Programmatic Identifier
MemAdmin.LDAPConfig.1
CLSID
40E9AD64-E2A1-11D0-920F-00C04FB954C7
COM Class Name
ldapcfg
Type Library Name
ladmin2 1.0 Type Library
Type Library Location
c:\Microsoft Site Server\bin\P&M\ladmin2.dll
Threading Model
“Both”
The LDAPCfg COM class defines an object that users and administrators can use to view the configuration of instances of the Membership Lightweight Directory Access Protocol (LDAP) server. Administrators can use the object to configure all accessible LDAP instances, remote or otherwise, from a single location. In this case, the calling process must have Windows NT administrative privileges.
To administer remote LDAP service instances, one calls the AttachToRemoteMachine method, followed by the CreateConfig or LoadConfig method.
To administer local instances, call AttachToLocalMachine. This is the default if neither is called explicitly.
The ldapcfg COM class exposes the single dual custom COM interface Ildapcfg. The methods and properties are accessible through this COM interface, or through the dispinterface Ildapcfg, available through IDispatch. The methods and properties are broken down below into related groups of functionality below.
This method binds to the LDAP service on the machine specified.
IDL Definition
HRESULT AttachToRemoteMachine([in] VARIANT szMachineName /* VT_BSTR */ );
Parameters
bszMachineName
a VT_BSTR variable containing the UNC, DNS name, or IP address of the machine running an instance of the LDAP server to administer.
Return Values
A standard HRESULT value
Remarks
This method is used to prepare configuration of a instance of the LDAP service hosted on a remote machine. The name passed can be an UNC, a DNS resolvable name, or an IP address in dot (quad) notation. Always call this method first to administer a remote instance.
For performance and ease-of-use reasons, the object that implements the Ildapcfg interface is a COM object. This object, in turn, connects to a DCOM object that is part of the LDAP server in order to perform the necessary configuration activities.
By default, the Ildapcfg object connects to the LDAP server on the local machine. Using this method, however, connections can be established to an LDAP server on some other machine. This allows the use of the Ildapcfg methods and properties in the administration of that remote server.
The AttachToRemoteMachine must be called before any attempt to configure a remote LDAP server. The effects of this method last until the next call to AttachToRemoteMachine, or a call to AttachToLocalMachine.
Example
Set LdapConf = CreateObject("MemAdmin.LDAPConfig.1")
BrokServers.AttachToRemoteMachine "SomeServer"This method attaches the LDAP Administration object to the LDAP server on the local machine. This is the default behavior. This method can be used to reset the effects of AttachToRemoteMachine.
IDL Definition
HRESULT AttachToLocalMachine();
Parameters
none
Return Values
a standard HRESULT value
Example
VBScript
Set ILdapcfg = CreateObject("MemAdmin.LdapConfig")
ILdapcfg.AttachToRemoteMachine "RemoteServerName"
ILdapcfg.LoadConfig 4
… ' configure this LDAP server instance, etc
ILdapcfg.AttachToLocalMachineThis method loads the server instance's configuration information into the object.
IDL Definition
HRESULT LoadConfig([in] VARIANT InstanceId );
Parameters
InstanceId
a VT_I4 (integer) value specifying the server instance to configure
Return Values
a standard HRESULT value
Remarks
Once a configuration has been loaded with LoadConfig, the various properties can be used to modify the configuration. The configuration is saved with the SaveConfig method.
Example
VBScript
Set ILdapcfg = CreateObject("MemAdmin.Ldapconfig")
ILdapcfg.LoadConfig 4 ' loads config info for server 4 on local machineThis method commits the changes made in the object for the currently loaded LDAP server instance.
IDL Definition
HRESULT SaveConfig();
Parameters
none
Return Values
a standard HRESULT value
Example
VBScript
Set ILdapcfg = CreateObject("MemAdmin.Ldapconfig")
ILdapcfg.LoadConfig 4 ' loads config info for server 4 on local machine
… ' change some properties
ILdapcfg.SaveconfigThis method creates a new instance of an LDAP server using the specified identifier. this identifier should not currently be used.
IDL Definition
HRESULT CreateConfig([in] VARIANT InstanceId);
Parameters
InstanceId
a VT_I4 (integer) value specifying the new server instance identifier
Return Values
a standard HRESULT value
Remarks
The CreateConfig method creates a new default configuration with a given instance number. In essence, therefore, a new LDAP server instance is created, in a STOPPED state and with a completely default configuration.
Once the new instance has been created, its properties can be set using the properties described in this reference. To commit the changes, one must call SaveConfig.
Example
VBScript
Set ILdapcfg = CreateObject("MemAdmin.Ldapconfig")
ILdapcfg.CreateConfig 4 ' This method immediately deletes the specified server instance configuration.
IDL Definition
HRESULT DeleteConfig( [in] VARIANT lInstanceId );
Parameters
lInstanceId
A VT_I4 (integer) value specifying the server instance number to delete the configuration for
Return Values
a standard HRESULT value
Remarks
The DeleteConfig method acts immediately. No call to SaveConfig is required. Once the specified instance has been deleted, the identifier can be reused to create a new instance.
Example
VBScript
Set ILdapcfg = CreateObject("MemAdmin.Ldapconfig")
ILdapcfg.DeleteConfig 4 ' delete instance 4 This method returns the current state of the LDAP server instance specified.
IDL Definition
HRESULT GetServerState([in] VARIANT Instance, [out] VARIANT *lState);
Parameters
Instance
the instance number of the server.
lState
on return, a VT_I4 value indicating the state of the server.
