Problems and solutions to developing NT Directory services using ADSI

Solve | The problem

Problems with using ASP to develop NT Directory services (I)

The information about ADSI is really hard to find, although the technology is very good, unfortunately, more than 300 pages of the SDK I can really see if any heroes have the time, can help me translate it, hehe.
Now it's time to translate some short articles, eh. In a hurry translate into, mistake certainly many, also hope everybody understands.
The technique used is still the ADSI I mentioned earlier, and this section focuses on manipulating the directory tree.
The directory Service (DN) runs through the entire NT domain. Almost every management task will eventually change a directory in the system directory. Like adding new users to the group, create a new
Internet sites, or update email directories, and so on. Note that the Windows2000 's Active Directory already supports this technology.
Microsoft has already provided some powerful COM interfaces to access different directory services.
ADS Namespaces and Provider
The concept of ADS provider is very much like an ODBC structure, such as Oracle's ODBC drive that connects a machine to Oracle's database, but that does not mean that the database does exist.
The same relationship is also used with ADSI, which is a common interface that applies to different directory namespaces.
Maybe this directory namespace exists in the network.
On a typical server, when the correct toolbox is installed, you will find three ads provider
They are:
WinNT:-For NT and its network
IIS:-For IIS
LDAP:-For the Active Directory of MS Exchange and WINDOWS200
Maybe you'll find the following provider.
Nwcompat:-For Novell 3.1.
NDS:-For Novell Directory Services
Each Namespace object is composed of the root node set of the directory service, which is typically
NT domain or server, but not all provider can automatically discover root node.
You can bind to a Winnt: On an object it will provide a list of NT domains
However, for IIS and LDAP namespace objects, there is neither IIS nor the root node of MS Exchange.
Must be specified when used.

Container, member, collection
For the most part, the directory is an object of a hierarchical directory structure while it accommodates other objects.
For example, a physical IIS server has multiple Web sites, and each site can have multiple directories (
Or the application of the Web site, and these directories also have subdirectories.
An NT domain can have multiple servers and so on.

In ADSI terminology, all the above container objects contain other objects, and the namespace tree is formed.
The typical code is as follows:
Set oads = GetObject ("Winnt://mydomain")

For each oadschild in OADs

' Do something

Next

Hierarchical catalog models do not fully describe the relationships between objects. Individually, NT user and Group objects
Constraints with domain and server objects, but they also have an additional member relationship.
The ADSI object model represents membership by using the. Groups and. Menmbers Properties.
For example, a typical list is as follows:
Set oads = GetObject ("Winnt://mydomain/administrator")
For each oadsgroup in oads.groups
' Do something
Next
' ...
Set oads = GetObject ("Winnt://mydomain/domain Users")
For each oadsmember in Oads.members
' Do something
Next
Look carefully at the subtle differences in the code above
Performs a list on an object itself, and returns its child layer.
On an object. The member property execution list returns its membership list.
Finally, there are dynamic sets to represent objects that are temporarily independent.
A typical example is the task in the print queue. Printjobs Collection

Schema Object
Each Ads object is linked to a schema object to represent its performance and characteristics
When we write code, we often run into the question of how my object supports those attributes,
This is a container object, or what type the object might contain.
For example, in principle, a directory service itself is a complete schema object.

Prepare to run the program
This Ads browsing program requires certain security permissions to be able to run.
Copy this ads browse the files to a shared directory on your network
To map a virtual web directory
This directory is assigned the permissions of the manager.

