Root Directory Service Entry

Microsoft® Windows® 2000 Scripting Guide

An element important to building an ADsPath to an object is the Root Directory Service Entry (rootDSE). The rootDSE is defined as the root of the directory, and it is a useful feature of ADSI because it allows a script to derive important information about the root directory. In turn, this enables you to stay away from hard-coding distinguished names when constructing an ADsPath.

Up to this point, all of the script examples in this chapter use a feature of ADSI called serverless binding. Serverless binding means that the name of a domain controller is not hard-coded into the ADsPath. Instead, ADSI locates a domain controller in the default domain that can service the binding request. Typically, when you run a script, the default domain is your current logon domain and, depending on the configuration of Active Directory, a domain controller at a local site will service the request.

Serverless binding is an important step toward making ADSI scripts function efficiently within the forest. However, because all of the script examples in this chapter thus far use hard-coded distinguished names in the ADsPath, the scripts function only within the fabrikam.com forest. In every case, rootDSE can be used to make the scripts function in Active Directory forests other than fabrikam.com.