Creating the NTContainerManagement Class Module

In this section, you will begin the first of many exercises throughout Part II that will ultimately yield the creation of the NTAdmin.DLL COM server.

By using a class module for the creation of new objects in a container and the manipulation of domain properties, you can easily separate business logic from application logic. This approach is desirable if you want to create code that you can reuse for any administrative application you might be working on.

In keeping with today's n - tier development standards, you can create a COM object containing all the container and domain property manipulation code found in this chapter. The creation of a COM server is desirable if you want to use this code with a non-administrative account (delegated administration) or if you wish to incorporate additional logic into a single atomic function.

Example 3.1 Creating NTAdmin.DLL: Domain and Container Management Functions

1. Create a new ActiveX DLL Visual Basic project.

2. Set a reference to the Active DS Type Library by clicking the Project menu, selecting References , and placing a checkmark next to the Active DS Type Library entry. Click the OK command button to exit the References “Project1 dialog box.

3. Rename Project1 as NTAdmin .

4. Rename the Class1 class module as NTContainerManagement .

5. Enter the following code into the General Declarations section of the class module:

     Public Function EnumerateNamespace() As Variant   On Error Resume Next   Dim Domain As IADs   Dim NewElement() As Variant   Dim NameSpace As IADsContainer   Dim i As Long   Set NameSpace = GetObject("WinNT:")   For Each Domain In NameSpace   i = UBound(NewElement) + 1   ReDim Preserve NewElement(i)   NewElement(i) = Domain.Name   Next   EnumerateNamespace = NewElement   End Function   Public Function QueryDomainProp(ByVal DomainName As String, ByVal PropertyName As   String) As Long   Dim Domain As IADsDomain   Dim ADsPath As String   ADsPath = "WinNT://"&DomainName   Set Domain = GetObject(ADsPath)   Select Case UCase(PropertyName)   Case "AUTOUNLOCKINTERVAL"   QueryDomainProp = Domain.AutoUnlockInterval   Case "LOCKOUTOBSERVATIONINTERVAL"   QueryDomainProp = Domain.LockoutObservationInterval   Case "MAXBADPASSWORDSALLOWED"   QueryDomainProp = Domain.MaxBadPasswordsAllowed   Case "MAXPASSWORDAGE"   QueryDomainProp = Domain.MaxPasswordAge   Case "MINPASSWORDAGE"   QueryDomainProp = Domain.MinPasswordAge   Case "MINPASSWORDLENGTH"   QueryDomainProp = Domain.MinPasswordLength   Case "PASSWORDHISTORYLENGTH"   QueryDomainProp = Domain.PasswordHistoryLength   End Select   End Function   Public Function SetDomainProp(ByVal DomainName As String, ByVal PropertyName As   String, ByVal NewValue As Long) As Boolean   Dim Domain As IADsDomain   Dim ADsPath As String   Dim SetDomainPropStatus As Long   ADsPath = "WinNT://"&DomainName   Set Domain = GetObject(ADsPath)   Select Case UCase(PropertyName)   Case "AUTOUNLOCKINTERVAL"   Domain.AutoUnlockInterval = NewValue   Domain.SetInfo   Case "LOCKOUTOBSERVATIONINTERVAL"   Domain.LockoutObservationInterval = NewValue   Domain.SetInfo   Case "MAXBADPASSWORDSALLOWED"   Domain.MaxBadPasswordsAllowed = NewValue   Domain.SetInfo   Case "MAXPASSWORDAGE"   Domain.MaxPasswordAge = NewValue   Domain.SetInfo   Case "MINPASSWORDAGE"   Domain.MinPasswordAge = NewValue   Domain.SetInfo   Case "MINPASSWORDLENGTH"   Domain.MinPasswordLength = NewValue   Domain.SetInfo   Case "PASSWORDHISTORYLENGTH"   Domain.PasswordHistoryLength = NewValue   Domain.SetInfo   End Select   If Err = 0 Then SetDomainProp = True   End Function   Public Function CreateContainerObject(ByVal ContainerName As String, ByVal   ObjectClass As String, ByVal ObjectName As String) As Boolean   Dim Container As IADsContainer   Dim ADsPath As String   ADsPath = "WinNT://"&ContainerName   Set Container = GetObject(ADsPath)   Select Case UCase(ObjectClass)   Case "USER"   Dim User As IADsUser   Set User = Container.Create("User", ObjectName)   User.SetInfo   Case "GLOBALGROUP"   Dim GlobalGroup As IADsGroup   Set GlobalGroup = Container.Create("Group", ObjectName)   GlobalGroup.Put "groupType", ADS_GROUP_TYPE_GLOBAL_GROUP   GlobalGroup.SetInfo   Case "LOCALGROUP"   Dim LocalGroup As IADsGroup   Set LocalGroup = Container.Create("Group", ObjectName)   LocalGroup.Put "groupType", ADS_GROUP_TYPE_LOCAL_GROUP   LocalGroup.SetInfo   Case "COMPUTER"   Dim Computer As IADsComputer   Dim ComputerAccount As IADsUser   Set Computer = Container.Create("Computer", UCase(ObjectName))   Computer.SetInfo   Set ComputerAccount = GetObject("WinNT://"&ContainerName&"/"   & ObjectName&"$,user")   ComputerAccount.Put "UserFlags", (ComputerAccount.Get("UserFlags")   Or &H1000)   ComputerAccount.SetPassword (LCase(ObjectName))   ComputerAccount.SetInfo   End Select   If Err = 0 Then CreateContainerObject = True   End Function   Public Function DeleteContainerObject(ByVal ContainerName As String, ByVal   ObjectClass As String, ByVal ObjectName As String) As Boolean   Dim Container As IADsContainer   Dim ADsPath As String   ADsPath = "WinNT://"&ContainerName   Set Container = GetObject(ADsPath)   Call Container.Delete(ObjectClass, ObjectName)   If Err = 0 Then DeleteContainerObject = True   End Function   Public Function RenameUserAccount(ByVal ContainerName As String, ByVal   OldUserName As String, ByVal NewUserName As String) As Boolean   On Error Resume Next   Dim Container As IADsContainer   Dim User As IADsUser   Set Container = GetObject("WinNT://"&ContainerName)   Set User = GetObject("WinNT://"&ContainerName&"/"&OldUserName&   ",user")   If Err.Number = 0 Then   Call Container.MoveHere(User.ADsPath, NewUserName)   End If   If Err.Number = 0 Then   RenameUserAccount = True   Else   RenameUserAccount = False   End If   End Function   Public Function EnumerateContainer(ByVal ContainerName As String, Optional ByVal   Filter As String) As Variant   On Error Resume Next   Dim LeafObject As IADs   Dim Container As IADsContainer   Dim i As Long   Dim NewElement() As Variant   Set Container = GetObject("WinNT://"&ContainerName)   If Filter <> " Then   Container.Filter = Array(Filter)   End If   For Each LeafObject In Container   i = UBound(NewElement) + 1   ReDim Preserve NewElement(i)   NewElement(i) = LeafObject.Name   Next   EnumerateContainer = NewElement   End Function  

