What I said last time is how to use ADSI to manage Web server this time to discuss how ADSI manages NT
Using ADSI to manage IIS requires OP4
For an NT to be ADSI managed, you need NTLM
NTLM provides the following objects: Domain, Group, and User.
You can add groups and users through domain objects.
Warning:
The following examples will change the NT access rights database, and arbitrarily increase and change the NT user's permissions
Please read carefully before using, only run these programs on the test machine only until you master the NTLM
Working principle so far. Never compromise the security of a real host.
Only people with administrator or operator privileges can run the IIS machine
Change the user database for NT. Therefore, there is no permission to log on with the anonymous permission.
Of course, if you use SSL, you can guarantee security.
Examples are as follows:
Create a new User:
You can add users on a separate server or on a primary domain server
<%
On Error Resume Next
Strdomain= "MachineName"
Struser= "JDoe"
Set odomain = GetObject ("winnt://" & Strdomain)
Set ouser = odomain.create ("user", struser)
If (err.number = 0) Then
Ouser.setinfo
Ouser.setpassword "MyPassword"
Ouser.setinfo
Set ouser=nothing
End If
Set odomain=nothing
%>
Add a new group:
<%
Strdomain= "MachineName"
strgroup= "Unidentified"
Set odomain = GetObject ("winnt://" & Strdomain)
Set ogroup = odomain.create ("group", Strgroup)
Ogroup.setinfo
Set odomain=nothing
Set ogroup=nothing
%>
Add a user to a group.
<%
Strdomain= "MachineName"
Struser= "JDoe"
strgroup= "Unidentified"
Set odomain = GetObject ("winnt://" & Strdomain)
Set ogroup = Odomain.getobject ("Group", Strgroup)
Ogroup.add ("winnt://" & Strdomain & "/" & struser)
Set odomain=nothing
Set ogroup=nothing
%>
Configure user Information
<%
Strdomain= "MachineName"
Struser= "JDoe"
Set ouser = GetObject ("winnt://" & Strdomain & "/" & struser)
' Setting the account expiration to
Dtexpirationdate=now ()
Dtexpirationdate=dateadd ("D", 30,dtexpirationdate)
Ouser.accountexpirationdate = Dtexpirationdate
' Setting the full Name of the User
Ouser.fullname= "Joe Doe"
Ouser.setinfo ()
Set ouser=nothing
%>
Inheriting users
<%
Strdomain= "MachineName"
strgroup= "Unidentified"
Set Group = GetObject ("winnt://" & Strdomain & "/" & Strgroup)
For all in Group.members
If (member.class= "User") Then
' Here's where you would do
' Something with the user
End If
Next
%>
When you are using the NT5.0, you do not need to install NTLM because NT5.0 provides support for ADSI.