Chapter 1: Active Directory: The Big Picture
|
| CH01 Classes.vbs | PDF |
Plain text |
Chapter 7: Group Policy
|
| CH07 TestSettings.adm |
PDF |
Plain text |
Chapter 9: Extending the Schema
|
| AddMyProduct.ldf | PDF |
Plain text |
| CH09 TestItem.Bat | PDF |
Plain text |
| CH09 TestItem.vbs | PDF |
Plain text |
| ExtendUser.ldf | PDF |
Plain text |
| CH09 SanaoHR.vbs | PDF |
Plain text |
Chapter 10: Administration Scripts: Concepts
|
| CH10-01 WSH Basic Example.vbs | PDF |
Plain text |
| CH10-02 Hello.vbs | PDF |
Plain text |
| CH10-03 VBSBasicExample.vbs | PDF |
Plain text |
| CH10-04 VBSBasicExample2.vbs | PDF |
Plain text |
| CH10-05 VBSBasicExample3.vbs | PDF |
Plain text |
| CH10-06 ADSI Basic Example.vbs | PDF |
Plain text |
| CH10-07 ADSI IADs Properties.vbs | PDF |
Plain text |
| CH10-08 RunDLL LockWorkstation.vbs | PDF |
Plain text |
CH10-10 IncludeExample.wsf
Note 1: Because this wsf file contains <> tags, your browser possibly
cannot display it, when you click Plain text. However, if you have Acrobat
(Reader) installed, you can click PDF. Another choice is to download the file
to your computer and open it with Notepad.
Note 2: The file has wrong formula. The correct one is: (6 *
INCHES_PER_FOOT + 2) * MILLIMETERS_PER_INCH | PDF |
Plain text |
| MyConstants.vbs | PDF |
Plain text |
Chapter 11: Administration Scripts: Examples
|
|
User Management |
| CH11-01 ADSI List the Users of One Container.vbs |
PDF |
Plain text |
| CH11-02 ADSI List the Users of One Container to Excel.vbs |
PDF |
Plain text |
| CH11-03 ADSI List the Property Cache Contents.vbs |
PDF |
Plain text |
| CH11-04 ADSI List User Properties with Get.vbs |
PDF |
Plain text |
| CH11-05 ADSI List User Properties with Methods.vbs |
PDF |
Plain text |
| CH11-06 ADSI List the Account Options of a User.vbs |
PDF |
Plain text |
| CH11-07 ADSI Create a User with Minimum Attributes.vbs |
PDF |
Plain text |
| CH11-08 ADSI Create a User with More Attributes.vbs |
PDF |
Plain text |
| CH11-09 BAT Create a User with a Batch File.bat |
PDF |
Plain text |
| CH11-10 WSH Create a Home Folder for a User - ver 1.vbs |
PDF |
Plain text |
| CH11-11 WSH Create a Home Folder for a User - ver 2.vbs |
PDF |
Plain text |
| CH11-12 Read User Information from Excel.xls - Macro |
PDF |
Plain text |
| CH11-12 Read User Information from Excel.xls - Sheet |
PDF |
Plain text |
| CH11-13 Read User Information from Standard Input.vbs |
PDF |
Plain text |
|
Schema Access |
| CH11-14 ADSI List All Abstract Schema Objects.vbs |
PDF |
Plain text |
| CH11-15 ADSI List the Member Attributes of a Given Class.vbs |
PDF |
Plain text |
| CH11-16 ADSI List the Member Attributes of a Given Class to Excel.vbs |
PDF |
Plain text |
| CH11-17 ADSI Show Property Properties.vbs |
PDF |
Plain text |
| CH11-18 ADSI Container or Leaf.vbs | PDF |
Plain text |
| CH11-19 ADSI List All Real Schema Objects.vbs |
PDF |
Plain text |
| CH11-20 ADSI List Indexed Attributes.vbs |
PDF |
Plain text |
| CH11-21 ADSI List Global Catalog Attributes.vbs |
PDF |
Plain text |
| CH11-22 ADSI List All classSchemas to Excel.vbs |
PDF |
Plain text |
| CH11-23 ADSI List All attributeSchemas to Excel.vbs |
PDF |
Plain text |
| CH11-24 ADSI Create an Attribute and a Class.vbs |
PDF |
Plain text |
|
Configuration Information |
| CH11-25 ADSI List the Supported Namespaces.vbs |
PDF |
Plain text |
| CH11-26 ADSI List Attribute Display Names.vbs |
PDF |
Plain text |
| CH11-27 ADSI List the DC GUIDs.vbs | PDF |
Plain text |
| CH11-28 ADSI List the rootDSE Property Cache.vbs |
PDF |
Plain text |
| CH11-29 ADSI List the GPO GUIDs.vbs | PDF |
Plain text |
| CH11-30 ADSI List the Operations Masters.vbs |
PDF |
Plain text |
| CH11-31 ADSI List the Operations Masters with ADsFSMO.vbs |
PDF |
Plain text |
| CH11-32 ADSI List ADSystemInfo.vbs | PDF |
Plain text |
|
Access Control Lists |
| CH11-33 ADSI List ACEs - Short.vbs | PDF |
Plain text |
| CH11-34 ADSI List ACEs to Excel - Short.vbs |
PDF |
Plain text |
| CH11-35 ADSI List Binary GUIDs.vbs | PDF |
Plain text |
| CH11-36 ADSI List ACEs - Long.vbs | PDF |
Plain text |
| CH11-37 ADSI Add ACEs.vbs | PDF |
Plain text |
| CH11-38 Add ACEs to a Folder.vbs | PDF |
Plain text |
|
OU, Group, and Computer Management |
