Learning ADSI - Part 1: Adding Users To W2K

原创 2005年05月21日 08:39:00

Introduction

As the desire and need for the Internet grew, Microsoft created new products and modified its old ones. Windows OS required features that gave developers and administrators the option to perform tasks remotely. Microsoft responded in part with Active Directory Services Interface (ADSI). ADSI provides a single set of directory interfaces for accessing and managing network resources. So for instance, an administrator could change user permissions or add a user to a network, independent of network environment, using a Web interface or a VB program.

Caveat

As the desire and need for the Internet grew, Microsoft created new products and modified its old ones. Windows OS required features that gave developers and administrators the option to perform tasks remotely. Microsoft responded in part with Active Directory Services Interface (ADSI). ADSI provides a single set of directory interfaces for accessing and managing network resources. So for instance, an administrator could change user permissions or add a user to a network, independent of network environment, using a Web interface or a VB program.

Caveat

As the desire and need for the Internet grew, Microsoft created new products and modified its old ones. Windows OS required features that gave developers and administrators the option to perform tasks remotely. Microsoft responded in part with Active Directory Services Interface (ADSI). ADSI provides a single set of directory interfaces for accessing and managing network resources. So for instance, an administrator could change user permissions or add a user to a network, independent of network environment, using a Web interface or a VB program.

Caveat

Please keep in mind that you are going to modify the basics of the Windows NT security model. You should be very alert when dealing with ADSI. Keep in mind that a simple mistype could mean reformatting and reinstalling your system. Don't do it on a operational machine! Please know that I have tried to make the following code as accurate as possible. Yet I can't guarantee their outcome. So please don't just copy and paste. I know it is very attractive, but it could cause you to spend the next couple of hours looking at a very appealing Windows installation screen.

Please keep in mind that you are going to modify the basics of the Windows NT security model. You should be very alert when dealing with ADSI. Keep in mind that a simple mistype could mean reformatting and reinstalling your system. Don't do it on a operational machine! Please know that I have tried to make the following code as accurate as possible. Yet I can't guarantee their outcome. So please don't just copy and paste. I know it is very attractive, but it could cause you to spend the next couple of hours looking at a very appealing Windows installation screen.

Please keep in mind that you are going to modify the basics of the Windows NT security model. You should be very alert when dealing with ADSI. Keep in mind that a simple mistype could mean reformatting and reinstalling your system. Don't do it on a operational machine! Please know that I have tried to make the following code as accurate as possible. Yet I can't guarantee their outcome. So please don't just copy and paste. I know it is very attractive, but it could cause you to spend the next couple of hours looking at a very appealing Windows installation screen.

Windows Security Account Manager

The Security Account Manager (SAM) is the portion of Windows which registers and holds all user information and knows all the default configuration settings. Our first meeting with SAM entails the process of creating a user. This applies to Windows 2000 as well as Windows NT 4.0.

NOTE: In order for the following code to work, administrator rights are required.

The Security Account Manager (SAM) is the portion of Windows which registers and holds all user information and knows all the default configuration settings. Our first meeting with SAM entails the process of creating a user. This applies to Windows 2000 as well as Windows NT 4.0.

NOTE: In order for the following code to work, administrator rights are required.

The Security Account Manager (SAM) is the portion of Windows which registers and holds all user information and knows all the default configuration settings. Our first meeting with SAM entails the process of creating a user. This applies to Windows 2000 as well as Windows NT 4.0.

NOTE: In order for the following code to work, administrator rights are required.

Adding A User to The SAM


This code can be activated by calling it anywhere in the ASP page (line 1). Also, make sure to spell winnt like the example given in line 7. ADSI is very case sensitive and will refuse to work if you spell it differently. As you can see there are no attributes given; this user is created without a password. Let's do something about that.


As you can see, I added more than just a password. I also added the fullname and the description. These aren't really important if you have a system with 5 users, but large corporations usually have a policy about that. Please be advised that the above code is for adding a new user. I will cover modifying an existing user in a future article. The problem about ADSI is that you can't guess the code. It's not as easy as only punching up user.[attribute_name].


As you can see, I added more than just a password. I also added the fullname and the description. These aren't really important if you have a system with 5 users, but large corporations usually have a policy about that. Please be advised that the above code is for adding a new user. I will cover modifying an existing user in a future article. The problem about ADSI is that you can't guess the code. It's not as easy as only punching up user.[attribute_name].

