Become a Columnist Microsoft Exchange Site Microsoft Support SiteMSDN Exchange Site

   

Subscribe to OutlookExchange
What's New
Columnist
Anderson Patricio
Ann Mc Donough
Bob Spurzem
Brian Veal
Catherine Creary
Cherry Beado
Colin Janssen
Collins Timothy Mutesaria
Drew Nicholson
Fred Volking
Glen Scales
Goran Husman
Guy Thomas
Henrik Walther
Jason Sherry
Jayme Bowers
John Young
Joyce Tang
Justin Braun
Konstantin Zheludev
Kristina Waters
Kuang Zhang
Mahmoud Magdy
Martin Tuip
Michael Dong
Michele Deo
Mitch Tulloch
Nicolas Blank
Pavel Nagaev
Ragnar Harper
Ricardo Silva
Richard Wakeman
Russ Iuliano
Santhosh Hanumanthappa
Steve Bryant
Steve Craig
Todd Walker
Tracey J. Rosenblath
Development
More Resources
Software
Other Links
 
   

Where's the Web Admin Page for the AD?
Page 1 | Page 2 | Page 3

Where's the Web Admin Page for the AD?

For the last code and info goto: http://info.izzy.org/Technical/AD%20%20Exchange/ADEAdmin/

Since AD was released I have been waiting for Microsoft to provide a basic user administration tool for AD and Exchange.  But six years later they still haven't and I haven't been able to find a free tool that does what I have been looking for.  Various 3rd parties, including NetIQ whom I used to be a product manager for, do include web consoles for their tools.  While at NetIQ I oversaw the development of their AD & Exchange rules based administration tool, which does include a great web console.  But these tools are not free.  After searching around the Internet for a web based user admin tool and not finding one I finally decided to write my own. Here is the basic look.

Requirements for a Web Admin Page

My primary requirement was to provide the ability to create new users in the AD based on 'template' accounts.  When a new user account is created I wanted to have some of the properties of the template account copied to the new account, like company name.  To support this I decided to store the list of attributes I wanted to be copied in the Notes: field (info in LDAP) of the template account.  In addition, I wanted to always copy the groups the template account was a member of and its location (OU) in the AD.  The last requirement I had was to have the ability to mail enable or mailbox enable the new user. 

Using a Template Account

The template accounts should be created in the OU where you want new users accounts to be create, it should not be mail or mailbox enabled.  Add the template account to the groups you want new users based on it to be a member of.  If you plan on mail or mailbox enabling new users put in the smtp domain name, just the part to the right of the @ in the E-mail: (mail) field, for example izzy.org.  This domain name will be used when mail or mailbox enabling the new user.  Enter the pre-Windows 2000: (samAccountName) of the template account, this will be used in the ASP page to find the template account.  On the Telephones tab enter all of the attributes you want copied from the template account to the new user accounts in the Notes: (info) field.  Separate them with a comma, i.e. description,department,company.  The current version of the code only supports single valued string based attributes.

Code Logic

The code below is from 'DoWork.asp', first off I am just a 'hack' ASP\HTML coder and would be more than happy to work with an expert in this area to make the ASP pages look and act better.  'CreateUser.asp' is a basic form that prompts the user for the required fields to create a user account, a few options fields, and if the new user account should be mail or mailbox enabled.  If the user is going to be mail enabled the user must enter an external e-mail address.  CreateUser.asp calls DoWork.asp.
 

Where's the Web Admin Page for the AD?
Page 1 | Page 2 | Page 3

Disclaimer: Your use of the information contained in these pages is at your sole risk. All information on these pages is provided "as is", without any warranty, whether express or implied, of its accuracy, completeness, fitness for a particular purpose, title or non-infringement, and none of the third-party products or information mentioned in the work are authored, recommended, supported or guaranteed by Stephen Bryant or Pro Exchange. OutlookExchange.Com, Stephen Bryant and Pro Exchange shall not be liable for any damages you may sustain by using this information, whether direct, indirect, special, incidental or consequential, even if it has been advised of the possibility of such damages.

Copyright Stephen Bryant 2008