modifying objects in ADAM ADSIEDIT

I need to constantly modify a few objects in ADAM ADSIEDIT manually by
travelering the directory tree. How do I script this by just modifying the
script and run it?

"joey" <> wrote in message
news:%...
>I need to constantly modify a few objects in ADAM ADSIEDIT manually by
>travelering the directory tree. How do I script this by just modifying the
>script and run it?

The first step is to identify the object to be modified in AD. You need the
Distinguished Name (DN) of the object. If you have the NetBIOS name (the
"pre-Windows 2000 logon" name of users) you can use the NameTranslate object
to convert to the DN. A script can prompt for the NetBIOS name (also called
the NT name) and convert to DN. The second step is to identify the attribute
of the object to be modifed. A VBScript program can bind to the object in AD
(using the DN) and assign a new value to the attribute (assuming a string
attribute). Special techniques are required if the attribute is
multi-valued, Integer8 (a 64-bit number representing a date), a byte array
(like SID or GUID values), or generalized time values. If you only modify
single-valued string attributes, the script could prompt for the name of the
attribute (the LDAP display name), plus the new value. A VBScript example,
using NameTranslate follows:
=============
' Constants for the NameTranslate object.
Const ADS_NAME_INITTYPE_GC = 3
Const ADS_NAME_TYPE_NT4 = 3
Const ADS_NAME_TYPE_1779 = 1

' Retrieve DNS name of the domain from the RootDSE object.
Set objRootDSE = GetObject("LDAP://RootDSE")
strDNSDomain = objRootDSE.Get("defaultNamingContext")

Set objTrans = CreateObject("NameTranslate")
' Initialize NameTranslate by locating the Global Catalog.
objTrans.Init ADS_NAME_INITTYPE_GC, ""

' Use the NameTranslate object to find the NetBIOS name of the domain.
objTrans.Set ADS_NAME_TYPE_1779, strDNSDomain
strNetBIOSDomain = objTrans.Get(ADS_NAME_TYPE_NT4)
' Remove trailing backslash.
strNetBIOSDomain = Left(strNetBIOSDomain, Len(strNetBIOSDomain) - 1)

' Prompt for NetBIOS name of object in AD.
strNTName = InputBox("Enter NetBIOS name of object to modify")

' Use Set method to specify NT format of name.
' Trap error if object not found.
On Error Resume Next
objTrans.Set ADS_NAME_TYPE_NT4, strNetBIOSDomain & "\" & strNTName
If (Err.Number <> 0) Then
On Error GoTo 0
Wscript.Echo strNTName & " not found in Active Directory"
Wscript.Quit
End If
On Error GoTo 0

' Use the Get method to retrieve DN.
strDN = objTrans.Get(ADS_NAME_TYPE_1779)
' Bind to the object.
Set objADObject = GetObject("LDAP://" & strDN)

' Prompt for the attribute to modify.
strAttribute = InputBox("Enter the LDAP Display Name of the attribute to
modify")

' Prompt for the new attribute value.
strValue = InputBox("Enter the new value to assign to the attribute")

' Assign the value.
' Trap the error if the value is invalid.
On Error Resume Next
objADObject.Put strAttribute, strValue
objADObject.SetInfo
If (Err.Number <> 0) Then
Wscript.Echo "Failed to assign " & strValue & " to attribute " &
strAttribute
End If
=======
You can also use Joe Richards' admod utility. See this link:

http://www.joeware.net/freetools/tools/admod/index.htm

--
Richard Mueller
MVP Directory Services
Hilltop Lab - http://www.rlmueller.net
--

what do you mean by netbios names in this case?