Possible values for lState are:
1 - "Server is Starting"
2 - "Server has been Started"
3 - "Server is Stopping"
4 - "Server has been Stopped"
5 - "Server is Pausing"
6 - "Server has been Paused"
7 - "Server is trying to Continue after a Pause"
Return Values
a standard HRESULT value
Example
Set ILdapcfg = CreateObject("MemAdmin.Ldapconfig")
ILdapcfg.GetServerState 4,state This method attempts to start the specified LDAP server instance.
IDL Definition
HRESULT StartServer( [in] VARIANT lInstanceId );
Parameter
lInstanceId
The instance number of the server of interest
Return Values
a standard HRESULT value
Example
Set ILdapcfg = CreateObject("MemAdmin.Ldapconfig")
ILdapcfg.StartServer 4 This method attempts to stop the specified LDAP server instance.
IDL Definition
HRESULT StopServer( [in] VARIANT lInstanceId );
Parameter
lInstanceId
The instance number of the server of interest
Return Values
a standard HRESULT value
Example
Set ILdapcfg = CreateObject("MemAdmin.Ldapconfig")
ILdapcfg.StopServer 4 This method attempts to pause the specified LDAP server instance.
IDL Definition
HRESULT PauseServer( [in] VARIANT lInstanceId );
Parameter
lInstanceId
The instance number of the server of interest
Return Values
a standard HRESULT value
Example
Set ILdapcfg = CreateObject("MemAdmin.Ldapconfig")
ILdapcfg.PauseServer 4 This method attempts to restart a previously paused LDAP server instance specified.
IDL Definition
HRESULT ContinueServer( [in] VARIANT lInstanceId );
Parameter
lInstanceId
The instance number of the server of interest
Return Values
a standard HRESULT value
Example
Set ILdapcfg = CreateObject("MemAdmin.Ldapconfig")
ILdapcfg.ContinueServer 4 This method returns all the properties for the specified LDAP server instance. These properties appear as the server's properties on the Microsoft Management Console property page.
IDL Definition
HRESULT GetDirectoryProperties(
[in] VARIANT lInstanceId,
[out] VARIANT *szRealm,
[out] VARIANT *szDnPrefix,
[out] VARIANT * fIsSQL,
[out] VARIANT * fExtSec,
[out] VARIANT * rgszContainerPartitions
);
Parameters
lInstanceId
the LDAP server instance
szRealm
the directory realm (o=company)
szDnPrefix
the optional DN prefix for the directory (c=US)
fIsSQL
indicates whether this directory has SQL server database backend. Zero (0) indicates false, one (1) indicates TRUE.
fExtSec
indicates whether this directory uses Windows NT Security or Membership Security. Zero (FALSE) indicates Membership security. One (TRUE) means Windows NT security.
rgszContainerPartitions
a VT_ARRAY containing VT_BSTR values. The strings represent the names of the namespace partitions of the directory, e.g. o=RealmName/ou=members.
Return Values
a standard HRESULT value
Remarks
This method does not require an appropriate LoadConfig or CreateConfig method invocation to work properly. Simply specify the LDAP service instance identifier to retrieve the properties.
Example
Set LdapObj = CreateObject(“MemAdmin.LDAPConfig.1”)
LDAPObj.GetDirectoryProperties 1, Realm, DnPrefix, fIsSQL, IsNTSec,Parts
wscript.echo “LDAP Instance 1”
wscript.echo Realm
wscript.echo DnPrefix
wscript.echo “Is SQL?” & fIsSQL
wscript.echo “Is Windows NT Security? “ & IsNTSec
On Error Resume Next
lb = LBound(Parts)
If Err.Number = 0 Then
For I = LBound(Parts) to UBound(Parts)
wscript.echo Parts(i)
Next
End IfThis method sets the Realm and optionally, a DN prefix for a specified LDAP server instance.
IDL Definition
HRESULT SetDirectoryProperties(
[in] VARIANT lInstanceId,
[in] VARIANT szRealm,
[in] VARIANT szDnPrefix
);
Parameters
lInstanceId (VT_I4)
the LDAP server instance
szRealm (VT_BSTR)
the directory realm for the instance (o=RealmA)
szDnPrefix (VT_BSTR)
an optional DN prefix for the directory (c=US)
Return Values
a standard HRESULT value
Example
Set LdapObj = CreateObject(“MemAdmin.LDAPConfig.1”)
LDAPObj.SetDirectoryProperties 1, Realm, DnPrefixThis method will check to see if the IP and port specified are currently in use by attempting to bind a socket using them.
HRESULT IsAddrInUse(
[in] long lIP,
[in] long lPort
);
Parameters
lIP
the IP address
lPort
the TCP port
Return Values
a standard HRESULT value. The method will succeed if the socket is successfully bound, or an error otherwise.
Remarks
The IP address should be in a standard packed 4 byte integer.
This method creates a partition for the container in the specified LDAP service instance to which the object is currently connected. The LDAP instance must be hosted by a SQL Server database to be partitioned.
IDL Definition
HRESULT CreateDSPartition(
[in] VARIANT lInstanceId,
[in] VARIANT szDn,
[in] VARIANT lCount,
[out] VARIANT * plPartitionID,
[out] VARIANT * plObjectID
);
Parameters
lInstanceId (VT_I4)
the LDAP server instance hosting the container to partition
szDn (VT_BSTR)
the distinguished name (DN) of the container to partition (e.g. “ou=members,o=realm”)
lCount (VT_I4)
the number of sub-partitions to make up this container partition
plPartitionID (VT_I4)
on return, the partition identifier of the object to be partitioned.
plObjectID (VT_I4)
on return, the target object identifier being partitioned.
Return Values
a standard HRESULT value
Remarks
Once the container is set for partitioning, one can use the AddPartitionDbServer method to add SQL server/database pairs to the partition map. Normally, sub-partitions are numbers from zero to one minus the number of partitions. Each sub-partition is mapped with AddPartitionDbServer using this sub-partition number, referred to in the Microsoft Management Console as the "value partition" value.
