In this section, you will begin the first of many exercises throughout Part II that will ultimately yield the creation of the NTAdmin.DLL COM server.
By using a class module for the creation of new objects in a container and the manipulation of domain properties, you can easily separate business logic from application logic. This approach is desirable if you want to create code that you can reuse for any administrative application you might be working on.
In keeping with today's n - tier development standards, you can create a COM object containing all the container and domain property manipulation code found in this chapter. The creation of a COM server is desirable if you want to use this code with a non-administrative account (delegated administration) or if you wish to incorporate additional logic into a single atomic function.
Create a new ActiveX DLL Visual Basic project.
Set a reference to the Active DS Type Library by clicking the Project menu, selecting References , and placing a checkmark next to the Active DS Type Library entry. Click the OK command button to exit the References “Project1 dialog box.
Rename Project1 as NTAdmin .
Rename the Class1 class module as NTContainerManagement .
Enter the following code into the General Declarations section of the class module:
Public Function EnumerateNamespace() As Variant On Error Resume Next Dim Domain As IADs Dim NewElement() As Variant Dim NameSpace As IADsContainer Dim i As Long Set NameSpace = GetObject("WinNT:") For Each Domain In NameSpace i = UBound(NewElement) + 1 ReDim Preserve NewElement(i) NewElement(i) = Domain.Name Next EnumerateNamespace = NewElement End Function Public Function QueryDomainProp(ByVal DomainName As String, ByVal PropertyName As String) As Long Dim Domain As IADsDomain Dim ADsPath As String ADsPath = "WinNT://"&DomainName Set Domain = GetObject(ADsPath) Select Case UCase(PropertyName) Case "AUTOUNLOCKINTERVAL" QueryDomainProp = Domain.AutoUnlockInterval Case "LOCKOUTOBSERVATIONINTERVAL" QueryDomainProp = Domain.LockoutObservationInterval Case "MAXBADPASSWORDSALLOWED" QueryDomainProp = Domain.MaxBadPasswordsAllowed Case "MAXPASSWORDAGE" QueryDomainProp = Domain.MaxPasswordAge Case "MINPASSWORDAGE" QueryDomainProp = Domain.MinPasswordAge Case "MINPASSWORDLENGTH" QueryDomainProp = Domain.MinPasswordLength Case "PASSWORDHISTORYLENGTH" QueryDomainProp = Domain.PasswordHistoryLength End Select End Function Public Function SetDomainProp(ByVal DomainName As String, ByVal PropertyName As String, ByVal NewValue As Long) As Boolean Dim Domain As IADsDomain Dim ADsPath As String Dim SetDomainPropStatus As Long ADsPath = "WinNT://"&DomainName Set Domain = GetObject(ADsPath) Select Case UCase(PropertyName) Case "AUTOUNLOCKINTERVAL" Domain.AutoUnlockInterval = NewValue Domain.SetInfo Case "LOCKOUTOBSERVATIONINTERVAL" Domain.LockoutObservationInterval = NewValue Domain.SetInfo Case "MAXBADPASSWORDSALLOWED" Domain.MaxBadPasswordsAllowed = NewValue Domain.SetInfo Case "MAXPASSWORDAGE" Domain.MaxPasswordAge = NewValue Domain.SetInfo Case "MINPASSWORDAGE" Domain.MinPasswordAge = NewValue Domain.SetInfo Case "MINPASSWORDLENGTH" Domain.MinPasswordLength = NewValue Domain.SetInfo Case "PASSWORDHISTORYLENGTH" Domain.PasswordHistoryLength = NewValue Domain.SetInfo End Select If Err = 0 Then SetDomainProp = True End Function Public Function CreateContainerObject(ByVal ContainerName As String, ByVal ObjectClass As String, ByVal ObjectName As String) As Boolean Dim Container As IADsContainer Dim ADsPath As String ADsPath = "WinNT://"&ContainerName Set Container = GetObject(ADsPath) Select Case UCase(ObjectClass) Case "USER" Dim User As IADsUser Set User = Container.Create("User", ObjectName) User.SetInfo Case "GLOBALGROUP" Dim GlobalGroup As IADsGroup Set GlobalGroup = Container.Create("Group", ObjectName) GlobalGroup.Put "groupType", ADS_GROUP_TYPE_GLOBAL_GROUP GlobalGroup.SetInfo Case "LOCALGROUP" Dim LocalGroup As IADsGroup Set LocalGroup = Container.Create("Group", ObjectName) LocalGroup.Put "groupType", ADS_GROUP_TYPE_LOCAL_GROUP LocalGroup.SetInfo Case "COMPUTER" Dim Computer As IADsComputer Dim ComputerAccount