By Dan Sumption
|For More Information on ADSI|
|For more information on ADSI be sure to check out the ADSI Article Index on 4Guys! There you'll find a compilation of great ADSI articles scattered across the Web.|
For some reason today I got the strange urge to start playing with ADSI. Several hours and several headaches later, I've put together a few scripts which are proving to be very useful.
First a (very brief) introduction to ADSI (or Active Directory Services Interface) for the uninitiated. It is a way of treating all sorts of "things" (the IIS metabase, Windows NT groups & users, etc.) as if they were object hierarchies. In terms of IIS, this means that you can access an IIS4 object for your machine, which in turn contains objects for each virtual website, which in turn contains objects for each root level directory (virtual or physical) within that website, which in turn (....you get the picture?). There are links to loads of great ADSI resources at http://www.15seconds.com/focus/ADSI.htm .
Because ADSI is pretty powerful stuff, you will need administrative privileges to run a script accessing ADSI objects. To set an ASP page to run with administrative priviliges, drill down to that page in the IIS console, select Properties, then on the File Security tab click Edit under Anonymous Access and Authentication Control. Clear the field that says "Allow Anonymous Access". If you are running the script on your local machine or over an NT network, check Windows NT Challenge/Response and the script will run as long as you are logged in using an account with administrative privileges. Otherwise you will have to check Basic Authentication (beware - this means that people can potentially sniff out your administrative passwords) and type in your administrative username and password when you visit the page.
Now then, onto the reason I thought I ought to get to grips with ADSI... I administer a server running about 20 websites, which I only have remote access to over a dial-up line. This can make things like fiddling around with the IIS admin console a little sl.o.o.o.o.o.o.o.o.w. Also, I tend to make a lot of changes to the default website setup, then when I go in and create another new website I have to try and remember all of the defaults that I changed last time, so that I can get them right again.
To ease both of these problems, I decided to write a program which could script the creation of websites by copying an existing website and changing key parameters. In my case the parameters I changed were the descriptive name of the website, ServerComment, and the IP address/Port/Header name that the site listens on, ServerBindings. You can add to these any other ADSI properties of a virtual website just by digging around a little in the ADSI references. The program I came up with is in the file ADSICreateNewSiteUsingCopy.asp
During the process, I had to play around a bit to find out where different properties were actually stored - in doing so I came up with the file ADSISiteParameters.asp which should list all of the properties of a virtual website, when fed with that site's W3SVC instance number (hint: to find the W3SVC instance number, take a look at the Web Site properties - on the Web Site tab, click "Properties" in the Enable Logging box - at the bottom of the window that pops up there is a file name, something like W3SVC8\exyymmdd.log - the number straight after the W3SVC - in this case 8 - is the instance number. I'm sure there must be an easier way than that, but I'm damned if I can find it). Before you ask, no I didn't write that 100k of repetitive code myself - I wrote a little Perl script, fed it the Microsoft documentation for a WebServer ADSI object, and let it write the code for me.
Finally, as I was having so much fun with ADSI, I thought I'd write another script to fix a bug which keeps annoying me. My document mappings are rather different from the default "Default.asp,Default.htm" supplied by Microsoft - for starters, having grown up with a variety of web-servers I prefer to use the more standard index.html as my default document. However, once in a while IIS4 will crash and reset the mappings on all of my sites to "Default.asp,Default.htm". As I mentioned, fixing this via the console can be slow and tedious, so I wrote ADSIResetDefaultDocuments.asp which steps through each virtual website on the machine, and resets the default documents to whatever list you prefer (in my case "Default.asp,index.html,index.asp,index.htm,Default.htm")
Some of this stuff can seem a little other-wordly to someone just used to performing the odd string or database manipulation, but it's quite straightforward once you start to get to grips with it, and if like me you more than one or two sites to administer then it can both save time and help to keep things standardised.
Dan Sumption can be reached at the following email address: email@example.com.