Partitioning containers is only available if the database storing the directory information is a SQL Server database. The method will return a failed HRESULT on an LDAP instance hosted by an Access database.
Example
Set LDAPObj = CreateObject("MemAdmin.LDAPConfig.1")
LDAPObj.AttachToRemoteMachine "MyServer"
LDAPId = 3
Container = "ou=members,o=realm"
NumParts = 2
LDAPObj.CreateDSPartition LDAPId, container, NumParts, retid,retobjidThis method adds a SQL server/database pair to the LDAP server's internal partition map for the specified container. If successful, it returns a Server/Database identifier that identifies the SQL server/database pair within the internal partition map.
IDL Definition
HRESULT AddPartitionDbServer(
[in] VARIANT lInstanceId,
[in] VARIANT szContainerPartition,
[in] VARIANT lSubPartitionNumber,
[out] VARIANT * dwServerId,
[in] VARIANT szServerName,
[in] VARIANT szDatabaseName,
[in] VARIANT szLogin,
[in] VARIANT szPassword,
[in] VARIANT dwMaxCnx,
[in] VARIANT dwTimeout,
[in] VARIANT dwReplicationType,
[in] VARIANT lSubrefPartitionID,
[in] VARIANT lSubrefObjectID
);
Parameters
lInstanceId (VT_I4)
The LDAP server instance id
szContainerPartition (VT_BSTR)
The name of the namespace partition for which the addition is targeted
lSubPartitionNumber (VT_I4)
The number of the sub-partition for which the addition is targeted
dwServerId (VT_I4)
The server/database combination identifier for which the addition is targeted; this value is generated by the database and is returned.
szServerName (VT_BSTR)
The server hosting the SQL server
szDatabaseName (VT_BSTR)
The targeted database on the supporting SQL server
szLogin (VT_BSTR)
The login name for the supporting SQL server
szPassword (VT_BSTR)
The login password for the supporting SQL server
dwMaxCnx (VT_I4)
The maximum number of concurrent connections allowed from the LDAP server to the SQL server
dwTimeout (VT_I4)
The maximum time a request will be allowed to remain outstanding on the SQL server (how long before the LDAP server gives up on getting a response back from the SQL server)
dwReplicationType (VT_I4)
The replication type of the supporting SQL server - A SQL server can be of types "Write-Only" (1), "Read-Only" (2), or "Read/Write" (3).
lSubrefPartitionID (VT_I4)
If this is a sub-ref partition, this identifies which partition the sub-ref that references the new database lives on. If this is not a partition this value MUST be bit-wise NOT ZERO (~0, or 0xffffffff)
lSubrefObjectID (VT_I4)
If this is a sub-ref partition, this is the DSID of the object which references the new database. If this is not a partition this value MUST be bit-wise NOT ZERO (~0, or 0xffffffff)
Return Values
a standard HRESULT value
Example
Set LdapObj = CreateObject(“MemAdmin.LDAPConfig.1”)
LDAPObj.GetPartitionDbInfo 1, “o=Realm/ou=members”,3,ids,servers,dbs,logins,pwds,maxcons,times,types
if IsArray(ids) Then
For i = LBound(ids) to Ubound(ids)
wscript.echo “Id: “ & ids(i)
wscript.echo “servername: “ & servers(i)
wscript.echo “database name: “ & dbs(i)
wscript.echo “logins: “ & logins(i)
wscript.echo “passes: “ & pwds(i)
wscript.echo “max con time: “ & maxcons(i)
wscript.echo “timeout: “ & times(i)
wscript.echo “repl type: “ & types(i)
Next
End IfThis method can be used to configure the information about an SQL server/database pair used to support a specified partition.
IDL Definition
HRESULT EditPartitionDbServer(
[in] VARIANT lInstanceId,
[in] VARIANT szContainerPartition,
[in] VARIANT lSubPartitionNumber,
[in] VARIANT dwServerId,
[in] VARIANT szServerName,
[in] VARIANT szDatabaseName,
[in] VARIANT szLogin,
[in] VARIANT szPassword,
[in] VARIANT dwMaxCnx,
[in] VARIANT dwTimeout,
[in] VARIANT dwReplicationType
);
Parameters
lInstanceId (VT_I4)
the LDAP server instance
szContainerPartition (VT_BSTR)
The name of the target namespace partition
lSubPartitionNumber (VT_I4)
The number of the sub-partition to be edited
dwServerId (VT_I4)
the server/database identifier combination to be edited
szServerName (VT_BSTR)
the name of the machine hosting the SQL server
szDatabaseName (VT_BSTR)
The targeted database name on the supporting SQL server
szLogin (VT_BSTR)
The login name for the supporting SQL server
szPassword (VT_BSTR)
The login password for each the supporting SQL server
dwMaxCnx (VT_I4)
The maximum number of concurrent connections allowed from the LDAP server to the SQL server
dwTimeout (VT_I4)
The maximum time a request should be allowed to remain outstanding on the SQL server (how long before the LDAP server gives up on getting a response back from the SQL server)
dwReplicationType (VT_I4)
The replication type of the supporting SQL server. A SQL server can be of types "Write-Only" (1), "Read-Only" (2), or "Read/Write" (3).