As IADsUser Set Computer = Container.Create("Computer", UCase(ObjectName)) Computer.SetInfo Set ComputerAccount = GetObject("WinNT://"&ContainerName&"/" & ObjectName&"$,user") ComputerAccount.Put "UserFlags", (ComputerAccount.Get("UserFlags") Or &H1000) ComputerAccount.SetPassword (LCase(ObjectName)) ComputerAccount.SetInfo End Select If Err = 0 Then CreateContainerObject = True End Function Public Function DeleteContainerObject(ByVal ContainerName As String, ByVal ObjectClass As String, ByVal ObjectName As String) As Boolean Dim Container As IADsContainer Dim ADsPath As String ADsPath = "WinNT://"&ContainerName Set Container = GetObject(ADsPath) Call Container.Delete(ObjectClass, ObjectName) If Err = 0 Then DeleteContainerObject = True End Function Public Function RenameUserAccount(ByVal ContainerName As String, ByVal OldUserName As String, ByVal NewUserName As String) As Boolean On Error Resume Next Dim Container As IADsContainer Dim User As IADsUser Set Container = GetObject("WinNT://"&ContainerName) Set User = GetObject("WinNT://"&ContainerName&"/"&OldUserName& ",user") If Err.Number = 0 Then Call Container.MoveHere(User.ADsPath, NewUserName) End If If Err.Number = 0 Then RenameUserAccount = True Else RenameUserAccount = False End If End Function Public Function EnumerateContainer(ByVal ContainerName As String, Optional ByVal Filter As String) As Variant On Error Resume Next Dim LeafObject As IADs Dim Container As IADsContainer Dim i As Long Dim NewElement() As Variant Set Container = GetObject("WinNT://"&ContainerName) If Filter <> " Then Container.Filter = Array(Filter) End If For Each LeafObject In Container i = UBound(NewElement) + 1 ReDim Preserve NewElement(i) NewElement(i) = LeafObject.Name Next EnumerateContainer = NewElement End Function
Compile the code as NTAdmin.DLL.
Save and close the NTAdmin project.
Tip
If you do not want to share your code between applications, you can enter the preceding code into a code module in any Visual Basic application.
Tip
You can download the Visual Basic 6.0 project or pre-compiled version of NTAdmin.DLL from http://www.newriders.com/adsi .
With the NTContainerManagement class module created, you can access the functions contained in the class module from any programming language that supports OLE automation, including Visual Basic, VBScript, and JavaScript.
After the NTContainerManagement class module has been instantiated , you can reduce domain management to a single line of code by referencing the methods ( SetDomainProp , EnumerateContainer , and so on) in the class module.
Before you can use the new class module in your programming environment, you must instantiate the object.
First, you must set a reference to NTAdmin. From the Project menu, select References , and then scroll through the list to find NTAdmin.
Tip
If you are using a different machine from the one on which the NTAdmin.DLL was compiled, you must copy the DLL to the machine and run REGSVR32 NTAdmin.DLL to register the DLL.
With a reference now established to NTAdmin.DLL, you can instantiate the object in your code, as follows :
Dim ContainerManagement As NTAdmin.NTContainerManagement Set ContainerManagement = New NTAdmin.NTContainerManagement
You can now use all seven methods of the object by simply typing ContainerManagement. Method .If you have AutoListMembers enabled for the Visual Basic IDE, Visual Basic will automatically show you the names and syntax for each of the public methods in the class module.
Begin by copying the NTAdmin.DLL to your IIS server. From the server console, register NTAdmin.DLL using REGSVR32. If you want to use the DLL in a delegated administration environment, create an MTS package and specify a privileged account for the package identity.
With the DLL now registered, create a new ASP page and use the following VBScript code to instantiate the object:
Dim ContainerManagement Set ContainerManagement = Server.CreateObject("NTAdmin.NTContainerManagement")
The methods of the object can now be called simply by typing ContainerManagement. Method .
If the NTAdmin.DLL has not been copied to the IIS server, follow the previous example.
