There will be times when you need to write a script that queries all the values that have been set in the underlying directory for a particular object. For example, suppose you’re one of several systems administrators who work with your company’s Active Directory implementation. You need to write a script that queries all the property values that the administrators have set for a particular user.

Discovering the set property values for an object can be a long, tedious job. Fortunately, ADSI provides a quick method. If someone has set a value for a property, it must be in that object’s property cache. So all you need to do is walk through the property cache, displaying and optionally modifying each item as you go.

In this section, we’ll describe the property cache mechanics and show you how to write scripts that use several ADSI methods and properties to add individual values, add a set of values, walk through the property cache, and write modifications to the cache and to the directory. Although these examples access the Lightweight Directory Access Protocol (LDAP) namespace, you can just as easily substitute the WinNT namespace in any of the scripts and run them against Windows NT servers.

Details of the property cache interfaces can be found at the MSDN Library (http://msdn.microsoft.com/library/) by clicking through the following links: Networking and Directory Services → Active Directory, ADSI, Directory Services → SDK Documentation → Directory Services ...