Tag: active directory

Reverse DNS IP Address Lookup

This example illustrates how to get the machine name from an IP address using a reverse DNS lookup.

Imports System
Imports System.Net

Public Class Form1

Private Sub Form1_Load(sender As System.Object, e As System.EventArgs) Handles MyBase.Load
Dim arr() As String
Dim WS As String = “”

Dim addr As IPAddress = IPAddress.Parse(“155.110.10.65”)
Dim entry As IPHostEntry = Dns.GetHostEntry(addr)
Console.WriteLine(entry.HostName)

arr = Split(entry.HostName, “.”)
WS = arr(0)
Console.WriteLine(WS)

End
End Sub
End Class

Determine if a user belongs to a particular AD Group

This is the easiest way to determine if a user belongs to particular Active Directory user group using VB.NET without having to enumerate through all the user’s groups.

Public Function IsInGroup(ByVal GroupName As String) As Boolean
 Dim MyIdentity As System.Security.Principal.WindowsIdentity = System.Security.Principal.WindowsIdentity.GetCurrent()
 Dim MyPrincipal As System.Security.Principal.WindowsPrincipal = New System.Security.Principal.WindowsPrincipal(MyIdentity)
 Return MyPrincipal.IsInRole(GroupName)
End Function

Authenticate User to Security Group

Imports System.Security.Principal

Public Class Form1
Public id As WindowsIdentity = WindowsIdentity.GetCurrent()
Public User As WindowsPrincipal = New WindowsPrincipal(id)

Private Sub Form1_Load(sender As System.Object, e As System.EventArgs) Handles MyBase.Load
Dim flg As Boolean = User.IsInRole(“Domain\Security Group”)

Select Case flg
Case True
MsgBox(“I am a member of the group”)
Case False
MsgBox(“Not a member”)
End Select

End
End Sub

End Class

LDAP Active Directory User Object Properties/Attributes

LDAP Active Directory Properties/Attributes
LDAP Property Description
DN DN Stands for distinguisehd name. This is the unique identifier for any object in AD. An example value would be:

CN=Joe User, OU=Las Vegas, DC=mycompany,DC=com

Note that when identifying a DN value in your script you will likely be required to enclose the line above with double quotes (“) so it would look like this:

CN=Joe User, OU=Las Vegas, DC=mycompany,DC=com

CN CN = Joe User
CN stands for Common Name. This property is a combination of the givenName and SN attributes joined together
displayName displayName = Joe User
Note that displayName and CN are often confused for each other.
description Note that this is different from displayName
givenName The first name of the user
homeDrive Home Folder
name name = Joe User. The same as CN
ObjectClass objectClass = User
Identifies what type of object is selected. Other values are: Computer, orgnizationalUnit, container, group
objectCategory objectClass = Person
Defines what schema category that object belongs to.
physcialDeliveryOfficeName The office field of the user property
profilePath Roaming profile path: connect. Setup is a bit tricky
sAMAccountName sAMAAccountName = jUser
This is an old NT 4.0 logon ID. This value must be unique in the domain.
SN SN = User
This is the last name of the user. SN stands for surname
userAccountControl This property is used to enable or disable a user account. A value of 514 means that account is disabled. A value of 512 means the account is enabled.
userPrincipleName userPrincipleName = juser@lasvegas.com
This property is useful for logging in a large forest Active Directory architecutre. This is also a unique property throught the forest. This property is often abbreviated as UPN.
mail mail = juser@lasvegas.com
the email property of the user
C Country or Region
company Name of Company or Organization
department Department
homephone
l Location. Used mainly with printers
That is a lower case (L)
manager
mobile Cell phone or mobile phone number
OU Orgnizational Unit
postalCode Zip or post code
st State or province
streetAddress Street address, not including country or state
telephoneNumber Office Phone
dNSHostName
rID
url
uSNCreate
uSNChanged
tokenGroups A computed attribute that contains the list of SIDs due to a transitive group membership expansion operation on a given user or computer. Token Groups cannot be retrieved if no Global Catalog is present to retrieve the transitive reverse memberships.

More Info

.NET Active Directory – Understanding LDAP Active Directory User Object Properties/Attributes.

Active Directory Users & Computers Snap-in for Windows 7

Remote Server Administration Tools for Windows 7 with SP1 enables IT administrators to manage roles and features that are installed on computers that are running Windows Server 2008 R2, Windows Server 2008, or Windows Server 2003, from a remote computer that is running Windows 7 or Windows 7 with SP1.

The first thing to do is download and install the tool kit from Microsoft:

http://www.microsoft.com/en-us/download/details.aspx?id=7887

Next, from your control panel, turn on the Windows features as shown below:

ADUC-1

ADUC-2