After the DLL has been registered, you can use the following JavaScript code in an Active Server Page to instantiate the NTAdmin.NTContainerManagement component:
var ContainerManagement = Server.CreateObject("NTAdmin.NTContainerManagement");
Use Table 3.1 to help you use the proper syntax for each of the methods of the NTContainerManagement interface:
Action | Syntax |
---|---|
Enumerate Domains | For Each Item in ContainerManagement.EnumerateNamespace Debug.Print Item Next |
Create Computer Account | RetVal = ContainerManagement.CreateContainer Object ("Domain_Name", "Computer", "Computer_Name") |
Create User Account | RetVal = ContainerManagement.CreateContainer Object ("Domain_Name", "User", "User_Name") |
Create Global Group | RetVal = ContainerManagement.CreateContainer Object ("Domain_Name", "GlobalGroup", "Group_Name") |
Create Local Group | RetVal = ContainerManagement.CreateContainer Object ("Domain_Name", "LocalGroup", "Group_Name") |
Delete Computer Account | RetVal = ContainerManagement.DeleteContainer Object ("Domain_Name", "Computer", "Computer_Name") |
Delete User Account | RetVal = ContainerManagement.DeleteContainer Object ("Domain_Name", "User", "User_Name") |
Delete Group | RetVal = ContainerManagement.DeleteContainer Object ("Domain_Name", "Group", "Group_Name") |
Query AutoUnlockInterval | RetVal = ContainerManagement.QueryDomainProp ("Domain_Name", "AutoUnlockInterval") |
Query LockoutObservationInterval | RetVal = ContainerManagement.QueryDomainProp ("Domain_Name", "LockoutObservationInterval") |
Query MaxBadPasswordsAllowed | RetVal = ContainerManagement.QueryDomainProp ("Domain_Name", "MaxBadPasswordsAllowed") |
Query MaxPasswordAge | RetVal = ContainerManagement.QueryDomainProp ("Domain_Name", "MaxPasswordAge") |
Query MinPasswordAge | RetVal = ContainerManagement.QueryDomainProp ("Domain_Name", "MinPasswordAge") |
Query MinPasswordLength | RetVal = ContainerManagement.QueryDomainProp ("Domain_Name", "MinPasswordLength") |
Query PasswordHistoryLength | RetVal = ContainerManagement.QueryDomainProp ("Domain_Name", "PasswordHistoryLength") |
Set AutoUnlockInterval | RetVal = ContainerManagement.SetDomainProp ("Domain_Name", "AutoUnlockInterval", New_Value) |
Set LockoutObservationInterval | RetVal = ContainerManagement.SetDomainProp ("Domain_Name", "LockoutObservationInterval", New_Value) |
Set MaxBadPasswordsAllowed | RetVal = ContainerManagement.SetDomainProp ("Domain_Name","MaxBadPasswordsAllowed", New_Value) |
Set MaxPasswordAge | RetVal = ContainerManagement.SetDomainProp ("Domain_Name", "MaxPasswordAge", New_Value) |
Set MinPasswordAge | RetVal = ContainerManagement.SetDomainProp ("Domain_Name", "MinPasswordAge", New_Value) |
Set MinPasswordLength | RetVal = ContainerManagement.SetDomainProp ("Domain_Name", "MinPasswordLength", New_Value) |
Set PasswordHistoryLength | RetVal = ContainerManagement.SetDomainProp ("Domain_Name", "PasswordHistory Length", New_Value) |
Rename User Account | RetVal = ContainerManagement.RenameUserAccount ("Domain_Name", "Old_Account", "New_Account") |
Enumerate All Domain Objects | For Each Item in ContainerManagement.EnumerateContainer ("Domain_Name") Debug.Print Item Next |
Enumerate Users in a Domain | For Each Item in ContainerManagement.EnumerateContainer ("Domain_Name", "User") Debug.Print Item Next |
Enumerate All Groups in a Domain | For Each Item in ContainerManagement.EnumerateContainer ("Domain_Name", "Group") Debug.Print Item Next |
Enumerate Global Groups in a Domain | For Each Item in ContainerManagement.EnumerateContainer ("Domain_Name", "GlobalGroup") Debug.Print Item Next |
Enumerate Local Groups in a Domain | For Each Item in ContainerManagement.EnumerateContainer ("Domain_Name", "LocalGroup") Debug.Print Item Next |
Enumerate Computer Accounts in a Domain | For Each Item in ContainerManagement.EnumerateContainer ("Domain_ Name", "Computer") Debug.Print Item Next |
Top |