Export (0) Print
Expand All

Copying Objects

Microsoft® Windows® 2000 Scripting Guide

To copy an object, you need a source object from which to make a copy. You must also determine which attributes of the source object you want to duplicate in the target object (the copy).

To copy an object, you simply combine some of the primary tasks covered earlier in this chapter:

  1. Complete the create task to create the target object.

    For task details, see "Creating Directory Service Objects" earlier in this chapter.

  2. Complete the read task to obtain attributes from the source object that should be copied to the target object.

    For task details, see "Reading Attributes of Directory Service Objects" and "Reading Multivalued Attributes" earlier in this chapter.

  3. Complete the modify task to write selected attributes to the target object.

    For task details, see "Modifying Directory Service Objects" and "Modifying Multivalued Attributes" earlier in this chapter.

The goal of the scripts in this section is to demonstrate how to copy objects. The first example copies a source computer object to a target computer object. This example demonstrates that ADSI scripts work with other Active Directory objects besides users, groups, and OUs. The second example copies a source user account to a target user account. This example demonstrates how to copy both single-valued and multivalued attributes.

Copying a Computer Account

The script in Listing 5.23 copies selected attributes from a computer account named SEA-PM-01 to a new computer account named SEA-SQL-01. The account to be used as a template (SEA-PM-01) is located in the Computers container of the na.fabrikam.com domain. When the new computer account (SEA-SQL-01) is created, it will also be located in the Computers container.

  1. Bind to the Computers container in the na.fabrikam.com domain.

    Notice that the Computers container has the attribute type CN. Except for the Domain Controllers container, all built-in containers directly below an Active Directory domain have the attribute type CN rather than OU.

  2. Create a computer object named sea-sql-01.

  3. Set the sAMAccountName mandatory attribute to the value sea-sql-01.

  4. Commit the new computer object to Active Directory.

    This step completes the task of creating the new computer object.

  5. Bind to the SEA-PM-01 computer object in the Computers container of the na.fabrikam.com domain.

    This computer object serves as the template object from which attributes are derived for the copy operation.

  6. Create an array named arrAttributes that contains the lDAPDisplayNames of the optional attributes that will be applied to the new computer object.

  7. Use a For Each statement to loop through the lDAPDisplayNames of the attributes specified in the array.

    1. Read each attribute from the computer object serving as the template.

      This step completes the task of reading the template computer object.

    2. Write the attributes to the new computer object.

  8. Commit the change to the new computer object in Active Directory.

    This step completes the task of modifying the new computer object. Notice that it was not necessary to bind again to the new computer object. The binding operation completed in line 2 provided the necessary connection to the new computer object.

Listing 5.23 Copying a Computer Object

  
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15


Set objCompt = GetObject("LDAP://cn=Computers,dc=NA,dc=fabrikam,dc=com")
Set objComptCopy = objCompt.Create("computer", "cn=SEA-SQL-01")

objComptCopy.Put "sAMAccountName", "sea-sql-01"
objComptCopy.SetInfo
Set objComptTemplate = _  GetObject("LDAP://cn=SEA-PM-01,cn=Computers,dc=NA,dc=fabrikam,dc=com")

arrAttributes = Array("description", "location")

For Each strAttrib in arrAttributes
strValue = objComptTemplate.Get(strAttrib)
objComptCopy.Put strAttrib, strValue
Next

objComptCopy.SetInfo

Listing 5.23 demonstrated how to copy two attributes from one object to another. However, many more attributes can be copied. The purpose of the preceding listing was simply to show how you can perform a copy operation by writing attributes from one object to another. In fact, you can copy both single-valued and multivalued attributes from one object to another, as the next listing demonstrates.

Copying a User Account

The script in Listing 5.24 copies selected single-valued and multivalued attributes from a user account named HuffArlene to a new user account named BarrAdam. The user account to be used as a template (HuffArlene) is located in the HR OU of the na.fabrikam.com domain. When the new user account (BarrAdam) is created, it will also be located in the HR OU.

  1. Set the ADS_PROPERTY_UPDATE constant equal to the control code parameter used by the PutEx method to indicate this mode of modification (used in line 21).

  2. Bind to the HR OU in the na.fabrikam.com domain.

  3. Create a user account named BarrAdam.

  4. Set the sAMAccountName mandatory attribute to the value barradam.

  5. Commit the new user account to Active Directory.

  6. Bind to the HuffArlene user account in the HR OU of the na.fabrikam.com domain.

  7. Create an array named arrSVAttributes that contains the lDAPDisplayNames of the optional single-valued attributes that will be applied to the new user account.

  8. Create another array named arrMVAttributes that contains the lDAPDisplayNames of the optional multivalued attributes that will be applied to the new user account.

  9. Use a For Each statement to iterate through the lDAPDisplayNames of the attributes specified in the arrSVAttributes array.

    Within the loop, use the Get method to read each attribute from the template user account and use the Put method to write it to the new user account.

  10. Use another For Each statement to iterate through the lDAPDisplayNames of the attributes specified in the arrMVAttributes array.

    Within the loop, use the GetEx method to read each attribute from the template user account and use the PutEx method to write it to the new user account.

  11. Commit the changes to the new user account in Active Directory.

Listing 5.24 Copying a User Account

  
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24


Const ADS_PROPERTY_UPDATE = 2

Set objOU = GetObject("LDAP://OU=HR,dc=NA,dc=fabrikam,dc=com")
Set objUserCopy = objOU.Create("user", "cn=BarrAdam")

objUserCopy.Put "sAMAccountName", "barradam"
objUserCopy.SetInfo

Set objUserTemplate = _  GetObject("LDAP://cn=HuffArlene,ou=HR,dc=NA,dc=fabrikam,dc=com")

arrSVAttributes = Array("description", "department", _  "company", "wWWHomePage")
arrMVAttributes = Array("url", "otherTelephone")

For Each strAttrib in arrSVAttributes
strValue = objUserTemplate.Get(strAttrib)
objUserCopy.Put strAttrib, strValue
Next

For Each strAttrib in arrMVAttributes
arrValue = objUserTemplate.GetEx(strAttrib)
objUserCopy.PutEx ADS_PROPERTY_UPDATE, strAttrib, arrValue
Next

objUserCopy.SetInfo

Important observations about the scripts in this section are:

  • Copying an Active Directory object involves the following three tasks: Create an object, read attributes from a different object, and write the attributes to the new object.

  • No method is available to the LDAP provider for directly performing the copy task.


Was this page helpful?
(1500 characters remaining)
Thank you for your feedback
Show:
© 2014 Microsoft