aku1 发表于 2006-6-19 13:07:04 |
Scripting with rootDSE
Microsoft® Windows® 2000 Scripting Guide
Using rootDSE involves three basic steps.
1. |
Bind to rootDSE. |
2. |
Use the Get method to read an attribute of rootDSE. |
3. |
Use the attribute returned by rootDSE to construct an ADsPath and bind to a container or an object in the directory.
Steps 2 and 3 are often combined to reduce the length of the script. |
The goal of the four scripts in this section is to demonstrate how to use rootDSE to bind to the current domain, the root domain, the configuration container, and the schema container. Using rootDSE to form an ADsPath to the current domain, the root domain, and the configuration container is useful for the previous script examples in this chapter. Using rootDSE to form an ADsPath to the schema container is useful for the scripts appearing in the upcoming section "Active Directory Architecture."
Binding to the Current Domain
The script in Listing 5.42 binds to the current domain by using the defaultNamingContext attribute of rootDSE. The current domain is the domain where the client is logged on. This example is particularly useful for the numerous listings in this chapter that access the current domain. By modifying the binding string, you can also use this example for binding to a common container such as the Users container, an OU, or any leaf object in the domain. To carry out this task, the script performs the following steps:
1. |
Bind to the rootDSE. |
2. |
Construct an ADsPath to the current domain. |
3. |
Use the strADsPath variable in the binding operation. |
Listing 5.42 Constructing an ADsPath to the Current Domain with rootDSE
1
2
3
|
Set objRootDSE = GetObject("LDAP://rootDSE")
strADsPath = "LDAP://" & objRootDSE.Get("defaultNamingContext")
Set objDomain = GetObject(strADsPath)
|
In the na.fabrikam.com domain, the strADsPath variable contains: LDAP://DC=na,DC=fabrikam,DC=com
Binding to the Root Domain
The script in Listing 5.43 binds to the root domain. Regardless of which domain the client is logged on to, the root domain in the forest is returned.
Listing 5.43 Constructing an ADsPath to the Root Domain with rootDSE
1
2
3
|
Set objRootDSE = GetObject("LDAP://rootDSE")
strADsPath = "LDAP://" & objRootDSE.Get("rootDomainNamingContext")
Set objRootDomain = GetObject(strADsPath)
|
In any domain in the fabrikam.com forest, the strADsPath variable contains: LDAP://DC=fabrikam,DC=com
Binding to the Configuration Container
The script in Listing 5.44 binds to the configuration container in the forest.
Listing 5.44 Constructing an ADsPath to the Configuration Container with rootDSE
1
2
3
|
Set objRootDSE = GetObject("LDAP://rootDSE")
strADsPath = "LDAP://" & objRootDSE.Get("configurationNamingContext")
Set objConfiguration = GetObject(strADsPath)
|
In any domain in the fabrikam.com forest, the strADsPath variable contains: LDAP://CN=Configuration,DC=fabrikam,DC=com
Binding to the Schema Container
The script in Listing 5.45 binds to the schema container in the forest.
Listing 5.45 Constructing an ADsPath to the Schema Container with rootDSE
1
2
3
|
Set objRootDSE = GetObject("LDAP://rootDSE")
strADsPath = "LDAP://" & objRootDSE.Get("schemaNamingContext")
Set objSchema = GetObject(strADsPath)
|
In any domain in the fabrikam.com forest, the strADsPath variable contains: LDAP://CN=Schema,CN=Configuration,DC=fabrikam,DC=com
Note
• |
For a complete list of rootDSE properties, see the Active Directory Programmer's Guide link on the Web Resources page at http://www.microsoft.com/windows/reskits/webresources. |
|