Re: modifying objects in ADAM ADSIEDIT
- From: "Richard Mueller [MVP]" <rlmueller-nospam@xxxxxxxxxxxxxxxxxxxx>
- Date: Wed, 1 Oct 2008 11:49:58 -0500
I don't use ADAM, but it appears that the major difference for scripting is
that the binding string includes "LDAP://localhost:389/"; in place of
"LDAP://";.
However, it appears that objects in ADAM do not have a sAMAccountName
attribute, which is the NetBIOS name I referred to. This means that you
cannot use the NameTranslate object to convert a username (or userid, or NT
user name, or "pre-Windows 2000 logon name", or NetBIOS name, or whatever
you call sAMAccountName) into a DN. This means you must know the
Distinguished Name of the object.
The only alternative would be to search for an object that has a given
Common Name (or perhaps displayName). This would be more work (code) and you
would need to handle the situation where you find more than one such object.
Only DN would uniquely identify the object (if there is no sAMAccountName
attribute). If someone else knows better, please reply.
This means my example must be as follows:
==========
' Prompt for NetBIOS name of object in AD.
strName = InputBox("Enter DN of object to modify")
Set objADObject = GetObject("LDAP://localhost:389/"; & strName:
' Prompt for the attribute to modify.
strAttribute = InputBox("Enter the LDAP Display Name of the attribute to
modify")
' Prompt for the new attribute value.
strValue = InputBox("Enter the new value to assign to the attribute")
' Assign the value.
' Trap the error if the value is invalid.
On Error Resume Next
objADObject.Put strAttribute, strValue
objADObject.SetInfo
If (Err.Number <> 0) Then
Wscript.Echo "Failed to assign " & strValue & " to attribute " &
strAttribute
End If
--
Richard Mueller
MVP Directory Services
Hilltop Lab - http://www.rlmueller.net
--
"joey" <joe@xxxxxxx> wrote in message
news:OL4Uc%233IJHA.1060@xxxxxxxxxxxxxxxxxxxxxxx
how do I tell what the DN of the object is.
Like I said this is ADAM. Even though the machine is in AD, Its ADAM
installed locally onm this host. I need ot modify an attribute on the
localhost not AD
"Richard Mueller [MVP]" <rlmueller-nospam@xxxxxxxxxxxxxxxxxxxx> wrote in
message news:uvbal4xIJHA.3680@xxxxxxxxxxxxxxxxxxxxxxx
"joey" <joe@xxxxxxx> wrote in message
news:%23w8n6lxIJHA.1160@xxxxxxxxxxxxxxxxxxxxxxx
I need to constantly modify a few objects in ADAM ADSIEDIT manually by
travelering the directory tree. How do I script this by just modifying
the script and run it?
The first step is to identify the object to be modified in AD. You need
the Distinguished Name (DN) of the object. If you have the NetBIOS name
(the "pre-Windows 2000 logon" name of users) you can use the
NameTranslate object to convert to the DN. A script can prompt for the
NetBIOS name (also called the NT name) and convert to DN. The second step
is to identify the attribute of the object to be modifed. A VBScript
program can bind to the object in AD (using the DN) and assign a new
value to the attribute (assuming a string attribute). Special techniques
are required if the attribute is multi-valued, Integer8 (a 64-bit number
representing a date), a byte array (like SID or GUID values), or
generalized time values. If you only modify single-valued string
attributes, the script could prompt for the name of the attribute (the
LDAP display name), plus the new value. A VBScript example, using
NameTranslate follows:
=============
' Constants for the NameTranslate object.
Const ADS_NAME_INITTYPE_GC = 3
Const ADS_NAME_TYPE_NT4 = 3
Const ADS_NAME_TYPE_1779 = 1
' Retrieve DNS name of the domain from the RootDSE object.
Set objRootDSE = GetObject("LDAP://RootDSE";)
strDNSDomain = objRootDSE.Get("defaultNamingContext")
Set objTrans = CreateObject("NameTranslate")
' Initialize NameTranslate by locating the Global Catalog.
objTrans.Init ADS_NAME_INITTYPE_GC, ""
' Use the NameTranslate object to find the NetBIOS name of the domain.
objTrans.Set ADS_NAME_TYPE_1779, strDNSDomain
strNetBIOSDomain = objTrans.Get(ADS_NAME_TYPE_NT4)
' Remove trailing backslash.
strNetBIOSDomain = Left(strNetBIOSDomain, Len(strNetBIOSDomain) - 1)
' Prompt for NetBIOS name of object in AD.
strNTName = InputBox("Enter NetBIOS name of object to modify")
' Use Set method to specify NT format of name.
' Trap error if object not found.
On Error Resume Next
objTrans.Set ADS_NAME_TYPE_NT4, strNetBIOSDomain & "\" & strNTName
If (Err.Number <> 0) Then
On Error GoTo 0
Wscript.Echo strNTName & " not found in Active Directory"
Wscript.Quit
End If
On Error GoTo 0
' Use the Get method to retrieve DN.
strDN = objTrans.Get(ADS_NAME_TYPE_1779)
' Bind to the object.
Set objADObject = GetObject("LDAP://"; & strDN)
' Prompt for the attribute to modify.
strAttribute = InputBox("Enter the LDAP Display Name of the attribute to
modify")
' Prompt for the new attribute value.
strValue = InputBox("Enter the new value to assign to the attribute")
' Assign the value.
' Trap the error if the value is invalid.
On Error Resume Next
objADObject.Put strAttribute, strValue
objADObject.SetInfo
If (Err.Number <> 0) Then
Wscript.Echo "Failed to assign " & strValue & " to attribute " &
strAttribute
End If
=======
You can also use Joe Richards' admod utility. See this link:
http://www.joeware.net/freetools/tools/admod/index.htm
--
Richard Mueller
MVP Directory Services
Hilltop Lab - http://www.rlmueller.net
--
.
- References:
- Re: modifying objects in ADAM ADSIEDIT
- From: joey
- Re: modifying objects in ADAM ADSIEDIT
- Prev by Date: Re: for loop on this
- Next by Date: Re: for loop on this
- Previous by thread: Re: modifying objects in ADAM ADSIEDIT
- Next by thread: for loop on this
- Index(es):
Relevant Pages
|
Loading
