Microsoft KB Archive/269441

= HOWTO: Use ADSI to List the UPN Suffixes That Are Defined in Active Directory =

Article ID: 269441

Article Last Modified on 7/13/2004

-

APPLIES TO


 * Microsoft Windows 2000 Server
 * Microsoft Active Directory Service Interfaces 2.5
 * Microsoft Active Directory Service Interfaces 2.5

-



This article was previously published under Q269441



SUMMARY
This article describes how to retrieve the Windows 2000 user principal name (UPN) suffixes that are defined.

The UPNSuffixes attribute on the Partition container in the default naming context contains the UPN suffixes that are defined for the domain tree. This attribute does not contain the default UPN or the UPN suffixes that are assigned to organizational units. The UPN suffixes that are assigned to an organizational unit are stored in the upnSuffixes attribute on the Organizational Unit object.

The default UPN is contained in the Canonical Name attribute on the Partitions container object in the configuration naming context. The default UPN suffix identifies the domain in which the user account is contained. When you create a user account in Active Directory, the default UPN suffix is the DNS name of the first domain in your domain tree.

If you create user accounts by using the Users and Computers snap-in, every user must have a UPN. If you programmatically create user objects in Active Directory, you must supply an appropriate value for this attribute.



MORE INFORMATION
The following sample code demonstrates how to retrieve the default UPN and any additional UPNs: ' --- Get the naming contexts Set RootDSE = GetObject(&quot;LDAP://RootDSE&quot;) strNamingContext = RootDSE.Get(&quot;defaultNamingContext&quot;) strConfigContext = RootDSE.Get(&quot;configurationNamingContext&quot;) ' -- Get the current domain name --

Set oDomain = GetObject(&quot;LDAP://&quot; + strNamingContext) strDomainName = oDomain.Get(&quot;name&quot;)

Set oPartition = GetObject(&quot;LDAP://CN=Partitions,&quot; & strConfigContext)

'-- Get the DNS name of the domain -- oDomain.GetInfoEx Array(&quot;canonicalName&quot;), 0 strCanonical = oDomain.Get(&quot;canonicalName&quot;) strDNSName = Left(strCanonical, Len(strCanonical) - 1) 'clip off &quot;/&quot; '-- Display the default UPN suffix Debug.Print strDNSName '-- Get the defined upnSuffixes -- suffixes = oPartition.GetEx(&quot;UPNSuffixes&quot;) For Each upnSuffix In suffixes Debug.Print upnSuffix Next Set RootDSE = Nothing Set oDomain =Nothing Set oPartition = Nothing

' -- Get the upnsuffixes defined on organizational units -- Set ADOconn = CreateObject(&quot;ADODB.Connection&quot;) Set ADOcom = CreateObject(&quot;ADODB.Command&quot;) ADOconn.Provider = &quot;ADsDSOObject&quot; bstrADOQueryString = &quot;;(objectcategory=organizationalUnit);upnsuffixes,ADsPath;subtree&quot; ADOconn.Open ADOcom.ActiveConnection = ADOconn ADOcom.CommandText = bstrADOQueryString ADOcom.Properties(&quot;Page Size&quot;) = 99 Set objRS = ADOcom.Execute

While Not objRS.EOF If Not IsNull(objRS.Fields(&quot;upnSuffixes&quot;)) Then upnsuffixes = objRS.Fields(&quot;upnSuffixes&quot;) For Each upnsuffix In upnsuffixes Debug.Print upnsuffix Next End If

objRS.MoveNext Wend

Set objRS = Nothing Set ADOcom = Nothing Set ADOconn = Nothing