Return Values
a standard HRESULT value
Example
Set LdapObj = CreateObject(“MemAdmin.LDAPConfig.1”)
LDAPObj.GetPartitionDbServer 1, “o=Realm/ou=members”,3,2 ,server,db,login,pwd,maxcon,time,type
wscript.echo “Id: “ & id
wscript.echo “servername: “ & server
wscript.echo “database name: “ & db
wscript.echo “logins: “ & login
wscript.echo “passes: “ & pwd
wscript.echo “max con time: “ & maxcon
wscript.echo “timeout: “ & time
wscript.echo “repl type: “ & type
login = “newusername”
pwd = “pass”
maxcon = 2300
timeout = 3600
type = 2 ' read-only
wscript.echo “changing info for partition server”
LDAPObj.EditPartitionDbServer 1, “ou=members,o=Realm”,3,2 ,server,db,login,pwd,maxcon,time,type
This method retrieves a list of the specified container partitions sub-partition identifiers.
IDL Definition
HRESULT GetSubPartitions(
[in] VARIANT lInstanceId,
[in] VARIANT szContainer,
[out] VARIANT* rgdwSubPartitionNumber
);
Parameters
lInstanceId
the LDAP server instance the information is requested for
szContainer
The container for which the list of partitions (or value partitions) is requested (e.g. " ou=members,o=Realm"
rgdwSubPartitionNumber
on return, a VT_ARRAY of VT_I4 values. Each integer specifies each of the available sub-partitions on a namespace partition.
Return Values
a standard HRESULT value
Remarks
The sub-partition numbers returned in the third argument for the specified container can be mapped to server/database pairs for hosting of the partition. One can get the sub-partition numbers from GetSubPartitions and use them to fetch information about the actual SQl server/database pairs that host the partition using the GetPartitionDbInfomethod.
Example
Set LdapObj = CreateObject(“MemAdmin.LDAPConfig.1”)
LDAPObj.GetSubPartitions 1, “ou=members,o=Realm”, containerIDs
If IsArray(containerIDs) Then
for i = LBound(containerIDs) to UBound(containerIDs)
wscript.echo containerIDs(i)
next
End ifThis method requests the information about a SQL server database used to store a particular partition of a LDAP service instance container.
IDL Definition
HRESULT GetPartitionDbInfo(
[in] VARIANT lInstanceId,
[in] VARIANT szContainerPartition,
[in] VARIANT lSubPartitionNumber,
[out] VARIANT * rgdwServerId,
[out] VARIANT * rgszServerName,
[out] VARIANT * rgszDatabaseName,
[out] VARIANT * rgszLogin,
[out] VARIANT * rgszPassword,
[out] VARIANT * rgdwMaxCnx,
[out] VARIANT * rgdwTimeout,
[out] VARIANT * rgdwReplicationType
);Parameters
lInstanceId (VT_I4)
The LDAP server instance
szContainerPartition (VT_BSTR)
The name of the namespace partition for which the information is requested
lSubPartitionNumber (VT_I4)
The number of the sub-partition for which the information is requested - NOTE: Indices on the remaining parameters are correlated (e.g. rgdwServerId[n] correlates to rgszServerName[n])
rgdwServerId
A VT_ARRAY containing VT_I4 integers indicating the server id of each supporting server/database combination.
rgszServerName
A VT_ARRAY containing VT_BSTR strings indicating the name of each of the supporting SQL servers.
rgszDatabaseName
A VT_ARRAY containing VT_BSTR strings indicating the targeted database on each of the supporting SQL servers.
rgszLogin
A VT_ARRAY containing VT_BSTR strings indicating the login name for each of the supporting SQL servers.
rgszPassword
A VT_ARRAY containing VT_BSTR strings indicating the associated login password for each of the supporting SQL servers.
rgdwMaxCnx
A VT_ARRAY containing VT_I4 integers indicating the maximum number of concurrent connections allowed from the LDAP server to the SQL server.
rgdwTimeout
A VT_ARRAY containing VT_I4 integers indicating the maximum time a request should be allowed to remain outstanding on the SQL server (how long before the LDAP server gives up on getting a response back from the SQL server.
rgdwReplicationType
A VT_ARRAY containing VT_I4 values indicating the replication type of the supporting SQL server. A SQL server can be of types U2_REPLTYPE_WRITE (1), U2_REPLTYPE_READ (2), or U2_REPLTYPE_BOTH (3)
Return Values
a standard HRESULT value
Remarks
This method returns, among other things, the database/server identifiers used in mapping container partitions in the fourth argument. These values are the same as passed individually as the fourth argument to the GetPartitionDbServermethod. The GetPartitionDbInfo method essentially calls GetPartitionDbServer for each database/server combination mapped for the current container partition, building an array of values for each attribute to return.
Example
Set LdapObj = CreateObject(“MemAdmin.LDAPConfig.1”)
LDAPid = 3
LDAPObj.GetPartitionDbInfo LDAPid, _
“ou=members,o=Realm”, _
3,_
ids, _ ' database/server combo id
comboids, _
dbs,_
logins, _
pwds, _
maxcons,times,types
if IsArray(ids) Then
For i = LBound(ids) to Ubound(ids)
wscript.echo “Server/Database Id: “ & ids(i)
wscript.echo “servername: “ & servers(i)
wscript.echo “database name: “ & dbs(i)
wscript.echo “logins: “ & logins(i)
wscript.echo “passes: “ & pwds(i)
wscript.echo “max con time: “ & maxcons(i)
wscript.echo “timeout: “ & times(i)
wscript.echo “repl type: “ & types(i)
Next
End IfThis method returns information about a specified SQL server and database used to host a portion of a specified container partition. Each container partition maps a partition number to a database hosted by a particular server.