This code can be activated by calling it anywhere in the ASP page (line 1). Also, make sure to spell winnt like the example given in line 7. ADSI is very case sensitive and will refuse to work if you spell it differently. As you can see there are no attributes given; this user is created without a password. Let's do something about that.

As you can see, I added more than just a password. I also added the fullname and the description. These aren't really important if you have a system with 5 users, but large corporations usually have a policy about that. Please be advised that the above code is for adding a new user. I will cover modifying an existing user in a future article. The problem about ADSI is that you can't guess the code. It's not as easy as only punching up user.[attribute_name].

As you can see, I added more than just a password. I also added the fullname and the description. These aren't really important if you have a system with 5 users, but large corporations usually have a policy about that. Please be advised that the above code is for adding a new user. I will cover modifying an existing user in a future article. The problem about ADSI is that you can't guess the code. It's not as easy as only punching up user.[attribute_name].

Next stop is the userflags. These control options such as "Password Never Expires" and "Account Disabled".


In the example above I gave my new user some restrictions. The outcome of this subroutine is that my new user will have a valid password (password isn't expired because it's set on 0. If you change it to 1, the password isn't valid anymore. If the password is expired, the user will be forced to change it at the next login). He will be unable to change his own password; his password will never expire; and his account is disabled and locked. In order to change, this you should modify the subroutine call.

In the example above I gave my new user some restrictions. The outcome of this subroutine is that my new user will have a valid password (password isn't expired because it's set on 0. If you change it to 1, the password isn't valid anymore. If the password is expired, the user will be forced to change it at the next login). He will be unable to change his own password; his password will never expire; and his account is disabled and locked. In order to change, this you should modify the subroutine call.

In the example above I gave my new user some restrictions. The outcome of this subroutine is that my new user will have a valid password (password isn't expired because it's set on 0. If you change it to 1, the password isn't valid anymore. If the password is expired, the user will be forced to change it at the next login). He will be unable to change his own password; his password will never expire; and his account is disabled and locked. In order to change, this you should modify the subroutine call.

So now we have a new user with all the default settings. Maybe this is enough for your home situation, but many companies want to set more boundaries for their users. Also, a lot of companies have the personal settings of their users stored on a separate network drive. ADSI allows you to make sure your new users have the same configuration as every other employee.


Now we have all the information we need to make a new user. I'm not going to explain these options because if you don't know them, you don't need to use them. The three subroutines we created can be used perfectly in combination with each other (see below). Remember, please test on a non-operational system first!

Now we have all the information we need to make a new user. I'm not going to explain these options because if you don't know them, you don't need to use them. The three subroutines we created can be used perfectly in combination with each other (see below). Remember, please test on a non-operational system first!

Now we have all the information we need to make a new user. I'm not going to explain these options because if you don't know them, you don't need to use them. The three subroutines we created can be used perfectly in combination with each other (see below). Remember, please test on a non-operational system first!

Look out for little mistakes and adjust the code so it applies to your situation. Just in case: I cannot be held responsible for any damage that could occur before, during or after implementing and using this code.


This code can be activated by calling it anywhere in the ASP page (line 1). Also, make sure to spell winnt like the example given in line 7. ADSI is very case sensitive and will refuse to work if you spell it differently. As you can see there are no attributes given; this user is created without a password. Let's do something about that.


As you can see, I added more than just a password. I also added the fullname and the description. These aren't really important if you have a system with 5 users, but large corporations usually have a policy about that. Please be advised that the above code is for adding a new user. I will cover modifying an existing user in a future article. The problem about ADSI is that you can't guess the code. It's not as easy as only punching up user.[attribute_name].

As you can see, I added more than just a password. I also added the fullname and the description. These aren't really important if you have a system with 5 users, but large corporations usually have a policy about that. Please be advised that the above code is for adding a new user. I will cover modifying an existing user in a future article. The problem about ADSI is that you can't guess the code. It's not as easy as only punching up user.[attribute_name].

This code can be activated by calling it anywhere in the ASP page (line 1). Also, make sure to spell winnt like the example given in line 7. ADSI is very case sensitive and will refuse to work if you spell it differently. As you can see there are no attributes given; this user is created without a password. Let's do something about that.

As you can see, I added more than just a password. I also added the fullname and the description. These aren't really important if you have a system with 5 users, but large corporations usually have a policy about that. Please be advised that the above code is for adding a new user. I will cover modifying an existing user in a future article. The problem about ADSI is that you can't guess the code. It's not as easy as only punching up user.[attribute_name].

