quot;LDAP://&quot;; bSchemaLDAPpath.AppendBSTR( vVar.bstrVal ); hr = ADsGetObject(bSchemaLDAPpath.m_str, IID_IADs, (void **)&pIADsSchema); pRootDSE.Release; CComQIPtr <IDirectorySearch, &IID_IDirectorySearch> pISearch(pIADsSchema); pIADsSchema.Release;   // Release the IADs interface for the schema container... //        // Setup the IDirecrtory Search preferences and prepare to retrieve the data //        //         // Perform a subtree search //        ADS_SEARCHPREF_INFO prefInfo2[2]; prefInfo2[0].dwSearchPref = ADS_SEARCHPREF_SEARCH_SCOPE; prefInfo2[0].vValue.dwType = ADSTYPE_INTEGER; prefInfo2[0].vValue.Integer = ADS_SCOPE_SUBTREE; //        // Set the maximum records returned to 1000 ( maximum for AD ) //        prefInfo2[1].dwSearchPref = ADS_SEARCHPREF_PAGESIZE ; prefInfo2[1].vValue.dwType = ADSTYPE_INTEGER; prefInfo2[1].vValue.Integer = 1000; //        // Bind the preferences to the search object... //        hr = pISearch->SetSearchPreference( prefInfo2, 2); //        // Prepare a list of atrributes to return in the query... // in our case, we want the Common Name //        LPWSTR pszAttr2[] = { L&quot;cn&quot;}; ADS_SEARCH_HANDLE hSearch2; DWORD dwCount2= sizeof(pszAttr2)/sizeof(LPWSTR); //        // Execute the search query //        hr=pISearch->ExecuteSearch(bLDAPQueryStr.m_str, pszAttr2, dwCount2, &hSearch2 ); if (!SUCCEEDED(hr)) {           pISearch.Release; ShowError(&quot;Error executing LDAP search:\n&quot;, hr); goto cleanup; }       //         // Now enumerate the result //        ADS_SEARCH_COLUMN col2; //    &quot;0-1-2-35&quot; while( pISearch->GetNextRow(hSearch2) != S_ADS_NOMORE_ROWS ) {           // Get attributes //            // CN            // hr = pISearch->GetColumn( hSearch2, pszAttr[0], &col2 ); if ( SUCCEEDED(hr) ) {               printf(&quot;Found Property: %S \nMatched Schema ID GUID: %s\n&quot;,(LPWSTR)col2.pADsValues->CaseIgnoreString, argv[1]); pISearch->FreeColumn( &col2 ); bFound=TRUE; }       }        ////////////         // Clean-up ////////////        pISearch->CloseSearchHandle(hSearch2); pISearch.Release; }   else {       pRootDSE.Release; }   if( !bFound ) printf(&quot;Could not find a matching RightsGUID or SchmaIdGUID for %s\n&quot;, argv[1]); cleanup: //    // Clean UP the rest.... //    pIADsObj.Release; CoUninitialize; return 0; }

<div class="references_section">