IDL Definition
HRESULT GetPartitionDbServer(
[in] VARIANT lInstanceId,
[in] VARIANT szContainerPartition,
[in] VARIANT lSubPartitionNumber,
[in] VARIANT dwServerId,
[out] VARIANT * szServerName,
[out] VARIANT * szDatabaseName,
[out] VARIANT * szLogin,
[out] VARIANT * szPassword,
[out] VARIANT * dwMaxCnx,
[out] VARIANT * dwTimeout,
[out] VARIANT * dwReplicationType
);Parameters:
lInstanceId (VT_I4)
The LDAP server instance the root database information is requested for
szContainerPartition (VT_BSTR):
The name of the namespace partition for which the information is requested
lSubPartitionNumber (VT_I4)
The number of the sub-partition for which the information is requested
dwServerId (VT_I4)
The server id of the server/database combination for which the information is requested
szServerName (VT_BSTR)
The name of the supporting SQL server
szDatabaseName (VT_BSTR)
The targeted database on the supporting SQL server.
szLogin (VT_BSTR)
The login name for the supporting SQL server.
szPassword (VT_BSTR)
The login password for each the supporting SQL server.
dwMaxCnx (VT_I4)
The maximum number of concurrent connections allowed from the LDAP server to the SQL server.
dwTimeout (VT_I4)
The maximum time a request should be allowed to remain outstanding on the SQL server (how long before the LDAP server gives up on getting a response back from the SQL server).
dwReplicationType (VT_I4)
The replication type of the supporting SQL server - A SQL server can be of types U2_REPLTYPE_WRITE (1), U2_REPLTYPE_READ (2), or U2_REPLTYPE_BOTH (3)
Return Values
a standard HRESULT value
Remarks
This method is similar to GetPartitionDbInfoexcept that it returns information only about a single SQL server/database pair that host a portion of the container partition. This combination is specified using the fourth argument of the method. The GetPartitionDbInfo method returns arrays of information about all current server/database pairs that make up the complete container partition.
Example
Set LdapObj = CreateObject("MemAdmin.LDAPConfig.1")
LDAPid = 1
Container = "ou=members,o=Realm"
SubPart = 2
dbserverid = 2
LDAPObj.GetPartitionDbInfo LDAPid, _
Container, _
SubPart, _
dbserverid, _ ' [in] here
server,_
db,login, _
pwd,maxcon, _
times,type
wscript.echo "server/database combo # " & dbservid
wscript.echo "Server name and db: " & server & ":" & db
This method will remove the specified SQL server/database combination from the internal container partition map.
IDL Definition
HRESULT RemovePartitionDbServer(
[in] VARIANT lInstanceId,
[in] VARIANT szContainerPartition,
[in] VARIANT lSubPartitionNumber,
[in] VARIANT dwServerId
);
Parameters
lInstanceId
the LDAP server instance to remove
szContainerPartition
The namespace partition with the partition to remove
lSubPartitionNumber
The number of the sub-partition for which the removal is targeted
dwServerId
the server/database combination server identifier for which the removal is targeted
Return Values
a standard HRESULT value
Example
Set LdapObj = CreateObject("MemAdmin.LDAPConfig.1")
LdapObj.AttachToRemoteMachine "SomeServerName"
InstanceId = 4
Container = "ou=members,o=Realm"
SubPart = 2
ComboId = 4
LDAPObj.RemovePartitionDbServer InstanceId, Container, SubPart, ComboIdThis method will list all LDAP server instance identifiers and their respective Server names and RPC UUID values.
IDL Definition
HRESULT ListAllReplica(
[out] VARIANT * rgServerId, // SAFEARRAY OF VARIANT OF LONG
[out] VARIANT * rgszServerName, // SAFEARRAY OF VARIANT OF BSTR
[out] VARIANT * rgszRpcGuid // SAFEARRAY OF VARIANT OF BSTR
);
Parameters
rgServerId
on return, a VT_ARRAY containing VT_LONG values each of which is an LDAP server instance identifier
rgszServerName
on return, a VT_ARRAY containing VT_BSTR values each of which is the server name hosting the corresponding server instance
rgszRpcGuid
on return, a VT_ARRAY containing VT_BSTR values each of which is the RPC UUID for the corresponding server instance
Return Values
a standard HRESULT value
Remarks
The items in the array are correlated by their position in the array. (i.e. array item 1 in each returned array are the instance id, server name, and GUID for a target replication server instance.)
Example
Set LDAPObj = CreateObject(“MemAdmin.LDAPConfig.1”)
LDAPObj.ListAllReplica ids,names,guids
if IsArray(ids) Then
lb = LBound(ids)
ub = UBound(ids)
for i = lb to ub
wscript.echo ids(i) & “:” & names(i) & “:” & guids(i)
next
End IfThis method will add a specified LDAP server instance to the list of replication targets.
IDL Definition
HRESULT AddReplica(
[in] long lServerId,
[in] BSTR szServerName,
[in] BSTR szRpcGuid
);
Parameters
lServerId
the target LDAP server instance identifier
szServerName
the host the LDAP server instance is running on
szRpcGuid
the RPC UUID for the instance
Return Values
a standard HRESULT value
Remarks
The RPC UUID should be generated using the ConfigLocalReplica method.
Example
Set LDAPObj = CreateObject(“MemAdmin.LDAPConfig.1”)
LDAPObj.ConfigLocalReplica 5, GUID
LDAPObj.AddReplica 3, HostName, GUIDThis method will delete the specified LDAP server instance from the list of target replication server instances.
IDL Definition
HRESULT DelReplica(
[in] long lServerId
);Parameters
lServerId
the LDAP server instance identifier
Return Values
a standard HRESULT value
Example
Set LDAPObj = CreateObject(“MemAdmin.LDAPConfig.1”)
LDAPObj.DelReplica 4This method will set up a specified LDAP server instance as a target instance for replication from the primary server.
IDL Definition
HRESULT ConfigLocalReplica(
[in] long lNewServerId,
[out] VARIANT *szRpcGuid
);Parameters
lNewServerId
the LDAP server instance identifier
szRpcGuid
on return, a VT_BSTR value containing the RPC UUID representing this replication target server instance.
