Category Archives: Active Directory

How to Set Up an Ubuntu Active Directory Client

Written by:
Published on
Reply

Here I will explain a solution that worked for me to configure an Ubuntu workstation to authenticate with an Active Directory domain. The workstation was able to browse domain resources (ie, filesystem) without having to log in and it pulled the AD group information from the domain controller. A process was used to map certain groups to Linux (Ubuntu) groups, however extensive verification of the results could not be performed.

Continue reading

Getting password complexity requirements with VBScript and Powershell

Written by:
Published on
Reply

I was helping with a method to check a user’s password against the domain via a program called UMRA. The idea was to use basic JavaScript validation for some of the password checks, but then to send the validation to the server for true verification. There currently is no process for checking a password without first creating the account and checking the error code from Active Directory. I did some searching and found various different methods from Microsoft, but nothing that hit the nail on the head. Then doing one final Google search for “vbscript domain policy” lead me to this website.

Continue reading

Integrating Real-Time SQL Triggers to manage Active Directory Accounts with UMRA

Written by:
Published on
1

Triggers allow a set of SQL code to run on several types of SQL actions, such as INSERT, UPDATE, or DELETE. For instance, upon an INSERT, the SQL engine will call the trigger configured for the INSERT action. The trigger specified will have programming logic to perform actions on other systems. With OLE Automation enabled in SQL, the trigger will have the ability to perform actions using COM objects.

Continue reading

Fixing Home Directories with Powershell

Written by:
Published on
Reply
I had a customer that reported that some of his student’s home folders were missing and ending up on someone else’s account. This is a very bad thing when it comes to large school districts, as you could imagine. I identified the problem immediately and fixed it but that left us with a number of home directories that were already copied to new locations. I had to find the original owners of these directories and produce a list of the owner and the new directory name. In the process I also produced a list of the students where they had a home directory attribute set but the home directory was missing.
Continue reading

Displaying user accounts in an AD Domain using PHP and UMRA

Written by:
Published on
Reply
This article describes how to configure a UMRA project to query an Active Directory domain for all users and return the list with additional information to a PHP website. The website will read the table of user information and display the results.
Continue reading

Integrating Real-Time SQL Triggers to manage Active Directory Accounts with UMRA

Written by:
Published on
Reply
Triggers allow a set of SQL code to run on several types of SQL actions, such as INSERT, UPDATE, or DELETE. For instance, upon an INSERT, the SQL engine will call the trigger configured for the INSERT action. The trigger specified will have programming logic to perform actions on other systems. With OLE Automation enabled in SQL, the trigger will have the ability to perform actions using COM objects. Continue reading

AD GUIDs (UUIDs) – “friendly” vs. “non-friendly” hex

Written by:
Published on
Reply
A colleague of mine asked a very good question about user GUIDs stored in Active Directory. He noticed that a GUID (objectGUID in adsiedit) is displayed in the format: ffffffff-ffff-ffff-ffff-ffffffffffff (8-4-4-4-12), but when shown in the attribute editor it’s displayed in the standard hexadecimal form “FF FF FF FF…”. An automation program we work with displays it in a different format: “fffffffffffff…”. Why are these GUIDs displayed in different formats? Continue reading