Last post Jun 28, 2005 10:28 AM by jyo
May 25, 2005 02:29 AM|red131|LINK
May 26, 2005 05:21 PM|dunnry|LINK
May 31, 2005 12:18 AM|red131|LINK
Jun 01, 2005 07:23 AM|red131|LINK
Jun 02, 2005 03:49 AM|red131|LINK
Jun 02, 2005 10:23 PM|dunnry|LINK
Jun 03, 2005 02:42 AM|red131|LINK
Thanks Dunnry for your reply. I have successfully connected to the adam via the asp provider model but would like to ask for advice on the followings :-
1. Multi-value property in ADAM means more than 1 value attributes but can anyone give some examples on how or what is it ?
2. For asp2.0 provider model which is "datastore and UI "agnostic there are about 4000 new api incuding 6 new features membership, role manager, personalization, site Navigation, database caching and health monitoring. Would it be advisable to also put the
database for role manager, personalisation and navigation into ADAM ? At present these settings are stored in xml files so storing it in ADAM would be good or otherwise please comment ?
3. There is a article from Fredrik on Authorization Manager at
http://fredrik.nsquared2.com/viewpost.aspx?PostID=295. I am trying to use this to add role to the user. Basically in the provider model a person has many membership and many task. Each task has many roles (1:m relationship). The Fredrik example show adding
user to role and roll back of such transaction if conditions are not met. Anyone has any idea on how to create user following some rules and to roll back such transaction if some conditions failed like the credit card does not approve such payment etc. with
ADAM ? Distributed Transction here means writing to ADAM and database for UserDetails and UserProfile Respectively. Workspace for Fredrik is at
4. Setting Account Lockout and password policies. In ASP.net 2 provider modal there are password restriction which most people would not like is like 9 digits with 1 minimum Upper case letter and 2 special character like Pa$$words by default. However there
are many more things like we would like to add like the password and account lckout policy. I have got some note from Orelly Activedirectory cookbook Recipe 6.11 as follows :-
This code displays the current settings for the password
' and account lockout policies.
' ------ SCRIPT CONFIGURATION ------
strDomain = "<DomainDN>"
' e.g. rallencorp.com
' ------ END CONFIGURATION ---------
set objRootDSE = GetObject("LDAP://" & strDomain & "/RootDSE")
= GetObject("LDAP://" & _
' Hash containing the domain password and lockout policy attributes
' as keys and the units (e.g. minutes) as the values
set objDomAttrHash = CreateObject("Scripting.Dictionary")
objDomAttrHash.Add "lockoutDuration", "minutes"
objDomAttrHash.Add "lockoutThreshold", "attempts"
objDomAttrHash.Add "lockoutObservationWindow", "minutes"
objDomAttrHash.Add "maxPwdAge", "minutes"
objDomAttrHash.Add "minPwdAge", "minutes"
objDomAttrHash.Add "minPwdLength", "characters"
objDomAttrHash.Add "pwdHistoryLength", "remembered"
objDomAttrHash.Add "pwdProperties", " "
' Iterate over each attribute and print it
for each strAttr in objDomAttrHash.Keys
if IsObject( objDomain.Get(strAttr) ) then
set objLargeInt = objDomain.Get(strAttr)
if objLargeInt.LowPart = 0 then
value = 0
value = Abs(objLargeInt.HighPart * 2^32 + objLargeInt.LowPart)
value = int ( value / 10000000 )
value = int ( value / 60 )
value = objDomain.Get(strAttr)
WScript.Echo strAttr & " = " & value & " " & objDomAttrHash(strAttr)
'Constants from DOMAIN_PASSWORD_INFORMATION
Set objDomPassHash = CreateObject("Scripting.Dictionary")
objDomPassHash.Add "DOMAIN_PASSWORD_COMPLEX", &h1
objDomPassHash.Add "DOMAIN_PASSWORD_NO_ANON_CHANGE", &h2
objDomPassHash.Add "DOMAIN_PASSWORD_NO_CLEAR_CHANGE", &h4
objDomPassHash.Add "DOMAIN_LOCKOUT_ADMINS", &h8
objDomPassHash.Add "DOMAIN_PASSWORD_STORE_CLEARTEXT", &h16
objDomPassHash.Add "DOMAIN_REFUSE_PASSWORD_CHANGE", &h32
' The PwdProperties attribute requires special processing because
' it is a flag that holds multiple settings.
for each strFlag In objDomPassHash.Keys
if objDomPassHash(strFlag) and objDomain.Get("PwdProperties") then
WScript.Echo " " & strFlag & " is enabled"
WScript.Echo " " & strFlag & " is disabled"
We are trying to add account lockout and password policies without the domain so anyone can suggest a method to utilise the above vbscripts to convert to C# or something ?? How to make the above run ?
Any suggestings, links are greatly appreciated.
Thanks in advance.
Jun 28, 2005 10:28 AM|jyo|LINK