As you can see, I added more than just a password. I also added the fullname and the description. These aren't really important if you have a system with 5 users, but large corporations usually have a policy about that. Please be advised that the above code is for adding a new user. I will cover modifying an existing user in a future article. The problem about ADSI is that you can't guess the code. It's not as easy as only punching up user.[attribute_name].

Next stop is the userflags. These control options such as "Password Never Expires" and "Account Disabled".


In the example above I gave my new user some restrictions. The outcome of this subroutine is that my new user will have a valid password (password isn't expired because it's set on 0. If you change it to 1, the password isn't valid anymore. If the password is expired, the user will be forced to change it at the next login). He will be unable to change his own password; his password will never expire; and his account is disabled and locked. In order to change, this you should modify the subroutine call.

In the example above I gave my new user some restrictions. The outcome of this subroutine is that my new user will have a valid password (password isn't expired because it's set on 0. If you change it to 1, the password isn't valid anymore. If the password is expired, the user will be forced to change it at the next login). He will be unable to change his own password; his password will never expire; and his account is disabled and locked. In order to change, this you should modify the subroutine call.

In the example above I gave my new user some restrictions. The outcome of this subroutine is that my new user will have a valid password (password isn't expired because it's set on 0. If you change it to 1, the password isn't valid anymore. If the password is expired, the user will be forced to change it at the next login). He will be unable to change his own password; his password will never expire; and his account is disabled and locked. In order to change, this you should modify the subroutine call.

So now we have a new user with all the default settings. Maybe this is enough for your home situation, but many companies want to set more boundaries for their users. Also, a lot of companies have the personal settings of their users stored on a separate network drive. ADSI allows you to make sure your new users have the same configuration as every other employee.


Now we have all the information we need to make a new user. I'm not going to explain these options because if you don't know them, you don't need to use them. The three subroutines we created can be used perfectly in combination with each other (see below). Remember, please test on a non-operational system first!

Now we have all the information we need to make a new user. I'm not going to explain these options because if you don't know them, you don't need to use them. The three subroutines we created can be used perfectly in combination with each other (see below). Remember, please test on a non-operational system first!

Now we have all the information we need to make a new user. I'm not going to explain these options because if you don't know them, you don't need to use them. The three subroutines we created can be used perfectly in combination with each other (see below). Remember, please test on a non-operational system first!

Look out for little mistakes and adjust the code so it applies to your situation. Just in case: I cannot be held responsible for any damage that could occur before, during or after implementing and using this code.


This code can be activated by calling it anywhere in the ASP page (line 1). Also, make sure to spell winnt like the example given in line 7. ADSI is very case sensitive and will refuse to work if you spell it differently. As you can see there are no attributes given; this user is created without a password. Let's do something about that.


As you can see, I added more than just a password. I also added the fullname and the description. These aren't really important if you have a system with 5 users, but large corporations usually have a policy about that. Please be advised that the above code is for adding a new user. I will cover modifying an existing user in a future article. The problem about ADSI is that you can't guess the code. It's not as easy as only punching up user.[attribute_name].

As you can see, I added more than just a password. I also added the fullname and the description. These aren't really important if you have a system with 5 users, but large corporations usually have a policy about that. Please be advised that the above code is for adding a new user. I will cover modifying an existing user in a future article. The problem about ADSI is that you can't guess the code. It's not as easy as only punching up user.[attribute_name].

As you can see, I added more than just a password. I also added the fullname and the description. These aren't really important if you have a system with 5 users, but large corporations usually have a policy about that. Please be advised that the above code is for adding a new user. I will cover modifying an existing user in a future article. The problem about ADSI is that you can't guess the code. It's not as easy as only punching up user.[attribute_name].

Next stop is the userflags. These control options such as "Password Never Expires" and "Account Disabled".


In the example above I gave my new user some restrictions. The outcome of this subroutine is that my new user will have a valid password (password isn't expired because it's set on 0. If you change it to 1, the password isn't valid anymore. If the password is expired, the user will be forced to change it at the next login). He will be unable to change his own password; his password will never expire; and his account is disabled and locked. In order to change, this you should modify the subroutine call.

In the example above I gave my new user some restrictions. The outcome of this subroutine is that my new user will have a valid password (password isn't expired because it's set on 0. If you change it to 1, the password isn't valid anymore. If the password is expired, the user will be forced to change it at the next login). He will be unable to change his own password; his password will never expire; and his account is disabled and locked. In order to change, this you should modify the subroutine call.

