Using Microsoft Visual Basic Scripting Edition (VBScript) and the Windows Script Host environment built into Microsoft Windows 2000, it's easy to quickly write simple but useful scripts and programs for Active Directory. Now couple that ease with the wealth of information that Active Directory contains. The possibilities are tremendous. Listing 3-1 shows such a script, which is available on the companion CD and is named ADSIEnumTop.vbs. When you run this script, it lists the objects at the root of the Active Directory. It's just about the simplest Active Directory script you can write that is still useful.
' Connect to the Active Directory root object
Set adsRootDSE = GetObject("LDAP://RootDSE")
' Form a path to the top-level container of the default domain
strPath = "LDAP://" & adsRootDSE.get("defaultNamingContext")
' Display path being used
WScript.echo "Listing objects at " & strPath
' Connect to the container specified
Set adsDomain = GetObject(strPath)
' Enumerate through each object in the container
For Each adsObject In adsDomain
' Display the name of each object and its class
WScript.Echo adsObject.Name & " (" & adsObject.Class & ")"
Next
Listing 3-1 The ADSIEnumTop.vbs sample enumerates the top-level objects in a domain's Active Directory.
Figure 3-1 shows an example of the information that will be displayed by this script when you run the command cscript.exe adsienumtop.vbs.
Figure 3-1 ADSIEnumTop.vbs sample output.
A script for Windows Script can be executed in two ways, using the default Windows-based host or a console-based host. The Windows-based host displays dialog boxes, while the console-based host uses a command prompt window. Using a command like cscript.exe <scriptname> will run the specified script using the console-based host.
This simple script sets up communication with Active Directory using a special object called the RootDSE, which I'll discuss in the next chapter. Once connected, it retrieves the pathname of the top-level container for the directory and connects to it. The For Each statement instructs VBScript to step through each object in the directory at this location. The WScript.Echo statement displays information about the object, including its name and the type (class) of object.
The script uses seven lines of code, and almost half of them are related to setting up and displaying text. How does Active Directory accomplish this with such ease? What are the underlying technologies? I'll introduce them in the following sections.