Return Values
a standard HRESULT value
Example
Set LDAPObj = CreateObject(“MemAdmin.LDAPConfig.1”)
LDAPObj.ConfigLocalReplica 5, GUIDThis method returns the LDAP server instance identifier for the local replica.
HRESULT QueryLocalReplica(
[out] VARIANT* lServerId
);
Parameters
lServerId
the LDAP server instance identifier
Return Values
a standard HRESULT value
Example
Set LDAPObj = CreateObject(“MemAdmin.LDAPConfig.1”)
LDAPObj.QueryLocalReplica ServId This method will compact the backend Access database used by the specified LDAP server instance.
IDL Definition
HRESULT CompactDatabase( [in] VARIANT lInstanceId);
Parameter
lInstanceId
The LDAP server instance identifier.
Return Values
a standard HRESULT value
Remarks
This procedure is only applicable to LDAP servers that use Access as an underlying database.
WARNING: The given LDAP server instance will be stopped and restarted during the compaction process. This is necessary in order for the Access DB driver to obtain an exclusive lock on the database as mandated by its compaction procedure.
The CompactDatabase method will fail if another LDAP instance, aside from the given one, is also using the same Access Database. Such instances must be stopped in order for the compact operation to succeed.
This method will perform repairs on the backend Access database used by the specified LDAP server instance.
IDL Definition
HRESULT RepairDatabase( [in] VARIANT lInstanceId);
Parameter
lInstanceId
The LDAP server instance identifier.
Return Values
a standard HRESULT value
Remarks
This procedure is only applicable to LDAP servers that use Access as an underlying database.
WARNING: The given LDAP server instance will be stopped and restarted during the repair process. This is necessary in order for the Access database driver to obtain an exclusive lock on the database as mandated by its repair procedure.
The RepairDatabase method will fail if another LDAP instance, aside from the given one, is also using the same Access Database. Such instances must be stopped in order for the repair operation to succeed.
This property specifies the TCP/IP port the LDAP server instance will bind and listen for client requests.
IDL Definition
[propget]
HRESULT Port([out, retval] VARIANT* pData);
[propput]
HRESULT Port([in] VARIANT Data );
Type
VT_I4 (integer)
Example
VBscript
Set ILdapCfg = CreateObject("MemAdmin.LdapConfig")
ILdapCfg.LoadConfig 3
ILdapCfg.Port = 2000This property specifies the TCP/IP port the server instance will bind using the Secure Sockets Layer (SSL) protocol.
IDL Definition
[propget]
HRESULT SecurePort([out, retval] VARIANT* pData);
[propput]
HRESULT SecurePort([in] VARIANT Data);
Type
VT_I4 (integer)
This property specifies the Internet Protocol (IP) address the LDAP server instance will use along with a specified port to bind a socket and listen for client requests.
IDL Definition
[propget]
HRESULT IP([out, retval] VARIANT* pData);
[propput]
HRESULT IP([in] VARIANT Data);
Type
VT_BSTR (string)
Remarks
Set this property to the empty string to allow the instance to bind using any of the available IP addresses on the local machine. (All Unassigned)
The list of valid IP Addresses on the machine can be obtained from the SupportedIPs read-only property. This valid IP address list is checked whenever an IP change is attempted. An error is returned on an attempt to change the LDAP server IP to one that is not valid on the machine.
Example
Set LdapObj = CreateObject(“MemADmin.LDAPConfig.1”)
LDAPObj.LoadConfig 1
LDAPObj.IP = “127.0.0.1” ‘ localhost
LDAPObj.SaveconfigThis property lists the available IP addresses on the local machine.
IDL Definition
HRESULT SupportedIPs([out, retval] VARIANT* pData);
Type
VT_ARRAY (SAFEARRAY)
Contains
VT_BSTR (string)
Remarks
A list of IP addresses supported on the LDAP server machine. This list is automatically checked when the IP or DNSName properties are modified to make sure the new IP address is supported. This property should be used primarily for UI elements (such as a list box that allows the user to select only valid IP addresses).
SupportedIPs is a read-only property.
Example
Set Obj = CreateObject(“MemAdmin.LDAPConfig.1”)
Obj.LoadConfig 1
Ips = Obj.SupportedIPs
For I = LBound(Ips) to UBound(Ips)
wscript.echo Ips(I)
NextThis property specifies the Domain Name Service (DNS) name for the machine hosting the Membership LDAP server instance.
IDL Definition
[propget]
HRESULT DNSName([out, retval] VARIANT* pData );
[propput]
HRESULT DNSName([in] VARIANT Data );
Type
VT_BSTR (string)
Remarks
This property reads as the local machine's name if an IP address is unspecified.
Setting this property makes appropriate changes to the IP property and vice-versa.
Example
Set O = createObject(“MemADmin.LDAPConfig.1”)
O.LoadConfig 1
wscript.echo o.dnsnameThis property specifies whether the LDAP server instance is set to read-only mode.
IDL Definition
[propget]
HRESULT ReadOnlyMode([out, retval] VARIANT* pData );
[propput]
HRESULT ReadOnlyMode([in] VARIANT Data );
Type
VT_BOOL (boolean)
Remarks
If the server is set to read-only mode, no database updates are allowed.
Example
Set LdapObj = CreateObject(“MemADmin.LDAPConfig.1”)
LDAPObj.LoadConfig 1
LDAPObj.ReadOnlyMode = TRUE
LDAPObj.SaveconfigThis property specifies whether to limit LDAP searches to the initial substring or not.