6. Compile the code as NTAdmin.DLL.

7. Save and close the NTAdmin project.

Using the Functions in NTContainerManagement

With the NTContainerManagement class module created, you can access the functions contained in the class module from any programming language that supports OLE automation, including Visual Basic, VBScript, and JavaScript.

After the NTContainerManagement class module has been instantiated , you can reduce domain management to a single line of code by referencing the methods ( SetDomainProp , EnumerateContainer , and so on) in the class module.

Instantiating NTAdmin.NTContainerManagement Using Visual Basic

Before you can use the new class module in your programming environment, you must instantiate the object.

First, you must set a reference to NTAdmin. From the Project menu, select References , and then scroll through the list to find NTAdmin.

With a reference now established to NTAdmin.DLL, you can instantiate the object in your code, as follows :

 Dim ContainerManagement As NTAdmin.NTContainerManagement Set ContainerManagement = New NTAdmin.NTContainerManagement 

You can now use all seven methods of the object by simply typing ContainerManagement. Method .If you have AutoListMembers enabled for the Visual Basic IDE, Visual Basic will automatically show you the names and syntax for each of the public methods in the class module.

Instantiating NTContainerManagement in a VBScript Active Server Page

Begin by copying the NTAdmin.DLL to your IIS server. From the server console, register NTAdmin.DLL using REGSVR32. If you want to use the DLL in a delegated administration environment, create an MTS package and specify a privileged account for the package identity.