The hostname of the machine?
"Richard Mueller [MVP]" <rlmueller-> wrote in
message news:...
>
> "joey" <> wrote in message
> news:%...
>>I need to constantly modify a few objects in ADAM ADSIEDIT manually by
>>travelering the directory tree. How do I script this by just modifying the
>>script and run it?
>
> The first step is to identify the object to be modified in AD. You need
> the Distinguished Name (DN) of the object. If you have the NetBIOS name
> (the "pre-Windows 2000 logon" name of users) you can use the NameTranslate
> object to convert to the DN. A script can prompt for the NetBIOS name
> (also called the NT name) and convert to DN. The second step is to
> identify the attribute of the object to be modifed. A VBScript program can
> bind to the object in AD (using the DN) and assign a new value to the
> attribute (assuming a string attribute). Special techniques are required
> if the attribute is multi-valued, Integer8 (a 64-bit number representing a
> date), a byte array (like SID or GUID values), or generalized time values.
> If you only modify single-valued string attributes, the script could
> prompt for the name of the attribute (the LDAP display name), plus the new
> value. A VBScript example, using NameTranslate follows:
> =============
> ' Constants for the NameTranslate object.
> Const ADS_NAME_INITTYPE_GC = 3
> Const ADS_NAME_TYPE_NT4 = 3
> Const ADS_NAME_TYPE_1779 = 1
>
> ' Retrieve DNS name of the domain from the RootDSE object.
> Set objRootDSE = GetObject("LDAP://RootDSE")
> strDNSDomain = objRootDSE.Get("defaultNamingContext")
>
> Set objTrans = CreateObject("NameTranslate")
> ' Initialize NameTranslate by locating the Global Catalog.
> objTrans.Init ADS_NAME_INITTYPE_GC, ""
>
> ' Use the NameTranslate object to find the NetBIOS name of the domain.
> objTrans.Set ADS_NAME_TYPE_1779, strDNSDomain
> strNetBIOSDomain = objTrans.Get(ADS_NAME_TYPE_NT4)
> ' Remove trailing backslash.
> strNetBIOSDomain = Left(strNetBIOSDomain, Len(strNetBIOSDomain) - 1)
>
> ' Prompt for NetBIOS name of object in AD.
> strNTName = InputBox("Enter NetBIOS name of object to modify")
>
> ' Use Set method to specify NT format of name.
> ' Trap error if object not found.
> On Error Resume Next
> objTrans.Set ADS_NAME_TYPE_NT4, strNetBIOSDomain & "\" & strNTName
> If (Err.Number <> 0) Then
> On Error GoTo 0
> Wscript.Echo strNTName & " not found in Active Directory"
> Wscript.Quit
> End If
> On Error GoTo 0
>
> ' Use the Get method to retrieve DN.
> strDN = objTrans.Get(ADS_NAME_TYPE_1779)
> ' Bind to the object.
> Set objADObject = GetObject("LDAP://" & strDN)
>
> ' Prompt for the attribute to modify.
> strAttribute = InputBox("Enter the LDAP Display Name of the attribute to
> modify")
>
> ' Prompt for the new attribute value.
> strValue = InputBox("Enter the new value to assign to the attribute")
>
> ' Assign the value.
> ' Trap the error if the value is invalid.
> On Error Resume Next
> objADObject.Put strAttribute, strValue
> objADObject.SetInfo
> If (Err.Number <> 0) Then
> Wscript.Echo "Failed to assign " & strValue & " to attribute " &
> strAttribute
> End If
> =======
> You can also use Joe Richards' admod utility. See this link:
>
> http://www.joeware.net/freetools/tools/admod/index.htm
>
> --
> Richard Mueller
> MVP Directory Services
> Hilltop Lab - http://www.rlmueller.net
> --
>
>

how do I tell what the DN of the object is.

