Building lists of users and their properties is a common need. In this example, a Visual Basic script extracts all of the users in the "NS" namespace in the Austin organizational unit of the ABX Compute Corporation's Manufacturing division. Here each user's name and known telephone numbers (as they appear in the directory) are passed to a "PrintUser" routine.
Example 3: Creating a list of users
dim MyUserContainer as IOleDsContainer
dim MyUser as IOleDsUser
set MyUserContainer as GetOBject("@NS!ABX\Manufacturing\Austin")
for each MyUser in MyUserContainer
PrintUser MyUser.Name, MyUser.BusinessInformation.TelephoneNumbers
next MyUser
Adding users to groups for security purposes is a common and time-consuming activity for system administrators. In this example, the Austin users from the preceding example are added to the Manufacturing_Users group in the ABX organization, if they do not already belong.
Example 4: Adding users to groups
dim MyUserContainer as IOleDsContainer
dim MyUser as IOleDsUser
dim MyGroup as IOleDsGroup
dim Filter as Variant
Filter = Array("user");
set MyUserContainer = GetOBject("@NS!ABX\Manufacturing\Austin")
MyContainer.Filter = Filter ' filter out all objects except users
set MyGroup = GetObject("@NS!ABX\Manufacturing_Users")
for each MyUser in MyUserContainer
if not MyGroup.GeneralInfo.IsMember(MyUser) then
MyGroup.GeneralInfo.Members.Add(MyUser)
end if
next MyUser
A slightly more sophisticated version will accomplish the same task for all organizational units in the manufacturing division.
Example 5: Adding users to groups - extended version
dim MyUserContainer as IOleDsContainer
dim MyOuContainer as IOleDsContainer
dim MyUser as IOleDsUser
dim MyGroup as IOleDsGroup
dim Filter as Variant
Filter = Array("ou")
set MyOuContainer = GetOBject("@NS!ABX\Manufacturing")
MyOuContainer.Filter = Filter
Filter = Array("user")
for each MyUserContainer in MyOuContainer
MyUserContainer.Filter = Filter
for each MyUser in MyUserContainer
if not MyGroup.GeneralInfo.IsMember(MyUser.OleDsPath) then
MyGroup.GeneralInfo.Members.Add(MyUser.OleDsPath)
end if
next MyUser
next MyUserContainer
The notion of "user roles" is a common one in system administration. The access rights and privileges of a given user will depend on the roles a user fills. Rights and privileges are usually associated with security groups defined in a directory service. Unfortunately, the connection of a given "role" to a set of group memberships is generally defined in an administrator's memory or a notebook containing security procedures. When a new user is added to the system, the notebook or administrator who has the knowledge must be consulted to get the proper group memberships established.
In this example, the mapping of user roles to groups is captured in a small program written in Visual Basic. This program uses Active Directory to create the users and add them to the necessary groups based upon a "role" selected via the UI.
Example 6: Visual Basic Code for Active Directory User Addition Application
Global declarations hold the information necessary for running the sample application as is shown below:
Public Domain As IOleDs Public MfgUsers As IOleDsGroup Public PersUsers As IOleDsGroup Public EngUsers As IOleDsGroup Public FinUsers As IOleDsGroup Public AcctUsers As IOleDsGroup Public UserType As Integer ' Namespace root for Active Directory operations Public Const NameRoot As String = "@WinNT!Pell" ' Constant values for each user role we handle Public Const iAddDefault As Integer = 0 Public Const iAddPersonnel As Integer = 1 Public Const iAddFinance As Integer = 2 Public Const iAddEngineering As Integer = 3
When the form is displayed this code sets up the Active Directory Domain and Group objects needed by the sample application.
Private Sub Form_Load()
' When this form is loaded:
' Instantiate objects for the domain and groups to which users
' will be added
'
On Error GoTo Error_Form_Load
StatusBar.Panels.Item(1).Text = "Connecting..."
Set Domain = GetObject(NameRoot)
Set MfgUsers = GetObject(NameRoot + "\Manufacturing_Users")
Set PersUsers = GetObject(NameRoot + "\Personnel_Users")
Set EngUsers = GetObject(NameRoot + "\Engineering_Users")
Set FinUsers = GetObject(NameRoot + "\Finance_Users")
Set AcctUsers = GetObject(NameRoot + "\Accounting_Users")
'
' Let the user know we are ready
StatusBar.Panels.Item(1).Text = "Ready"
Exit Sub
Error_Form_Load:
'
' Let the user know we have a problem
StatusBar.Panels.Item(1).Text = "Init Err:" + Str(Err.Number)
End Sub
This code stores the role the user will have. It is called whenever one of the "role" radio buttons is clicked to save the newly selected role. The value of "index" will be one of the values for which constants have been defined in the global declarations.
Private Sub OptionUser_Click(Index As Integer)
UserType = Index
End Sub
This code creates the new user and adds the new user to the groups associated with their role.
Private Sub ButtonAdd_Click()
Dim NewUser As IOleDsUser
Dim businfo As IOleDsFSUserBusinessInformation
On Error GoTo ButtonAdd_Error
StatusBar.Panels.Item(1).Text = "Adding User..."
' check the password
If TextPassword <> TextPassword2 Then
response = MsgBox("Passwords do not match.", vbCritical, "Re-enter Password")
Exit Sub
End If
' Add a new user to the domain
' First, create the new user object
Set NewUser = Domain.Create("user", TextUserId)
' Set the properties of the user object
With NewUser.BusinessInformation
.FullName = TextFirstName + " " + TextLastName
.Description = TextDescription
End With
' write to the DS
NewUser.SetInfo
' set the password
NewUser.AccountRestrictions.SetPassword (TextPassword)
' Add the new user to the desired groups
Select Case UserType
Case iAddPersonnel
MfgUsers.GeneralInfo.Groups.Add (NewUser.OleDsPath)
PersUsers.GeneralInfo.Groups.Add (NewUser.OleDsPath)
Case iAddFinance
FinUsers.GeneralInfo.Groups.Add (NewUser.OleDsPath)
AcctUsers.GeneralInfo.Groups.Add (NewUser OleDsPath)
Case iAddEngineering
MfgUsers.GeneralInfo.Groups.Add (NewUser.OleDsPath)
EngUsers.GeneralInfo.Groups.Add (NewUser.OleDsPath)
Case Else 'add the default user
MfgUsers.GeneralInfo.Groups.Add (NewUser.OleDsPath)
End Select
StatusBar.Panels.Item(1).Text = "Ready"
Exit Sub
ButtonAdd_Error:
StatusBar.Panels.Item(1).Text = "Add Err:" + Str(Err.Number)
Resume Next
End Sub