ADSI and COM
Keywords: 1073 OLE COM ADSI Active Directory
When the ADSI extender was written we really didn't have a feel for how people would use it. We opted to make it easy to use
with as few steps as possible. We felt that it was the only way to give it some advantage over VBS or VB and COM. One way we did
this was to remove the need save cached object changes to the Directory Service. The extender does this in the background every
time you make a change to a property. While this makes ADSI a little less error prone and easier to use, it also adds a lot of
network traffic. (With straight COM objects you have to tell ADSI to update the DS with your cached changes or they are lost.)
The problem is that the extender is prone to timing issues because of all the extra network traffic it generates, but there are several points to keep in mind here.
- Active Directory servers have a built-in throttle that will cause time-out errors when too many connections in a given time so network load is not the issue. It is possible to get timeout errors with COM as well as with the extender. The extender is just a little more prone to this sort of thing because it causes an authentication check on every property submission.
- Generally, the extender will only generate error 1073 when doing bulk updates of many properties to many objects. Under other conditions it is not normal an issue with the extender anymore than it is with COM.
- There is an interesting trick that can be used to avoid the 1073 error with the extender. You can keep the connect from a client to a the AD server open by creating an AD COM object at the beginning of your script. This will cause all subsequent extender access to use the existing connection without re-authenticating and thus prevent the 1073 error. Note that you must use the same credentials for both COM and the extender for this to work properly.
Sample code to get and set a user full name:
newname = "Fred Flintstone"
objUser = ObjectGet("WinNT://YourDomain/UserID")
origname = objUser.FullName
ret = AskYesNo('Change Users Full Name', StrCat('Are you sure you want to change the users full name from ',origname,' to ',newname,'?'))
if ret == @YES
objUser.FullName = "Users Name"
objUser.SetInfo()
endif
objUser = 0
Message('Changed Users Full Name', StrCat('Changed ',origname,' to ',newname))
exit
Reference:
http://msdn.microsoft.com/en-us/library/windows/desktop/aa705950(v=vs.85).aspx
http://apostate.com/wsh-adsi-recipes
Article ID: W15802
File Created: 2012:10:26:10:27:48
Last Updated: 2012:10:26:10:27:48