Active Director description
The Active Director is a new approach to a more efficient way of administration in a Windows NT4, 2000 and 2003 environment.

The Active Director is a new approach to a more efficient way of administration in a Windows NT4, 2000 and 2003 environment.

This innovative and reliable VB6 project combines the powers of ADSI and WMI to automate object creation, changes and method calls

Here are some key features of "Active Director":

· Login Profiles define the way of connecting to a directory service and all other supported feature. A profile contains information about the ADSI accesstype (LDAP, WinNT, IIS, ...), the required servers or domains and many more features like eMail and Exchange-Support, logging into a database, etc. An administrator can define multiple profiles, one profile for each service he or she wants to administrate. Login profiles can optionally store Usernames and Passwords of service accounts, that should be used internally to connect the the directory service (Passwords are saved encrypted).
· ObjectTables contain ADSI objects. An ObjectTable provides a simple interface to view the properties of all contained objects and it allows the administrator to apply change-templates to all its objects.
· DataTables act like a Data Matrix and supports import and export of its content. The rows of a DataTable are comparable to records of datafields, and each row can be associated with an ADSI object. An administrator can apply a change-template on all associated ADSI objects as it is usual for ObjectTables. But in DataTables, a template can contain a reference to a datafield in the associated row. In that way can an external datasource be synchronized with objects in the directory service.
· The Property Parser is a really cool feature, that allowes the administrator to embed values of attributes or datafields in a change-template. e.g. If you need to rebuild the displaynames of a few hundred user objects, just apply a change-template on the attribute "displayname" with the value "%givenname% %sn%, %company%" and all displaynames will be updated with "Firstname Lastname, Company". This feature works on all attributes defined in the schema of the directory service
· Property Access can be a challenge, because ADSI differs between Attributes, IADs-Properties and other Dispatch-Properties like TerminalServices and Exchange Objects. Some of these properties are readable for humans, others are binary encoded. The Active Director provides a simplified access-model to all properties of an objects and it auto-converts properties to a readable form (this feature is extensible to non-standard schema extensions).
· Filtergroups offer a more comfortable way to search for objects in a directory tree. Active Directory supportes LDAP-filters via ADO, WinNT can only filter out specific ObjectClasses ... but in both cases it is difficult to define, what an object-search should return. Filtergroups are hierachical and each Group has a Type: "AND" or "OR". A Filtergroup can contain FilterEntries and other FilterGroups. So you can define a ADSI-provider independent search-filter, that will be converted in a native query, when the search starts. e.g.: AND-Group{company=MyCorp, sn=F*} will find all objects with a company-entry of "MyCorp", and thats surname (sn) will begin with an "F"
· Logging is enabled by default on all operations, so all changes are well-documented by the Director. An administrator can track back all changes and success/errors messages to optimize the administration process.
· Exchange Management is connected to directory management in many situations. User-Objects in an Active Directory can represent Mailboxes on an Exchange Server for example. The Active Director supports CDOEX/CDOEXM interfaces of Microsoft Exchange 2000/2003, POPAdminLib of Windows Server 2003 EMail Services, LDAP Access to Exchange 5.5 and at least a self-written LDAP provider for Exchange 2000/2003 and 2007.
· Sending Email messages to Users with informations about or from the directory can be quite usefull. The Active Director supports some Mail-Engines like MAPI, CDO, CDONTS, CDOSYS to communicate with other people. Emails like "Dear %displayname%, your account logonname will has been changed from %samaccountname% to ." can be sent to a the selected group of users, where the change was made with a few mouseclicks