An anonymous user writes, "I just noticed an article with a couple of links about Perl and NetWare and being able (if I read it right) to manipulate the NDS. Is it possible to use Perl to manipulate the Windows 2000 Active Directory?"
Beats me.
Re:Not difficult at all
jns on 2001-10-27T18:06:28
Whilst currently I have no need to do this kind of thing - it would nonetheless be nice to see some kind of tutorial on this. Perhaps one of you guys could write an article for here or perl.com about how you would approach this.
/J\Re:Not difficult at all
$code or die on 2001-10-29T10:57:18
I've sung it's praises before, and I'll do it again. Dave Roth's excellent book Win32 Perl Scripting: The Administrator's Handbook is a MUST if you are are doing any kind of server admin on Win32. It covers Active Directory and more
ADSILDAP Perl Module
jeremy.brinkman on 2004-08-13T12:40:02
I have created a rudimentary perl module which allows user and group account management through ADSI. The ADSILDAP module has worked very well for the applications I have written. It is based on the NT user and group names as opposed to their LDAP distinguished names (although this functionality is also supported). The program is documented, with samples.
Many of the concepts are derived from other perl programmers in the community, such as Steven Manross who wrote the Win32::Exchange module.
Enough with the rambling, I hope this link helps: http://www.scriptavenue.com/projects.php
---------------------
use Win32::OLE;
use strict;
my $sysinfo = Win32::OLE->new('ADSystemInfo') || die ("Can't get sysinfo: ".Win32::OLE->LastError()."\n");
my $username=$sysinfo->{UserName};
print "Username:$username\n";
my $adsuser = Win32::OLE->GetObject("LDAP://$username") || die ("Can't find user: ".Win32::OLE->LastError()."\n");
print "CN: $adsuser->{cn}\n";
print "Email address: $adsuser->{EmailAddress}\n";
---------------------
This first uses the ADSystemInfo object to return the username of the currently logged in user. This is actually in the form of an LDAP path (cn=foo, ou=bar, DC=example, DC=com).
Then it uses GetObject to return a handle to an IADsUser object. This object has a bunch of properties that you can read/write (depending on your permissions).
Note that the properties are case sensitive in perl, while they are not in vbscript, and most of the documentation about the ADSI interface will have examples in VBscript.
Here's the same code in VBScript, so you can get a handle of what you need to do to convert betweent perl/vbscript:
---------
Set oSysInfo = CreateObject("ADSystemInfo")
WScript.echo oSysinfo.username
Set adsUser = GetObject("LDAP://" & oSysInfo.username)
Wscript.Echo adsUser.cn
Wscript.Echo adsUser.EmailAddress
---------
