Chapter 24. Working with Active Directory Using ADSI and PowerShell
ADSI—the Active Directory Services Interface—allows you to query directory services. Three different kinds of directories are commonly used in the Microsoft world:
WinNT allows access to the local computer, and Windows NT (pre–Windows 2000) domains.
LDAP accesses an Active Directory Domain Controller using the LDAP protocol.
GC accesses an Active Directory Global Catalog server.
A Quick Introduction to Active Directory
Active Directory is a replicated database that holds information about objects that are to be centrally managed—for example, Users, Groups and Computers. The set of object classes that can be stored is extensible, so anything that needs to be managed centrally can have an object definition added to AD. Exchange 2000 was the first major application to use Active Directory to store its information. It uses AD as its mail directory and defines extra classes for mail stores, gateways, and so on.
In addition to classes, AD defines a set of attributes (properties) for those classes. The set of attributes is also extensible. Any attribute can be added to any existing class. So, for example, Exchange does not define a new class for a mail-enabled user. Instead, the attributes that it needs—the users' mail addresses, where their mailboxes ...
Get Microsoft® PowerShell, VBScript and JScript® Bible now with the O’Reilly learning platform.
O’Reilly members experience books, live events, courses curated by job role, and more from O’Reilly and nearly 200 top publishers.