| CH11-39 ADSI Create a Group.vbs | PDF |
Plain text |
| CH11-40 ADSI Add Users of One OU to a Group.vbs |
PDF |
Plain text |
| CH11-41 ADSI Create a Computer Object.vbs |
PDF |
Plain text |
|
ADSI without Active Directory |
| CH11-42 ADSI List Services.vbs | PDF |
Plain text |
| CH11-43 ADSI List Shares.vbs | PDF |
Plain text |
| CH11-44 ADSI Create a Share.vbs | PDF |
Plain text |
| CH11-45 ADSI List WinNT Properties of User Class.vbs |
PDF |
Plain text |
| CH11-46 ADSI Create a User in a Workstation.vbs |
PDF |
Plain text |
|
Additional Techniques |
| CH11-47 ADSI Bind to a WKGUID.vbs | PDF |
Plain text |
| AddotherWK.ldf | PDF |
Plain text |
| CH11-48 ADSI List the Users of a Subtree.vbs |
PDF |
Plain text |
| CH11-49 VBS Error Checking.vbs | PDF |
Plain text |
| CH11-50 CmdTool.vbs | PDF |
Plain text |
|
Using ADO |
| CH11-51 ADO Basic Example.vbs | PDF |
Plain text |
| CH11-52 ADO Basic Example with SQL.vbs | PDF |
Plain text |
| CH11-53 ADO Modifying Objects.vbs | PDF |
Plain text |
| CH11-54 ADO List Objects That Have Blocked ACL Inheritance.vbs |
PDF |
Plain text |
Bonus Material
|
AllConstants.vbs
This script includes all the constant definitions that were used in the
samples of the book. |
PDF |
Plain text |
employeeID.vbs
This script enables you to modify the employeeID attribute of a user.
1. Using ADSI Edit, locate the user-Display object (in CN=409, CN=DisplaySpecifiers, CN=Configuration).
2. Select the adminContextMenu attribute. Add to the attribute the value "2, Employee &ID, c:\test\employeeid.vbs" (without quotes). Do not remove the existing values, and if number 2 is already in use, select a free number.
3. On the computer, where you will test or use ADUC, create the file c:\test\employeeid.vbs and add the
lines from employeeID.vbs.
4. Start ADUC and right-click any user object, and you should see "Employee ID" in the context menu.
|
ZIP |
Plain text |
ListPropertySets.vbs
This script lists the property sets in the forest and the attributes that each
one includes. You need only end-user permissions to run this. |
ZIP |
Plain text |
ListPropertySetsJoe.vbs
The preceding script is not optimized for speed, so Joe Richards made
modifications to make the script faster. |
ZIP |
Plain text |
Modified DSSec.Dat
DSSec.dat specifies, which classes and attributes are hidden from the lists of the Delegation of Control wizard or ACL Editor.
Already in Windows 2000 this file had some peculiarities, such as (for the user class):
- First name (givenName) was visible but last name (sn) was not.
- E-Mail Address (Others) was visible but the normal E-mail was not.
For WS2003, this file was practically not modified, so the 49 new classes and 50 new attributes for the user class,
for example, became visible. They are mostly something that you probably never use in delegation, so
you could hide them with this modified file. It has the following
modifications:
- Hide all the new classes of WS2003, except inetOrgPerson (48 of them)
- Hide aCSResourceLimits, which was already in Win2000
- For the user class, hide and unhide quite a few attributes so that the list of visible attributes is about the same as in ADUC.
The exceptions are that nTSecurityDescriptor is hidden and badPasswordTime, badPwdCount, cn, employeeID,
lastLogoff, lastLogon, lastLogonTimestamp, name, and pwdLastSet are visible.
- Added inetOrgPerson and applied the same attribute filtering for it than what is for the user class.
To use this file, download it and save it with the name
%SystemRoot%\System32\dssec.dat on the computer where you would use ACL Editor or the Delegation of Control wizard. Obviously it is a good idea to make a backup copy of the original file, although you would have the original file on all other computers anyway.
-------
Addison-Wesley or Sakari Kouti has no
warranty, obligations or liability for this file. |
ZIP |
Plain text |
ACLReport.vbs v1.01
This script creates an HTML file named ACLReport.htm, that contains all the
ACLs of a given Active Directory tree. By modifying three lines in the
beginning of the script, you can choose:
- Only OUs or all objects
- Only normal-view objects or also advanced-view objects
- Whether to display all ACEs or only non-inherited |
ZIP |
Plain text |
