Updated the name attribute using ADSI.

Updated the name attribute using ADSI.

Post by coope » Wed, 17 May 2006 01:42:59


I am writing a c++ property page shell extension for Active Directory
Users and Computers. In my extension I change some attributes that
appear in the name, cn, display-name, and distinquished-name
attributes. When I try to programmatically change the name attribute
nothing happens. The value stays the same. When I try to change the
value through ADSI Edit I receive the message -- The attributre cannot
be modified because it is owned by the system. I am logged in as the
admisitrator. Any help would be greatly appreciated.

Thanks,
Brian
 
 
 

Updated the name attribute using ADSI.

Post by MVP - AD » Wed, 17 May 2006 02:48:52

You need to use the MoveTo method in ADSI to change the RDN attribute, which
for a user is CN. The name attribute will automatically get updated as it
is an alias for the RDN attribute.

The RDN attribute is different from other attributes in that it is used to
control the location in the hierarchy, so it is not changed with a simple
modify like other attributes (displayName, SN, givenName, sAMAccountName,
etc.).

Joe K.

 
 
 

Updated the name attribute using ADSI.

Post by coope » Thu, 18 May 2006 00:26:00

Joe,

Thanks for your help. I've been looking into it and I can't find a
MoveTo method, but I did find a MoveHere method and the documentation
does say it will do renaming of the RDN attribute. But now my question
is how do I access this method with an IDataObject? Is it possible? I
was using ADsGetObject and getting a AdsContainer but I stopped using
that because I wanted to use the same connection that the parent
property sheet was using (one of my requirements) so I am now using:

IDataObject* lpIDataObject;
hr = InitParams.pDsObj->QueryInterface( IID_IDirectoryObject, (LPVOID*)
& lpIDataObject);

I hope this makes sense. I don't have a great understanding of all the
property pages and ADSI stuff. I'm learning but I haven't been able to
find a great source as of yet. Thanks for any help you can give me.

Thanks,
Brian
 
 
 

Updated the name attribute using ADSI.

Post by MVP - AD » Thu, 18 May 2006 05:59:41

I don't really program unmanaged ADSI with C++ much, so I don't have
specific examples either. MoveHere (which is what I meant; sorry :)) is a
method on IADsContainer, so you need to get the object's parent (perhaps
with the IADs::Parent property) and cast that to an IADsContainer to then
call the rename.

I hope that helps some.

Joe K.
 
 
 

Updated the name attribute using ADSI.

Post by coope » Fri, 19 May 2006 00:30:34

Joe,

Thanks for your help. I think I understand what you are saying
but I'm not able to cast the IDirectoryObject to a IADsContainer. I
tried ...

IADsContainer *adpCont = NULL;
hr = InitParams.pDsObj->QueryInterface( IID_IADsContainer, (LPVOID*) &
adpCont);

but that didn't work. I get a run time error that crashes the program
- but no error message. Again any help would be appreciated or if you
can tell me how to better ask this question to get more responses that
would be great as well. Thanks for your time and help.

Thanks,
Brian
 
 
 

Updated the name attribute using ADSI.

Post by MVP - AD » Fri, 19 May 2006 05:00:55

Like I said before, I don't really do C++ ADSI, so I don't know the tricky
bits here. I usually just use .NET. :)

I'm pretty sure you need to get the IADsContainer interface from the parent
object of the leave node using the Parent property on IADs. So, to do that,
I think you need to:
Get IADs from IDirectoryObject
Get the Parent property from IADs to get an object pointing to the parent
Query that for IADsContainer

Hopefully someone who knows C++ ADSI better will chime in to bail me out.
:)

Joe K.
 
 
 

Updated the name attribute using ADSI.

Post by Marc Scheu » Fri, 19 May 2006 13:39:37

> Thanks for your help. I think I understand what you are saying

That won't work - the IDirectoryObject and IADsXXX interfaces are
totally different beasts (late vs. early bound).

IDirectoryObject is great for performance reasons, but unfortunately,
it's rather limited in scope - you can create and delete objects, read
and set attributes, and that's about the end of it.

In order to be able to use IADsContainer.MoveHere, you'll need to do a
late bind to the AD object in question using "GetObject", and cast the
interface you get back to an IADsContainer and then call .MoveHere on
it.

Marc
 
 
 

Updated the name attribute using ADSI.

Post by coope » Fri, 19 May 2006 22:19:35

Marc,

That seems to make sense but one of my requirements is for all
data to use the connection from the property sheet. Will I have to
call ADsGetObject before calling GetObject or will GetObject do the
bind for me? Also, will using GetObject make a new connection to AD?
My problem with ADsGetObject is that it could use cached data but I was
told there is a possibility it would make a new connection. Thanks for
your help. I'm very new to all this and I'm being forced to fumble my
way through.

Thanks Again,
Brian