I have the following code: $bind = new COM("LDAP://CN=GroupName,OU=Groups,OU=Division,DC=company,DC=local"); When I execute it from a command-prompt, it runs fine. When it runs under IIS/PHP/ISAPI, it barfs. Fatal error: Uncaught exception 'com_exception' with message 'Failed to create COM object `LDAP://CN=...[cut]...,DC=local': An...
I'm successfully using VBScript within WScript to remotely read and write IIS configurations from the server. When I attempt to run these same scripts from my desk box they fail, though. Example: Dim vdir Set vdir = GetObject("IIS://servername/w3svc/226/root") Error = "Invalid syntax" The code works perfectly when run from one IIS se...
I'm looking for a method to obtain the current logged in user's full Active Direcory LDAP path. e.g. LDAP://CN=john.smith,OU=UK,OU=Sales,DC=Company,DC=local ...
We have a company intranet with staff management functions. I would like to begin automating setup of new staff members, e.g. creating Windows accounts for them, creating their home folders, setting up shares, and the like. When a staff member leaves the company I would like to automatically remove their user. I have been battling to fi...
I currently have some code that pulls down a list of users in a group and then iterates through that group to determine if a given account exists, but it seems like there ought to be a more concise (and perhaps faster) way to accomplish this. This code (VB.NET) attempts to use the member property of the group object, but it is returning...
I am trying to beef up my code that determines whether a user is a member of a given AD group. It essentially works except when the member of the group happens to be from another (trusted) domain because it is stored as a foreignsecurityprincipal. Given that I have a valid DirectoryEntry object for both the Group I want to test, and the...
I've installed PowerShell recently and one of the first things I started looking for was how to create a new user. After looking for some time I still haven't found this. I have a little experience in bash on linux and find it very effective. Creating users there is trivial. Is there an easy\built-in way to create a local user with Power...
I am attempting to query AD via ldap from within SQL Server 2005 but get the following error: Msg 7321, Level 16, State 2, Line 1 An error occurred while preparing the query "SELECT NAME,MAIL FROM "LDAP:///CN=foo,CN=Users,DC=bar,DC=com"" for execution against OLE DB provider "ADsDSOObject" for linked server "ADSI". This is after execut...
I've seen this question posted similarly in the past, I was hoping someone can point me in the right direction, the User.Identity.Name class returns the domain login. Which class exposes the actual name? For user "John Doe" who logs into the web application supplying my_domain\jdoe User.Identity.Name - Returns : *my_domain\jdoe* Sy...
In active directory, should mailNickname always equal samaccountname? Or, should it always be equal to the mail property (minus the "@domain")? My reason for asking is that we have recently changed everyone's primary email address to the first.last form and we set the mail property to the same. But, do we also need to modify the mailNi...
I have an ADSI connection in my SQL Server (2005) and I'm able to query it using openquery. Is there any way to create new accounts (and/or) edit existing ones? Also, I'd like to have to use openquery to get to the data, but it looks like it's the only solution. Here's a sample query that I'm using: SELECT samaccountname, depar...
I'm in the process of writing a small web app that would allow me to manage several IIS installations on different servers on our network. We have no domain controller. I have written a small impersonation controller that uses the win32 api and its LogonUser method. I then use System.DirectoryServices and the IIS ADSI provider to create...
I have an ASP.Net application (on Win2K) that is using Windows authentication and impersonation. We are using the following code to change password: Dim objDE As DirectoryEntry '... objDE.Invoke("ChangePassword", txtOldPassword, txtNewPassword) This code works great, except it does not lock the account if there were multiple unsucces...
IIS 6.0 generates eTag values in the format of "hash:changenumber". The changenumber goes up every time IIS resets, so your eTag is only valid for the lifetime of your IIS process. Restart, number goes up, hash:changenumber != hash:changenumber+1. The fix for this is to hard-code the changenumber, which is possible using the Metabase E...
I am trying to create a powershell script to automate user creation which is working great using ADSI. However I need to set the following properties and I am not sure how (or if ADSI can even do this): Log on as a service Allow logon locally Any ideas how to do this? ...
Using Active Directory, am trying to find the SamAccountName and email of the user’s manager. I find the logged on user in the AD by search where sAMAccountName = Domain\Account. I then retrieve the manager property, which looks like this, for example: "CN=Doe\, Jane E.,OU=Employees,OU=Users,OU=Detroit,OU=United States,DC=na,DC=gmc,DC...
Does anyone know of a good wrapper for the Windows ADSI libraries for Java? (I'm trying to avoid writing my own in JNA - and I'd like to use something standard.) ...
Does anyone know what property I can query for in an ADSI query that would return the object's parent OU? I know I can bind to the AD object and then use object.Parent to return it's parent OU, but if I ask for "parent" in a ADSI query it returns back as a invalid query I would rather not do bind unless absolutely necessary. (i.e. "SEL...
We currently have a View that queries active directory info. I was wondering if there was a good reference as to what fields (field names) are available in AD for me to query against. I don't have access to Active Directory so I can't go playing around in there to maybe figure it out myself. Any help would be appreciated. ...
I tried the following after creating the new group: $adminGroup = [ADSI]"WinNT://./Administrators" $group =[ADSI]"WinNT://./Test1" #$adminGroup.Add($group) - This does not work Any idea what is missing? ...