Active Directory Topology Diagrammer

I sometimes get very positively surprised by Microsoft. In the work of cleaning and structuring an Active Directory environment we wanted to produce a graphical overview of our current forest. It did not take long before I found Active Directory Topology Diagrammer, which is an absolute perfect tool for this purpose. And it is free!

Active Directory Topology Diagrammer gets the entire AD structure according to the parameters you supply and draws the structure in a Visio document. It does however require Visio 2003 or later installed to be able to do this export.

Comments

User.Identity returns old login name after name change

When a person gets married or makes a name change for some other reason this usually means that the login name for the Active Directory-account changes as well. This is rarely a problem, but it turned out to cause some issues on our web server, where the User.Identity property was still returning the old login name. The user logged on with the new login name, but was identified by the web application as the old login name. The reason this occurs is because the User.Identity property relies on the LsaLookupSids method to convert the user SID to a login name. The method first calls the local LSA-cache , which is not synchronized with the Active Directory. For this purpose a simple reboot of the web server to clear the LSA-cache propably would have sufficed. But since we didn't want to take the application offline rebooting was not an option. Instead, it is possible to set the registry value LsaLookupCacheMaxSize in HKLM\SYSTEM\CurrentControlSet\Control\Lsa. If this val

Binding Enum with DescriptionAttribute in WPF

Binding an enumeration to a ComboBox can be done in several ways. In most cases you don't want to display the value itself, but a more user friendly description. One common approach is to use the DescriptionAttribute on the Enum values to supply a description for each value. This is all possible in a very MVVM friendly way. First step is to add the DescriptionAttribute to the values of the enumeration. public enum MyValues { [Description("First value")] First, [Description("Second value")] Second } To retrieve the description from the enum we use a simple extension method. This method returns the value of the DescriptionAttribute if it exists, otherwise the string representation of the enum value is returned. public static string GetDescription(this Enum value) { var fieldInfo = value.GetType().GetField(value.ToString()); var attribute = fieldInfo.GetCustomAttributes(typeof(DescriptionAttribute), false).FirstOrDefault() as

Programming AD with C#.NET – part 4

Our transition to the System.DirectoryServices.Protocols has in the whole gone very smooth, but there have been some issues with one environment that contains subdomains. Most things are working fine, but writing to a subdomain does not work in the same way as it did before. What is generally bad with the System.DirectoryServices.Protocols is the documentation, which is practically non-existent. But most things can be figured out anyway since most classes just are wrappers for the wldap32.dll, which in turn is way better documented. I would like to have as little bindings to a specific server as possible but still be able to access the domain. In the LdapConnection it is possible to set the identifier to null and use the executing computer as a starting point to find a domain controller. But sometimes I must know that I am using a Global Catalog, and with more and more RODC in the environment I sometimes must know that I am working against a writeable domain controller.

Victor Stodell

Search This Blog