scriptygoddess

05 Oct, 2002

Introduction to AD

Posted by: dave In: Admin-type scripts

This is an introduction to a couple of postings I'll be writing on system admin style scripting. Web scripting is great, but its good to see how the skills you aquire scripting for the web can spill over into "backend" style administration work. That said, lets get into Active Directory (AD), and how to script against it.

What is AD?

AD is basically a Microsoft based implementation of LDAP (Light Directory Access Protocol), which is a hierarchical database of objects (users, computers, etc). LDAP is an open, standard based protocol, meaning that LDAP enabled applications should be able to work with AD. Since this will probably be a long article, please read on…

AD is built into Win2000 servers, and is the preferred way of setting up Win2K networks. It functions like this:
You have a "root" domain (xyz.com)
You have servers off that root (server.xyz.com)
You have objects in that server (computer.server.xyz.com)

Its modeled after a DNS way of looking at things, but the syntax is a little different than making http:// style requests. A LDAP (and as a result AD) query looks like this:
ldap://cn=computer,ou=serverdomain,dc=xyz,dc=com

here's what things stand for:
cn = common name – the name of the object you are looking at
ou = organizational unit – these are grouping that you can put objects into, and do not correspond to "real world" objects.. they are just storage units
dc = domain component – just the chunks that make up the domain you are in (for this page, it would be dn=scriptygoddess,dn=com)

The cool thing is that each object can have attributes, like location, name, address, and so on. In the next posting I'll show you how to map all the computers in a lab to all the printers in the lab, without touching each machine, and in a few (under 20) lines of code…

I should add that I work for a large school district, where we have situations like this all the time, and since students love to fiddle, they constantly disconnect printer mappings on the machines. With this script I can easily map printers in the logon script, so even if they disconnect the printers, they just have to re-logon to get the mappings again. This can easily be abstracted out to the department, where everyone needs to map to a single laser printer. If you use AD/Win2K servers in the dept, you can easily have everyone map the printer.

I should add that I am certainly not a MS advocate, quite the opposite infact. It just so happens that Im stuck scripting for MS products at work, so I thought I would share some knowledge…

No related posts.

1 Response to "Introduction to AD"

1 | belonging

January 17th, 2004 at 8:22 am

Avatar

test
I'm trying out this new code to implement expandable content by using <span> elements. Links (click to show) Links (click to close list) » October 5, 2002 10:53 PM: Introduction to AD » Introduction to AD close list…

Categories

Archives

Featured Sponsors

Genesis Framework for WordPress

Advertise Here

Search


  • Scott: Just moved changed the site URL as WP's installed in a subfolder. Cookie clearance worked for me. Thanks!
  • Stephen Lareau: Hi great blog thanks. Just thought I would add that it helps to put target = like this:1-800-555-1212 and
  • Cord Blomquist: Jennifer, you may want to check out tp2wp.com, a new service my company just launched that converts TypePad and Movable Type export files into WordPre

About


Advertisements

Copyright © 2024 scriptygoddess is proudly powered by WordPress

Fervens - C Theme is created by: Design Disease brought to you by Smashing Magazine