Like I said this is ADAM. Even though the machine is in AD, Its ADAM
installed locally onm this host. I need ot modify an attribute on the
localhost not AD
"Richard Mueller [MVP]" <rlmueller-> wrote in
message news:...
>
> "joey" <> wrote in message
> news:%...
>>I need to constantly modify a few objects in ADAM ADSIEDIT manually by
>>travelering the directory tree. How do I script this by just modifying the
>>script and run it?
>
> The first step is to identify the object to be modified in AD. You need
> the Distinguished Name (DN) of the object. If you have the NetBIOS name
> (the "pre-Windows 2000 logon" name of users) you can use the NameTranslate
> object to convert to the DN. A script can prompt for the NetBIOS name
> (also called the NT name) and convert to DN. The second step is to
> identify the attribute of the object to be modifed. A VBScript program can
> bind to the object in AD (using the DN) and assign a new value to the
> attribute (assuming a string attribute). Special techniques are required
> if the attribute is multi-valued, Integer8 (a 64-bit number representing a
> date), a byte array (like SID or GUID values), or generalized time values.
> If you only modify single-valued string attributes, the script could
> prompt for the name of the attribute (the LDAP display name), plus the new
> value. A VBScript example, using NameTranslate follows:
> =============
> ' Constants for the NameTranslate object.
> Const ADS_NAME_INITTYPE_GC = 3
> Const ADS_NAME_TYPE_NT4 = 3
> Const ADS_NAME_TYPE_1779 = 1
>
> ' Retrieve DNS name of the domain from the RootDSE object.
> Set objRootDSE = GetObject("LDAP://RootDSE")
> strDNSDomain = objRootDSE.Get("defaultNamingContext")
>
> Set objTrans = CreateObject("NameTranslate")
> ' Initialize NameTranslate by locating the Global Catalog.
> objTrans.Init ADS_NAME_INITTYPE_GC, ""
>
> ' Use the NameTranslate object to find the NetBIOS name of the domain.
> objTrans.Set ADS_NAME_TYPE_1779, strDNSDomain
> strNetBIOSDomain = objTrans.Get(ADS_NAME_TYPE_NT4)
> ' Remove trailing backslash.
> strNetBIOSDomain = Left(strNetBIOSDomain, Len(strNetBIOSDomain) - 1)
>
> ' Prompt for NetBIOS name of object in AD.
> strNTName = InputBox("Enter NetBIOS name of object to modify")
>
> ' Use Set method to specify NT format of name.
> ' Trap error if object not found.
> On Error Resume Next
> objTrans.Set ADS_NAME_TYPE_NT4, strNetBIOSDomain & "\" & strNTName
> If (Err.Number <> 0) Then
> On Error GoTo 0
> Wscript.Echo strNTName & " not found in Active Directory"
> Wscript.Quit
> End If
> On Error GoTo 0
>
> ' Use the Get method to retrieve DN.
> strDN = objTrans.Get(ADS_NAME_TYPE_1779)
> ' Bind to the object.
> Set objADObject = GetObject("LDAP://" & strDN)
>
> ' Prompt for the attribute to modify.
> strAttribute = InputBox("Enter the LDAP Display Name of the attribute to
> modify")
>
> ' Prompt for the new attribute value.
> strValue = InputBox("Enter the new value to assign to the attribute")
>
> ' Assign the value.
> ' Trap the error if the value is invalid.
> On Error Resume Next
> objADObject.Put strAttribute, strValue
> objADObject.SetInfo
> If (Err.Number <> 0) Then
> Wscript.Echo "Failed to assign " & strValue & " to attribute " &
> strAttribute
> End If
> =======
> You can also use Joe Richards' admod utility. See this link:
>
> http://www.joeware.net/freetools/tools/admod/index.htm
>
> --
> Richard Mueller
> MVP Directory Services
> Hilltop Lab - http://www.rlmueller.net
> --
>
>

I don't use ADAM, but it appears that the major difference for scripting is
that the binding string includes "LDAP://localhost:389/" in place of
"LDAP://".

However, it appears that objects in ADAM do not have a sAMAccountName
attribute, which is the NetBIOS name I referred to. This means that you
cannot use the NameTranslate object to convert a username (or userid, or NT
user name, or "pre-Windows 2000 logon name", or NetBIOS name, or whatever
you call sAMAccountName) into a DN. This means you must know the
Distinguished Name of the object.

The only alternative would be to search for an object that has a given
Common Name (or perhaps displayName). This would be more work (code) and you
would need to handle the situation where you find more than one such object.
Only DN would uniquely identify the object (if there is no sAMAccountName
attribute). If someone else knows better, please reply.

This means my example must be as follows:
==========
' Prompt for NetBIOS name of object in AD.
strName = InputBox("Enter DN of object to modify")

Set objADObject = GetObject("LDAP://localhost:389/" & strName:

' Prompt for the attribute to modify.
strAttribute = InputBox("Enter the LDAP Display Name of the attribute to
modify")

' Prompt for the new attribute value.
strValue = InputBox("Enter the new value to assign to the attribute")

' Assign the value.
' Trap the error if the value is invalid.
On Error Resume Next
objADObject.Put strAttribute, strValue
objADObject.SetInfo
If (Err.Number <> 0) Then
Wscript.Echo "Failed to assign " & strValue & " to attribute " &
strAttribute
End If

--
Richard Mueller
MVP Directory Services
Hilltop Lab - http://www.rlmueller.net
--

