This book is intended to help you, the network administrator, make your job somewhat easier by teaching you to script and automate many of your administrative tasks. As you are well aware, mundane chores such as adding user, group, and computer accounts take more time than they should. The tasks of mapping network shares and creating login scripts can’t be left to end users. The best solution follows the saying, “If you want something done right, you have to do it yourself.” The concepts you will learn in this book will aid you in ensuring that the job is done right and will also free some of your valuable time by allowing you to automate some of these tasks.
Microsoft incorporated a set of interfaces known as ADSI, or Active Directory Service Interfaces, into Windows NT, Windows 2000, and the upcoming Windows XP/2002 product. These interfaces allow access to the networking structure of these operating systems as well as other LDAP-compliant network operating systems such as Novell NetWare.
Using ADSI, you have high-level access to network resources and file systems using COMcompliant scripting and programming languages. This means that you don’t need to understand the implications of COM to implement it with the scripting languages available today.
In concert with the information that you will find on ADSI, this book shows you how to use the interfaces with an easy-to-learn scripting language known as VBScript. A few examples use the JScript scripting language as well. The reason for using VBScript and JScript is quite simply that Windows Script Host (WSH), the scripting host environment used in Windows, offers built-in support for both languages. Learning either scripting language will offer you the ability to use WSH and ADSI effectively.
You will find all you need in this book to get started using WSH and ADSI to automate your administrative tasks and perform other functions as well. You will learn how to incorporate multiple jobs into one script and execute the correct job based on input parameters.
There are also two sections on security. The first deals with security of your scripts in terms of what they are permitted to do on a system. This section also discusses the process of digitally signing your scripts to ensure their validity. The second security section deals with the security of ADSI objects. Everything in ADSI is considered to be an object that exists on the system and network. These objects are the printers, drives, users, and computers that make up the network. ADSI security deals with Access Control Entries (ACEs) and Access Control Lists (ACLs), which make up the security access mechanisms for your network resources.