IDL Definition
[propget]
HRESULT EnableAllSub([out, retval] VARIANT* pData);
[propput]
HRESULT EnableAllSub([in] VARIANT Data);
Type
VT_BOOL (boolean)
Example
Set LdapObj = CreateObject(“MemADmin.LDAPConfig.1”)
LDAPObj.LoadConfig 1
LDAPObj.EnableAllsubs = TRUE ‘ Allow full search
LDAPObj.SaveconfigThis property specifies the maximum page size for a LDAP search query requested for this instance. This property is expressed in entries.
IDL Definition
[propget]
HRESULT MaxPageSize([out, retval] VARIANT* pData);
[propput]
HRESULT MaxPageSize([in] VARIANT Data);
Type
VT_I4 (integer)
Example
Set LdapObj = CreateObject(“MemADmin.LDAPConfig.1”)
LDAPObj.LoadConfig 1
LDAPObj.MaxPageSize = 100 ‘ 100 entries
LDAPObj.SaveconfigThis property specifies the maximum size of the result set for a requested query.
IDL Definition
[propget]
HRESULT MaxResultSet([out, retval] VARIANT* pData);
[propput]
HRESULT MaxResultSet([in] VARIANT Data);
Type
VT_I4 (integer)
Remarks
This property is in entries.
Example
Set LdapObj = CreateObject(“MemADmin.LDAPConfig.1”)
LDAPObj.LoadConfig 1
LDAPObj.MaxResultSet = 500 ‘ 500 entries
LDAPObj.SaveconfigThis property specifies the time, in milliseconds, the LDAP server instance will wait for a query to complete before it should time out.
IDL Definition
[propget]
HRESULT MaxQueryTime([out, retval] VARIANT *pData);
[propput]
HRESULT MaxQueryTime([in] VARIANT Data);
Type
VT_I4 (integer)
Example
Set LdapObj = CreateObject(“MemADmin.LDAPConfig.1”)
LDAPObj.LoadConfig 1
LDAPObj.MaxQueryTime = 60000 ’60 seconds
LDAPObj.SaveconfigThis property specifies how many concurrent TCP/IP sockets can be open from the LDAP server instance to the SQL Server database.
IDL Definition
[propget]
HRESULT MaxConnection([out, retval] VARIANT *pData);
[propput]
HRESULT MaxConnection([in] VARIANT Data);
Type
VT_I4 (integer)
Example
Set LdapObj = CreateObject(“MemADmin.LDAPConfig.1”)
LDAPObj.LoadConfig 1
LDAPObj.MaxConnection = 2000 ‘ 2000 connections concurrent
LDAPObj.SaveconfigThis property specifies the time limit in seconds on idle socket connections in the TIME_WAIT state before they are closed by the LDAP server instance.
IDL Definition
[propget]
HRESULT ConnectionTimeout([out, retval] VARIANT *pData);
[propput]
HRESULT ConnectionTimeout([in] VARIANT Data);
Type
VT_I4 (integer)
Example
Set LdapObj = CreateObject(“MemADmin.LDAPConfig.1”)
LDAPObj.LoadConfig 1
LDAPObj.ConnectionTimeout = 3600 ‘ 3600 seconds
LDAPObj.SaveconfigThis property, if set to TRUE (1), informs the LDAP server instance that is should "blacklist" an IP address from connecting if the client process fails to properly authenticate after a certain number of tries.
IDL Definition
[propget]
HRESULT EnableShortTermIPBlacklisting([out, retval] VARIANT *pData);
[propput]
HRESULT EnableShortTermIPBlacklisting([in] VARIANT Data);
Type
VT_I4 (integer)
Remarks
FALSE = 0; TRUE = 1
This property, if set to TRUE, directs the LDAP server instance to "blacklist" accounts that have failed to property authenticate a certain number of times in a specified period of time.
IDL Definition
[propget]
HRESULT EnableShortTermAccountBlacklisting([out, retval] VARIANT *pData);
[propput]
HRESULT EnableShortTermAccountBlacklisting([in] VARIANT Data);
Type
VT_I4 (integer)
This property specifies the security support providers allowed by the server.
IDL Definition
[propget]
HRESULT Authorization([out, retval] VARIANT *pData);
[propput]
HRESULT Authorization([in] VARIANT Data);
Type
VT_I4 (integer)
Remarks
Valid values are
MD_AUTH_ANONYMOUS (1)
MD_AUTH_BASIC (2) - Clear Text
MD_AUTH_NT (4) - NTLM or DPA
or any additive combination (bitwise or) of the three.
Example
Set LdapObj = CreateObject(“MemADmin.LDAPConfig.1”)
LDAPObj.LoadConfig 1
LDAPObj.Authorization = 6 ‘ NTLM and Clear Text
LDAPObj.SaveconfigThis property, if set to TRUE, directs the LDAP server instance to enable the Secure Sockets Layer (SSL) protocol for client requests. The server uses the SecurePort property TCP/IP port value when binding its SSL socket.
IDL Definition
[propget]
HRESULT EnableSSL([out, retval] VARIANT *pData);
[propput]
HRESULT EnableSSL([in] VARIANT Data);
Type
VT_BOOL (boolean)
Example
Set LdapObj = CreateObject(“MemAdmin.LDAPConfig.1”)
LDAPObj.LoadConfig 1
LDAPObj.EnableSLL = TRUE
LDAPObj.SecurePort = 639
LDAPObj.SaveconfigThis property, if set to TRUE, directs the LDAP server instance to enable the Secure Sockets Layer (SSL) protocol with 128 bit keys for network connections. The server instance uses the SecurePort property port value when binding its listening TCP/IP socket.