"joey" <> wrote in message
news:OL4Uc%...
> how do I tell what the DN of the object is.
>
> Like I said this is ADAM. Even though the machine is in AD, Its ADAM
> installed locally onm this host. I need ot modify an attribute on the
> localhost not AD
> "Richard Mueller [MVP]" <rlmueller-> wrote in
> message news:...
>>
>> "joey" <> wrote in message
>> news:%...
>>>I need to constantly modify a few objects in ADAM ADSIEDIT manually by
>>>travelering the directory tree. How do I script this by just modifying
>>>the script and run it?
>>
>> The first step is to identify the object to be modified in AD. You need
>> the Distinguished Name (DN) of the object. If you have the NetBIOS name
>> (the "pre-Windows 2000 logon" name of users) you can use the
>> NameTranslate object to convert to the DN. A script can prompt for the
>> NetBIOS name (also called the NT name) and convert to DN. The second step
>> is to identify the attribute of the object to be modifed. A VBScript
>> program can bind to the object in AD (using the DN) and assign a new
>> value to the attribute (assuming a string attribute). Special techniques
>> are required if the attribute is multi-valued, Integer8 (a 64-bit number
>> representing a date), a byte array (like SID or GUID values), or
>> generalized time values. If you only modify single-valued string
>> attributes, the script could prompt for the name of the attribute (the
>> LDAP display name), plus the new value. A VBScript example, using
>> NameTranslate follows:
>> =============
>> ' Constants for the NameTranslate object.
>> Const ADS_NAME_INITTYPE_GC = 3
>> Const ADS_NAME_TYPE_NT4 = 3
>> Const ADS_NAME_TYPE_1779 = 1
>>
>> ' Retrieve DNS name of the domain from the RootDSE object.
>> Set objRootDSE = GetObject("LDAP://RootDSE")
>> strDNSDomain = objRootDSE.Get("defaultNamingContext")
>>
>> Set objTrans = CreateObject("NameTranslate")
>> ' Initialize NameTranslate by locating the Global Catalog.
>> objTrans.Init ADS_NAME_INITTYPE_GC, ""
>>
>> ' Use the NameTranslate object to find the NetBIOS name of the domain.
>> objTrans.Set ADS_NAME_TYPE_1779, strDNSDomain
>> strNetBIOSDomain = objTrans.Get(ADS_NAME_TYPE_NT4)
>> ' Remove trailing backslash.
>> strNetBIOSDomain = Left(strNetBIOSDomain, Len(strNetBIOSDomain) - 1)
>>
>> ' Prompt for NetBIOS name of object in AD.
>> strNTName = InputBox("Enter NetBIOS name of object to modify")
>>
>> ' Use Set method to specify NT format of name.
>> ' Trap error if object not found.
>> On Error Resume Next
>> objTrans.Set ADS_NAME_TYPE_NT4, strNetBIOSDomain & "\" & strNTName
>> If (Err.Number <> 0) Then
>> On Error GoTo 0
>> Wscript.Echo strNTName & " not found in Active Directory"
>> Wscript.Quit
>> End If
>> On Error GoTo 0
>>
>> ' Use the Get method to retrieve DN.
>> strDN = objTrans.Get(ADS_NAME_TYPE_1779)
>> ' Bind to the object.
>> Set objADObject = GetObject("LDAP://" & strDN)
>>
>> ' Prompt for the attribute to modify.
>> strAttribute = InputBox("Enter the LDAP Display Name of the attribute to
>> modify")
>>
>> ' Prompt for the new attribute value.
>> strValue = InputBox("Enter the new value to assign to the attribute")
>>
>> ' Assign the value.
>> ' Trap the error if the value is invalid.
>> On Error Resume Next
>> objADObject.Put strAttribute, strValue
>> objADObject.SetInfo
>> If (Err.Number <> 0) Then
>> Wscript.Echo "Failed to assign " & strValue & " to attribute " &
>> strAttribute
>> End If
>> =======
>> You can also use Joe Richards' admod utility. See this link:
>>
>> http://www.joeware.net/freetools/tools/admod/index.htm
>>
>> --
>> Richard Mueller
>> MVP Directory Services
>> Hilltop Lab - http://www.rlmueller.net
>> --
>>
>>
>
>