Enumerating Objects Within a Domain or Computer

Previous page
Table of content
Next page
   
Enumerating Objects Within a Domain or Computer

After you have obtained the name of the domain (or a member server/workstation) using enumeration, you will most likely wish to view the objects within the specified container. To retrieve the contents of the domain container, simply bind to the container object itself. You can then use a For Each loop to retrieve the contents of the container for display or manipulation.

This enumeration method will return the entire contents of any SAM ”whether it is the SAM on a domain controller, member server, or workstation.

Enumerating a Generic Container

To best understand the concept of container enumeration, imagine a file cabinet containing photographs from each of the vacations you have taken during your life. You might have a drawer (representing a container) with file folders labeled with each of the locations you have visited (also containers). Within each of these folders, you have placed each of the photos of your trip.

When you enumerate a container, you select a container and look through all the objects within it. In the vacation photograph example, this would be analogous to selecting a file folder and examining each of the photos in it one by one. When you enumerate the "container" in this way, you view all objects within it ”whether they are images of your spouse, scenic photos, or even those photos you took with the camera strap blocking the subject.

Enumerating a Generic Container Using Visual Basic

Use the following Visual Basic code to enumerate all objects within any container: 

 Dim Container as IADsContainer Dim ContainerName as String ContainerName = "  Container_Name_To_Manage  " Set Container = GetObject("WinNT://"&ContainerName) Dim LeafObject as IADs For Each LeafObject in Container      Debug.Print LeafObject.Name Next

Tip

To enumerate a domain, simply replace the Container_Name_To_Manage variable assignment with a valid domain name. To enumerate a workstation or member server, specify the domain name and computer name as Domain_Name/Computer_Name .


Applying Filters for Enumeration

The previous code segments will return objects of all classes contained within the domain (or local SAM database), as they do not specify which type of objects you seek within the given container. If these code segments were run against a domain containing many objects, the returned result set is likely to be much larger than you require. To help reduce the size of the result set returned from such queries, ADSI allows specification of a filter to be used for the enumeration process.

In the case of a domain object in the Windows NT namespace, these filters may include user accounts, groups, computer accounts, services, or just about any object class. Applying a filter to the enumeration process may substantially increase the performance of the query and often provides better use of system resources.

To continue the photography example, if you wished to show the photographs of your recent vacation to a colleague, you would likely remove all images you deem members of the "flawed" or "boring" classes.

Enumerating User Accounts Using Visual Basic

By setting the IADsContainer Filter property to an array containing the string "User" , you can narrow the enumeration of a container down to objects belonging to the User class. Use the following Visual Basic code as a guide: 

 Dim Container as IADsContainer Dim ContainerName as String ContainerName = "  Container_Name_To_Manage  " Set Container = GetObject("WinNT://"&ContainerName) Container.Filter = Array("User") Dim User as IADsUser For Each User in Container      Debug.Print User.Name Next
Enumerating Computer Accounts Using Visual Basic

By changing the IADsContainer Filter property to "Computer," you can enumerate all computer accounts defined in the Windows NT SAM. Use the following Visual Basic code as a guide: 

 Dim Container as IADsContainer Dim ContainerName as String ContainerName = "  Container_Name_To_Manage  " Set Container = GetObject("WinNT://"&ContainerName) Container.Filter = Array("Computer") Dim Computer as IADsComputer For Each Computer in Container      Debug.Print Computer.Name Next
Enumerating Groups Using Visual Basic

If you wish to enumerate all groups defined in the Windows NT SAM, you can easily do so using the following Visual Basic code: 

 Dim Container as IADsContainer Dim ContainerName as String ContainerName = "  Container_Name_To_Manage  " Set Container = GetObject("WinNT://"&ContainerName) Container.Filter = Array("Group") Dim Group as IADsGroup For Each Group in Container      Debug.Print Group.Name Next

Tip

The preceding code example shows all group objects and does not distinguish between local and global groups. If you wish to view only local groups, you can set the IADsContainer Filter property to "Array ( "LocalGroup" ) " .

Likewise, if you wish to view all global groups in the domain, you can set the IADsContainer Filter property to "Array ( "GlobalGroup" ) " .


   
Top

Previous page
Table of content
Next page
Windows NT. 2000 ADSI Scripting for System Administration
Windows NT/2000 ADSI Scripting for System Administration
ISBN: 1578702194
EAN: 2147483647
Year: 2000
Pages: 194
Authors: Thomas Eck
BUY ON AMAZON
CompTIA Project+ Study Guide: Exam PK0-003
Cisco CallManager Fundamentals (2nd Edition)
Service-Oriented Architecture (SOA): Concepts, Technology, and Design
Google Maps Hacks: Tips & Tools for Geographic Searching and Remixing
An Introduction to Design Patterns in C++ with Qt 4
Information Dashboard Design: The Effective Visual Communication of Data
flylib.com © 2008-2017.
If you may any questions please contact us: flylib@qtcs.net
Privacy policy