With the DLL now registered, create a new ASP page and use the following VBScript code to instantiate the object:

 Dim ContainerManagement Set ContainerManagement = Server.CreateObject("NTAdmin.NTContainerManagement") 

The methods of the object can now be called simply by typing ContainerManagement. Method .

Instantiating NTContainerManagement from a JavaScript Active Server Page

If the NTAdmin.DLL has not been copied to the IIS server, follow the previous example.

After the DLL has been registered, you can use the following JavaScript code in an Active Server Page to instantiate the NTAdmin.NTContainerManagement component:

 var ContainerManagement = Server.CreateObject("NTAdmin.NTContainerManagement"); 

Using the Functions in NTContainerManagement

Use Table 3.1 to help you use the proper syntax for each of the methods of the NTContainerManagement interface:

Table 3.1. NTContainerManagement Method Syntax

 For Each Item in ContainerManagement.EnumerateNamespace      Debug.Print Item Next 

 RetVal = ContainerManagement.CreateContainer Object ("Domain_Name", "Computer", "Computer_Name") 

 RetVal = ContainerManagement.CreateContainer Object ("Domain_Name", "User", "User_Name") 

 RetVal = ContainerManagement.CreateContainer Object ("Domain_Name", "GlobalGroup", "Group_Name") 

 RetVal = ContainerManagement.CreateContainer Object ("Domain_Name", "LocalGroup", "Group_Name") 

 RetVal = ContainerManagement.DeleteContainer Object ("Domain_Name", "Computer", "Computer_Name") 

 RetVal = ContainerManagement.DeleteContainer Object ("Domain_Name", "User", "User_Name") 

 RetVal = ContainerManagement.DeleteContainer Object ("Domain_Name", "Group", "Group_Name") 

 RetVal = ContainerManagement.QueryDomainProp ("Domain_Name", "AutoUnlockInterval") 

 RetVal = ContainerManagement.QueryDomainProp ("Domain_Name", "LockoutObservationInterval") 

 RetVal = ContainerManagement.QueryDomainProp ("Domain_Name", "MaxBadPasswordsAllowed") 

 RetVal = ContainerManagement.QueryDomainProp ("Domain_Name", "MaxPasswordAge") 

 RetVal = ContainerManagement.QueryDomainProp ("Domain_Name", "MinPasswordAge") 

 RetVal = ContainerManagement.QueryDomainProp ("Domain_Name", "MinPasswordLength") 

 RetVal = ContainerManagement.QueryDomainProp ("Domain_Name", "PasswordHistoryLength") 

 RetVal = ContainerManagement.SetDomainProp ("Domain_Name", "AutoUnlockInterval", New_Value) 

 RetVal = ContainerManagement.SetDomainProp ("Domain_Name", "LockoutObservationInterval", New_Value) 

 RetVal = ContainerManagement.SetDomainProp ("Domain_Name","MaxBadPasswordsAllowed", New_Value) 

 RetVal = ContainerManagement.SetDomainProp ("Domain_Name", "MaxPasswordAge", New_Value) 

 RetVal = ContainerManagement.SetDomainProp ("Domain_Name", "MinPasswordAge", New_Value) 

 RetVal = ContainerManagement.SetDomainProp ("Domain_Name", "MinPasswordLength", New_Value) 

 RetVal = ContainerManagement.SetDomainProp ("Domain_Name", "PasswordHistory Length", New_Value) 

 RetVal = ContainerManagement.RenameUserAccount ("Domain_Name", "Old_Account", "New_Account") 

 For Each Item in ContainerManagement.EnumerateContainer ("Domain_Name")      Debug.Print Item Next 

 For Each Item in ContainerManagement.EnumerateContainer ("Domain_Name", "User")      Debug.Print Item Next 

 For Each Item in ContainerManagement.EnumerateContainer ("Domain_Name", "Group")      Debug.Print Item Next 

 For Each Item in ContainerManagement.EnumerateContainer ("Domain_Name", "GlobalGroup")      Debug.Print Item Next 

 For Each Item in ContainerManagement.EnumerateContainer ("Domain_Name", "LocalGroup")      Debug.Print Item Next 

 For Each Item in ContainerManagement.EnumerateContainer ("Domain_ Name", "Computer")      Debug.Print Item Next