IDL Definition
[propget]
HRESULT EnableSSL128([out, retval] VARIANT *pData);
[propput]
HRESULT EnableSSL128([in] VARIANT Data);
Type
VT_BOOL (boolean)
Example
Set LdapObj = CreateObject(“MemADmin.LDAPConfig.1”)
LDAPObj.LoadConfig 1
LDAPObj.EnableSSL128 = TRUE
LDAPObj.SaveconfigThis method retrieves the list of Membership LDAP servers onto which dynamic data is replicated to from the current LDAP service.
IDL Definition
HRESULT GetDynamicReplicationList(
[in] VARIANT lInstanceId,
[out] VARIANT* rgszReplNames,
[out] VARIANT* rgszReplIDs
);Parameters
lInstanceId: (VT_I4)
The instance number of the LDAP server instance.
rgszReplNames: (VT_ARRAY of VT_BSTR)
on return, the list of machine names. The VT_ARRAY (SAFEARRAY) contains VT_BSTR values.
rgszReplIDs: (VT_ARRAY of VT_BSTR)
on return, a The VT_ARRAY (SAFEARRAY) contains VT_BSTR values the list of Membership Server instance identifiers.
Return Values
a standard HRESULT value
Example
Set LdapObj = CreateObject(“MemAdmin.LDAPConfig.1”)
LDAPObj.LoadConfig 1
LDAPObj.GetDynamicReplicationList 1, Names, IDs
For I = LBound(Names) to UBound(Names)
wscript.echo Names(i) & “:” & IDs(i)
NextIf this property is set to TRUE, the server will allow dynamic directory objects. (ILS)
IDL Definition
[propget]
HRESULT EnableDynamic([out, retval] VARIANT *pData);
[propput]
HRESULT EnableDynamic([in] VARIANT Data);
Type
VT_BOOL (boolean)
Example
Set LdapObj = CreateObject(“MemADmin.LDAPConfig.1”)
LDAPObj.LoadConfig 1
LDAPObj.EnableDynamic = TRUE
LDAPObj.SaveconfigThis property defines the minimum time to live for dynamic objects. It is in units of seconds.
IDL Definition
[propget]
HRESULT MinTTL([out, retval] VARIANT *pData);
[propput]
HRESULT MinTTL([in] VARIANT Data);
Type
VT_I4 (integer)
Example
Set LdapObj = CreateObject(“MemADmin.LDAPConfig.1”)
LDAPObj.LoadConfig 1
LDAPObj.MinTTL = 300 ‘ 5 minutes
LDAPObj.SaveconfigThis property specifies the maximum number of concurrent dynamic objects that the LDAP server instance will allow.
IDL Definition
[propget]
HRESULT MaxDynamObj([out, retval] VARIANT *pData);
[propput]
HRESULT MaxDynamObj([in] VARIANT Data);
Type
VT_I4 (integer)
Example
Set LdapObj = CreateObject(“MemADmin.LDAPConfig.1”)
LDAPObj.LoadConfig 1
LDAPObj.MaxDynamObj = 5000 ‘ 5000 entries
LDAPObj.SaveconfigSet this property to TRUE if the server should support LDAP v1 backward compatibility. This property is listed as a checkbox to “Enable NetMeeting 1.0 Support.”
IDL Definition
[propget]
HRESULT EnableRTPerson([out, retval] VARIANT *pData);
[propput]
HRESULT EnableRTPerson([in] VARIANT Data);
Type
VT_BOOL (boolean)
Example
Set LdapObj = CreateObject(“MemADmin.LDAPConfig.1”)
LDAPObj.LoadConfig 1
LDAPObj.EnableRTPerson = TRUE
LDAPObj.SaveconfigSet this property to TRUE if the LDAP server instance will replicate to other instances that support dynamic objects (ILS).
IDL Definition
[propget]
HRESULT EnableReplicate([out, retval] VARIANT *pData);
[propput]
HRESULT EnableReplicate([in] VARIANT Data);
Type
VT_BOOL (boolean)
Example
Set LdapObj = CreateObject(“MemADmin.LDAPConfig.1”)
LDAPObj.LoadConfig 1
LDAPObj.EnableReplicate = TRUE
LDAPObj.SaveconfigSet this property to "TRUE" to have the LDAP server instance log requests.
IDL Definition
[propget]
HRESULT EnableLog([out, retval] VARIANT *pData);
[propput]
HRESULT EnableLog([in] VARIANT Data);
Type
VT_BOOL (boolean)
This property specifies whether the backend database used to persist (store) the directory data is a SQL server or Jet (access) database. SQL = 1; Jet DB = 2.
IDL Definition
[propget]
HRESULT DBType([out, retval] VARIANT *pData);
[propput]
HRESULT DBType([in] VARIANT Data);
Type
VT_I4 (integer)
This property specifies the database source. If an SQL server is being used, this property should contain the server name. If a JET database is being used, this property should contain the filesystem path to the .MDB file.
IDL Definition
[propget]
HRESULT DBSource([out, retval] VARIANT *pData);
[propput]
HRESULT DBSource([in] VARIANT Data);
Type
VT_BSTR (string)
For SQL server backends, this property should specify the name of the database.
IDL Definition
[propget]
HRESULT DBName([out, retval] VARIANT *pData);
[propput]
HRESULT DBName([in] VARIANT Data);
Type
VT_BSTR (string)
This property is used along with the DBPassword property by the LDAP server instance to authenticate when logging in to the backend SQL Server or JET database.
IDL Definition
[propget]
HRESULT DBUsername([out, retval] VARIANT *pData);
[propput]
HRESULT DBUsername([in] VARIANT Data);Type
VT_BSTR (string)
This property is used in conjunction with the DBUsername property by the LDAP server instance to authenticate with the SQL or JET backend database.
IDL Definition
[propget]
HRESULT DBPassword([out, retval] VARIANT *pData);
[propput]
HRESULT DBPassword([in] VARIANT Data);
Type
VT_BSTR (string)