They say you learn something new every day.

Posts tagged ‘active directory’

Exchanging Ideas (30/04/2012)

I wrote a while back about the Exchange System Manager, and while it was useful, it turns out that access rights to mailboxes are defined in the msExchMailboxSecurityDescriptor attribute in the AD. The problem is, rather than listing usernames, it lists ObjectIDs.

I’ve found a nifty way of pulling them out though:

DistinguishedName  = “DN of Object” 

set ObjUser = GetObject(“LDAP://” & DistinguishedName)
Set objsd = objUser.Get(“msExchMailboxSecurityDescriptor”)
Set dacl = objsd.DiscretionaryAcl

For Each ace In dacl

  wscript.echo ace.Trustee 

NEXT 

I’ve put this together in a script to report the access rights for lists of mail accounts. It’s one of those things I’ve been thinking about for a while, but finally got the chance to put it all together today.

Active Directory (12/04/2012)

I know a fair amount about Active Directory. But it turns out there’s a gap in my knowledge around exchange integration.

There’s a tool called Exchange System Manager that gives you some extra tabs in ADUC, that allows you to edit exchange properties.

The problem is, the software is only available for Vista, and fails to install on Windows 7 with an error, more or less saying, “Hey, you’re not Vista!”

The solution is to unpack the .exe file (using something like WinRAR or 7zip) to get to the msi. When there, you can install it using a switch:

ESMVISTA.MSI /qb

Some people say you only need /q but I need /qb

I was a little confused what this switch does, but it turns out it just switches off the UI, basically, bypassing the bit that says, “Hey, you’re not Vista!” and allowing it to install.

Bit of a hack, but pretty cool really. 

Asps in Nets (31/01/2012)

I’m struggling a little bit with .Net. It’s a little bit different from languages I’ve used before, and I’m worried that I’m falling back on what I know a bit – doing things in less efficient ways because that’s how I’ve always done them.

This is a bit of a problem really. What’s always inspired me to learn something new is the drive to get something to work. If I can get it to work, albeit in the “wrong” way, then I tend to stop.

Now, on the one hand, this may result in code that’s a little tatty, but on the other, the user doesn’t care. What they want is the functionality, and if it looks nice, works and is easy to use, they’re happy.

If it’s written in nice OOP code, or cobbled together from bits and bobs then they’re happy.

Now, I’m not advocating crappy code in any way. Oh God no, I’ve had enough problems with my own crappy code without writing more. But what I’ve realised is that more important than the neatness of the code is the richness of the application.

It’s much more important to get the functionality in there, make it work and tweak from there.

I realised this when putting together this function to return the group membership for a particular computer. It’s a little cobbled together, but it works. And now that I’ve got the functionality I can start tweaking it to make it work better and faster, and start identifying faults and fixing them.

I think people need to remember. We don’t code to write code. We code to solve a problem. 

FUNCTION GetMembers(Asset AS String) As String

DIM members

DIM objADAM As DirectoryEntry = New DirectoryEntry() 

objADAM.RefreshCache()

DIM objSearchADAM As DirectorySearcher = New DirectorySearcher(objADAM)

objSearchADAM.Filter = “(&(cn=” & Asset & “))”

objSearchADAM.SearchScope = SearchScope.Subtree

DIM objSearchResults As SearchResultCollection = objSearchADAM.FindAll()

If objSearchResults.Count 0 Then

Dim objResult As SearchResult

For Each objResult In objSearchResults

DIM memberof AS Object = objResult.GetDirectoryEntry.properties(“memberof”).value

IF NOT IsNothing(memberof) THEN

DIM collectiontotal= objResult.GetDirectoryEntry().Properties(“memberOf”).Count -1

Dim member,adgroup, i

For i = 0 To collectiontotal

member = objResult.GetDirectoryEntry().Properties(“memberOf”)(i).ToString(

members = members & member
Next

ELSE

members = “There are no groups on this computer.”

END IF

Next objResult

Else

members = “Computer could not be found.”

End If

GetMembers = members

END FUNCTION 

At Least the Directories are Active (30/01/2012)

I may be struggling with my house situation, but life trundles onto.

I’ve been building my web application at work, which I’ve really been enjoying doing. It’s great to be totally in control of a project and just fix it however you like.

However, I’m writing it in ASP.Net, which is a language I don’t really know that well.

Today I a discovery. If the DNS is set up correctly, you can get the asset number of the machine that’s connecting to the webpage.

Assetnumber = System.Net.Dns.GetHostEntry(Request.ServerVariables(“REMOTE_ADDR”)).HostName

This is brilliant. It’s something I didn’t think you could do. But the header data contains the IP address, and if you do a Reverse DNS lookup, you can get the asset number.

Of course, it’s the full domain name, so you have to trim a bit off the end, but that’s easy:

Assetnumber = UCASE(LEFT(Assetnumber,INSTR(Assetnumber,”.”)-1))

Once you can do this, the possibilities are quite exciting. It means you know who the user is, and what computer they’re on, so you can really tailor the results back to them.

Tag Cloud