In the example above I gave my new user some restrictions. The outcome of this subroutine is that my new user will have a valid password (password isn't expired because it's set on 0. If you change it to 1, the password isn't valid anymore. If the password is expired, the user will be forced to change it at the next login). He will be unable to change his own password; his password will never expire; and his account is disabled and locked. In order to change, this you should modify the subroutine call.

So now we have a new user with all the default settings. Maybe this is enough for your home situation, but many companies want to set more boundaries for their users. Also, a lot of companies have the personal settings of their users stored on a separate network drive. ADSI allows you to make sure your new users have the same configuration as every other employee.


Now we have all the information we need to make a new user. I'm not going to explain these options because if you don't know them, you don't need to use them. The three subroutines we created can be used perfectly in combination with each other (see below). Remember, please test on a non-operational system first!

Now we have all the information we need to make a new user. I'm not going to explain these options because if you don't know them, you don't need to use them. The three subroutines we created can be used perfectly in combination with each other (see below). Remember, please test on a non-operational system first!

Now we have all the information we need to make a new user. I'm not going to explain these options because if you don't know them, you don't need to use them. The three subroutines we created can be used perfectly in combination with each other (see below). Remember, please test on a non-operational system first!

Look out for little mistakes and adjust the code so it applies to your situation. Just in case: I cannot be held responsible for any damage that could occur before, during or after implementing and using this code.


About the Author

Remie Bolte is a student at communicatiesystemen in the Netherlands. He has experience with VB, ASP, VBScript and SQL. His goal in life is to clean up the Internet and show people how it can benefit their needs. Remie can be reached at r.bolte@vinrem.nl.

Remie Bolte is a student at communicatiesystemen in the Netherlands. He has experience with VB, ASP, VBScript and SQL. His goal in life is to clean up the Internet and show people how it can benefit their needs. Remie can be reached at r.bolte@vinrem.nl.

Remie Bolte is a student at communicatiesystemen in the Netherlands. He has experience with VB, ASP, VBScript and SQL. His goal in life is to clean up the Internet and show people how it can benefit their needs. Remie can be reached at r.bolte@vinrem.nl.

Adding Users to Passwordfile / Using Passwordfile Authentication (Doc ID 184696.1)

Adding Users to Passwordfile / Using Passwordfile Authentication (Doc ID 184696.1) To Bottom ...
  • loryliu
  • loryliu
  • 2015年09月05日 22:17
  • 209

VTK\Adding_Components_to_VTK_Designer_2

  • 2010年01月25日 10:02
  • 1.62MB
  • 下载

Effects with the Pixel Bender Toolkit – Part 3: Adding parameters to filters

Requirements User level BeginningRequired products Flash Player 10 and later Flash Professional (Dow...

enote笔记语言(4)(ver0.4)——“5w1h2k”分析法

章节:“5w1h2k”分析法 what:我想知道某个“关键词(keyword)”(即,词汇、词语,或称单词,可以是概念|专业术语|.......)的定义。 why:我想分析and搞清楚弄明...

enote笔记语言(4)(ver0.2)——“5w1h2k”分析法

章节:“5w1h2k”分析法 what:我想知道某个“关键词(keyword)”(即,词汇、词语,或称单词,可以是概念|专业术语|.......)的定义。 why:我想知道事物发生的原因。...

ap3g2-k9w8-tar.153-3.JF1.tar

  • 2017年11月08日 10:24
  • 15.02MB
  • 下载

How To Make A Simple Multiplayer Game with Game Center Tutorial: Part 1/2

How To Make A Simple Multiplayer Game with Game Center Tutorial: Part 1/2Create a multiplayer raci...

project 1 Adding a System Call to the Linux Kernel(初版)

project 1 Adding a System Call to the Linux Kernel   一、实验环境: ubuntu 10.04系统。 原内核版本:2.6.35.22   ...

How To Get Your First 1,000 Users

http://viniciusvacanti.com/2011/02/08/how-to-get-your-first-1000-users/ The good news is that it’...
  • bytxl
  • bytxl
  • 2012年08月14日 12:52
  • 582
内容举报
返回顶部
收藏助手
不良信息举报
您举报文章:Learning ADSI - Part 1: Adding Users To W2K
举报原因:
原因补充:

(最多只允许输入30个字)