Viewing and Modifying ADAM Object Attributes






Viewing and Modifying ADAM Object Attributes

Problem

You want to view the attributes of an object within an ADAM instance.

Solution

Using a graphical user interface
  1. Open ADAM ADSI Edit. If necessary, create and bind to a connection of your ADAM instance.

  2. Navigate to the object in question, right-click and select Properties. To view only the mandatory attributes for an object, remove the checkmark next to "Show optional attributes." To view only the optional attributes for an object, place a checkmark next to "Show optional attributes" and remove the checkmark next to "Show mandatory attributes."

  3. Scroll through object's properties. To modify a particular property, select the property and select Edit.

  4. To insert a value into a single-valued attribute, enter the value and click OK. To remove a value from a single-valued attribute, click Clear.

  5. To insert one or more values into a multivalued attribute, enter each value and click Add. To remove one or more values from a multivalued attribute, select the value and click Remove.

Using a command-line interface

To view the attributes of an object, enter the following

	> adfind -h <ComputerName>:<PortNumber> -b <Object DN> -s base

To restrict the AdFind output to only a few attributes, specify the name of each attribute you want to view after the ObjectDN; to view multiple attributes, separate each one with spaces in-between. You can also use the excl switch to display all but one or two attributes.


To insert a value into a single-valued attribute, enter the following syntax:

	> admod -h <ComputerName>:<PortNumber> -b <Object DN> <AttributeName>::<Value>

To insert multiple values into a multivalued attribute, change + to ++ in the previous command and separate the values with a semicolon.

To clear an attribute's value (whether a single- or a multivalued attribute), enter the following:

	> admod -h <ComputerName>:<PortNumber> -b <Object DN> <AttributeName>:-

To remove a single value from a multivalued attribute, change -to -- in the previous command.

Using VBScript
	' The following code will list all attributes of an object
	'---------------- SCRIPT CONFIGURATION ----------------
	strComputerName = "<ComputerName>" ' Use "localhost" for the local computer
	strPort = "<PortNumber>"           ' the LDAP port number to connect to
	strObjectDN = "<ObjectDN>"          ' ie "ou= 
AdamUsers,o=rallencorp,c=us"
	strObjectType = "<ObjectType>"     ' ie "organizationalunit", "group", "user"
	strAttributeName = "<AttributeName>" ' ie "description
	strAttributeValue = "<AttributeValue>" ' ie "Description of this object"
	'-------------------------------------------------------

	Set objObject = GetObject _
	        ("LDAP://" & strComputerName & ":" & strPort & "/" & strGroupDN)
	Set objObjectProperties = GetObject("LDAP://" & strComputerName & _
	                                    ":" & strPort & "/schema/" & _
	                                     strObjectType

	For Each strAttribute in objObjectProperties.MandatoryProperties
	    strValues = objObject.GetEx(strAttribute)
	    For Each strItem in strValues
	        Wscript.Echo strAttribute & " -- " & strItem
	    Next
	Next

	For Each strAttribute in objObjectProperties.OptionalProperties
	    strValues = objObject.GetEx(strAttribute)
	    If Err = 0 Then
	       For Each strItem in strValues
	           Wscript.Echo strAttribute & " -- " & strItem
	       Next
	    Else
	       Wscript.Echo strAttribute & " -- No value set"
	       Err.Clear
	    End If
	Next

	' the following code will update an attribute value
	 
objObject.Put strAttributeName, strAttributeValue
	objObject.SetInfo

Discussion

Just like in Active Directory, each ADAM instance possesses a schema that defines what types of objects you can create and what sorts of attributes those objects possess. One of the major advantages of working with ADAM is that you can make changes to the schema of an ADAM instance without affecting the AD schema, thus allowing for more flexible application development that doesn't run the risk of making permanent or far-reaching changes to an entire Active Directory forest. Similar to AD, object classes can have both mandatory and optional attributes that you can view.

See Also

MSDN: Active Directory Application Mode Schema [ ADAM], MSDN: Extending the Active Directory Application Mode Schema [ADAM], and Chapter 18 of Active Directory, Third Edition, by Joe Richards et al. (O'Reilly)



 Python   SQL   Java   php   Perl 
 game development   web development   internet   *nix   graphics   hardware 
 telecommunications   C++ 
 Flash   Active Directory   Windows