Ureader.com  
Microsoft software help and Community
   home   |   control panel login   |   archive   |  
 
platform
active.directory
adsi
adsi.iis-admin
base
com_ole
complus_mts
component_svcs
database
directx
gdi
graphics_mm
internet.client
internet.server
internet.server.isapi-dev
localization
mapi
messaging
msi
mslayerforunicode
multimedia
networking
networking.ipv6
sdk_install
security
shell
telephony.tapi_2
telephony.tapi_3
telephony.tsp
telephony.wte
tools
ui
ui_shell
win_base_svcs
win16
  
 
date: Fri, 28 Mar 2008 16:03:31 -0500,    group: microsoft.public.platformsdk.active.directory        back       


list the allowed attributes    
Hi,
Looking for some ideas and suggestions.  I develop a software application  that allows users to pull information from AD to be viewed from this appWe allow them to specify which User object and Group object attributes to  display.  The problem is trying to make sure those attributes entered inare valid attributes.  So I'd like to send a query or call a method to  pull all valid/allowed attributes by their lDAPDisplayName.  And then  check the user values against that list.  I'm just not sure the best andmost efficient way to do this.

Couple avenues i've come across to accomplish this:
attributeDisplayNames attribute in  CN=user-Display,CN=409,CN=DisplaySpecifiers,CN=Configuration,DC=unimax,DC=com

and

 From a Kaplan post in 2004 using System.DirectoryServices:
entry.RefreshCache(new string[] {"allowedAttributes"});

Thanks for the input.

Nate
date: Fri, 28 Mar 2008 16:03:31 -0500   author:   am

Re: list the allowed attributes    
Nate wrote:

Looking for some ideas and suggestions.  I develop a software application
that allows users to pull information from AD to be viewed from this app.
We allow them to specify which User object and Group object attributes to
display.  The problem is trying to make sure those attributes entered in
are valid attributes.  So I'd like to send a query or call a method to
pull all valid/allowed attributes by their lDAPDisplayName.  And then
check the user values against that list.  I'm just not sure the best and
most efficient way to do this.

Couple avenues i've come across to accomplish this:
attributeDisplayNames attribute in
CN=user-Display,CN=409,CN=DisplaySpecifiers,CN=Configuration,DC=unimax,DC=com

and

 From a Kaplan post in 2004 using System.DirectoryServices:
entry.RefreshCache(new string[] {"allowedAttributes"});

allowedAttributes are the lDAPDisplayNames permitted to be assigned to the 
class of objects. You probably want to use allowedAttributesEffective, which 
is the attributes that can be modified on the object. You can also use the 
Schema method of the object and enumerate the MandatoryProperties and 
OptionalProperties. I think this gives the same result. See this link:

http://www.microsoft.com/technet/scriptcenter/resources/qanda/jun05/hey0628.mspx

The attributeDisplayNames attribute seems to be mostly attributes that show 
up in ADUC. Many attributes are missing.

-- 
Richard Mueller
Microsoft MVP Scripting and ADSI
Hilltop Lab - http://www.rlmueller.net
--
date: Fri, 28 Mar 2008 19:34:16 -0500   author:   Richard Mueller [MVP]

Google
 
Web ureader.com


    COPYRIGHT 2007, YARDI TECHNOLOGY LIMITED, ALL RIGHT RESERVE  |   contact us