can powershell v2 read SUNONE ldap directory ?

[IT STAFF]

microsoft powershell can read microsoft AD.

How about reading other vendor's directory eg oracle, sunone, etc

[PaulChavez]

Unless someone or those vendors have put together a snapin or module, I doubt
Powershell can do it natively. That said, you can probably do it with .Net
which is almost as good.

I would start with System.DirectoryServices.Protocols namespace.
http://msdn.microsoft.com/en-us/library/system.directoryservices.protocols.aspx

-Paul

[IT Staff]

can anyone give an example on using the directoryservices protocols
namespace ?

"PaulChavez" <PaulC...@discussions.microsoft.com> wrote in message
news:864F98E4-8FCB-480E...@microsoft.com...

[IT Staff]

i've managed to use 3rd party tool, eg netcmdlets to read LDAP directory
service

However if there is a native .net way, kindly advise.

"IT Staff" <jkk...@hotmail.com> wrote in message
news:u%23Kaxt5h...@TK2MSFTNGP02.phx.gbl...

[code man@discussions.microsoft.com AK code man]

Yes, just not using adsi. I use Novell for all my Sun1 administrative tasks.
Check out the following:

$LDAP_USER = "uid=*****,ou=test,o=uaa.alaska.edu,o=isp"
$LDAP_PASS = "******"

[Reflection.Assembly]::LoadFile("C:\dev\Novell.Directory.Ldap.dll")

#set search contraints to enumerate all users
$cons = New-Object $ldap.searchconstraints
$cons.maxresults = 70000
$ldap.constraints = $cons

$filter =
"(&(objectclass=inetorgperson)(|(uid=as*)(uid=ps*)(uid=vs*)(uid=is*)(uid=ds*)))"
$attrs = [Novell.Directory.Ldap.LdapConnection]::No_Attrs #All_User_Attrs
$scope = [Novell.Directory.Ldap.LdapConnection]::Scope_One

$results = $ldap.Search("ou=test,o=uaa.alaska.edu,o=isp", $scope, $filter,
$attrs, $true)

$dnList = @()
while($results.hasMore()) {
$dnList+= [STRING] $results.next().dn
}

#Now you have an array with all the results of your query
#to ready an account you can do this:

$ldap.read("uid=uaatestuser,ou=test,o=uaa.alaska.edu,o=isp").getAttributeSet()

#or if you just want to read a single attrib

$ldap.read("uid=uaatestuser,ou=test,o=uaa.alaska.edu,o=isp").getAttribute("uniqueIdentifier").stringValue

Hope this gives you a good start.

Joe

[AK code man]

#Oh so you want to modify your Sun ldap as well.....

$SUNUSER = "cn=********"
$SUNPASS = "*********"
$SUNLDAP = "****.***.alaska.edu"

[Reflection.Assembly]::LoadFile("c:\dev\novell.directory.ldap.dll") | Out-Null

#connect to ldap
$ldap = new-object Novell.Directory.Ldap.LdapConnection
$ldap.connect($SUNLDAP, "389")
$ldap.bind($SUNUSER, $SUNPASS)

#deleting an entry
$ldap.delete("<dn of object>")

#renaming an objects RDN (ie user account rename)
$ldap.rename($old, $new, $true)

#modifying multiple ldap values, first we create the attributes
$ldapAttrMail = New-Object Novell.Directory.Ldap.LdapAttribute("mail",
$newEmailAddress)
$ldapAttrMailAlternate = New-Object
Novell.Directory.Ldap.LdapAttribute("mailAlternateAddress", $oldEmailAddress)

#next we create the modifications, we need to give them an LdapAttribute
object and an op code, ops are 0=create, 1=delete, 2=modify
$ldapModMail = New-Object Novell.Directory.Ldap.LdapModification("2",
$ldapAttrMail)
$ldapModMailAlternate = New-Object
Novell.Directory.Ldap.LdapModification("0", $ldapAtttMailAlternate)

#now we stuff all the LdapModifications into an ArrayList, yes it has to be
an array #list a regular array won't work so don't try to be cute and do this:
# $myArray = @()
# $myArray+= $ldapModMail
# ....
$ldapModList = New-Object system.Collections.ArrayList
$ldapModList.add($ldapModMail)
$ldapModList.add($ldapModMailAlternate)

#time to make some changes
$ldap.modify($oldDN, $ldapModList)

Hope this helps man, the api can do a bunch of other cool ldap stuff as
well, you can download it from Novell's website. Peace.

Joe

[GM]

Hi Joe,

I have searched high and low for the C:\dev\Novell.Directory.Ldap.dll file -
do you have a link for this file?

Cheers

GM