Take a look at the name space tree

The

uses Microsoft's HTMLHelp Java applet here.
It can produce the tree structure we need. It is particularly important that it provides support for the subtree
because I don't want to risk my entire directory tree.
A seminar on HTMLHelp applets goes well beyond the current topic, with only a short version:
<ul>
<!--...--
<li>iiswebserver Objects
<ul>
<LI> 1
<!--on click: Show Page
adsproperties.asp? ADSPATH=IIS://MYSERVER/W3SVC/1}
<ul>
<!--on expand: Show Next Level
Adstreehhc.asp? ADSPATH=IIS://MYSERVER/W3SVC/1
</ul>
<LI> 2
<!--on click: Show Page
adsproperties.asp ? ADSPATH=IIS://MYSERVER/W3SVC/2}
<ul>
<!--on expand: Show Next Level
Adstreehhc.asp? ADSPATH=IIS://MYSERVER/W3SVC/2
</ul>
<!--...--
</ul>
<!--...--
</ul>

How to find the node of the directory tree
The program flow should be as follows:
1. Bind to a directory object
2. Find the schema class associated with it
3. If it is a container object, then
For all possible containers in this object (obtained by schema)
To implement all of the objects
Using the HTMLHelp applet to generate <li> ....
In the implementation process, in fact, a total of 10 lines of code, but each line of code has its own difficulties
By mastering them you will be able to achieve many other wonderful functions.

One difficulty: Finding a Schema class object
The first difficulty is that not all ads objects have a schema in the real sense. A section of the procedure is as follows
Set oads = GetObject (Vadspath)
Set Oadsclass = GetObject (Oads.schema)
This code will fail for some higher level objects. You must add a little exception handling.
Function GetClass (oads)
On Error Resume Next
Set GetClass = Nothing
Set getclass = GetObject (Oads.schema)
End Function
Set Oadsclass = getclass (oads)
If Typename (Oadsclass) <> "Nothing" Then
' Do something
End If

By managing a schema class, we look at it. Container property to determine the type of container we are dealing with.
And then when we use it. Containment array to get the object's class.
For example, some domain objects will return an array of schema classes that contain
String "Computer", "User", "Group", and "Schema".
The theoretical code is as follows
If Oadsclass.container Then
Vcontainment = Oadsclass.containment
For vidx=0 to UBound (vcontainment)
Oads.filter = Array (vcontainment (VIDX))
For each oadschild in OADs
' Write an <li&gt ... entry
Next
Next
End If
But there are problems again, and this method can sometimes not work. A. Containment array of Winnt domain
Returns only 3 of the 4 object classes. The LDAP provider is not executed at all. Container and. Containment Properties
So we can't use the above code anymore, we have to create some weird code for these weird phenomena.
Other strange places.
Here are some very strange code, such as the NT LanManServer object can imagine that it should have a Fileservice class
and contains a FileShare class object. The correct code is as follows:
Set oads = GetObject ("Winnt://mydomain/myserver/lanmanserver")
But unfortunately, when we call its parent node, we get an error.
Set oads = GetObject ("Winnt://mydomain/myserver")
Oads.filter = Array ("Fileservice")
For each oadschild in OADs
' The code here will never be executed
Next
The following similar approach can also be faulted:
Set oads = GetObject ("Winnt://mydomain/myserver")
For each oadschild in OADs
If oadschild.name = "LanManServer" Then
For each oadsgrandchild in Oadschild
' Error
Next
End If
Next
This is why, in fact, LanManServer has a dual identity. It's a Fileservice object.
But at the same time it is also an ordinary service object. So here's the weird code that has the following:
For each oadschild in OADs
If oadschild.name = "LanManServer" Then
Set oadschild = GetObject (Oadschild.adspath)
For each oadsgrandchild in Oadschild
' Finally succeeded.
Next
End If
Next

Object nature:
Object properties are relatively easy to obtain compared with the above. Each object can be imagined to have a core attribute.
For example, name, this same attribute makes it easy to use objects:
Vadsname = Oads.name
Most objects also have such properties. Mandatoryproperties and. OptionalProperties, this can all pass them
The schema classes are obtained and their values can be passed through the object's. The GetEx method is obtained by:
For each vprop in Oadsclass.mandatoryproperties
Vpropvalue = Oads.getex (Vprop)
Next