• Triggers for Active Directory (VB)

    Home » Forums » AskWoody support » Productivity software by function » Visual Basic for Applications » Triggers for Active Directory (VB)

    Author
    Topic
    WSDrew
    AskWoody Lounger
    January 4, 2008 at 12:02 am #447417

    I posted this in the Servers forum, but no response yet. I’m looking for a programmatic solution, so I’m trying in this forum too:

    I’ve done a little here and there as far as interfacing with Active Directory programmatically. I’ve gotten pretty used to querying information. But I’ve always wondered if there was a way to set a trigger in Active Directory. I’ll give you an example of what I am talking about.

    We are going to a new Anti-Spam process that is offsite. Our email is routed through another companies servers, and they only send us the non-spam. One of the ‘settings’ that we will eventually turn on, will have that external company drop anything not going to a valid email address within our company. ie, if John Smith has jsmith@mycompanysdomain.com as his email address, but there is no johns@mycompanysdomain.com, this external server will simply drop any addresses that it doesn’t know are valid.

    One method of doing this is to let that external company ‘query’ our Active Directory. Personally, I wouldn’t care about that, but my boss doesn’t want that. So, instead, we will have to add these users to that anti-spam system whenever we add a new email address to a user, or create a new user in AD that has an email address (we’re using Exchange 2003). If we create a user in AD, with a mailbox, they will NOT get any external emails until we (IT) update the anti-spam company with the new address (and user that has the address).

    Now, I know how to do this programmatically, but not the way I’d like. I could build an NT Service in VB, that checks Active Directory for new email addresses (and address to account associations) periodically. If I build the ADSI query right, I could probably get away with doing this once a minute. But what I would LIKE to do, is just have Active Directory ‘alert’ my program when a new address (or a change) has occurred. A trigger. In SQL Server, I can write a trigger for changes in a table. Does Active Directory have anything like this? I use AD a lot, but I’ve never run across a capability like this before.

    Thanks in Advance

    Reply | Quote
    Viewing 1 reply thread
    Author
    Replies
    • WSHansV
      AskWoody Lounger
      January 4, 2008 at 12:12 am #1090998

      I sincerely hope that you’ll get a reply here, but don’t hold your breath. Most members who program work with MS Office, I fear that programming Active Directory is outside their scope (it is definitely outside mine).

      Reply | Quote
      • WSDrew
        AskWoody Lounger
        January 4, 2008 at 12:14 am #1091000

        Thanks Hans. I hope I get a reply too. I haven’t found what I am looking for through google yet. I just need to know if it’s possible.

        Reply | Quote
    • WSjscher2000
      AskWoody Lounger
      January 22, 2008 at 3:44 am #1093581

      We add new users manually at the time of creation. Yes, there is a risk of missing a new alias, but users can tell us pretty quickly if they are unable to receive external email. smile

      With respect to AD, about which I understand very little, can you use auditing to log new/changed objects to an event log and then use a log-monitoring script/program to notify you of those event entries?

      Reply | Quote
      • WSDrew
        AskWoody Lounger
        January 22, 2008 at 3:56 am #1093584

        That’s possible. Honestly, I have code that can get the data I am looking for. Wouldn’t be hard to modify the code so that I can set it as a service to ‘check’ for changes by doing comparisons. I just don’t want to have a service constantly checking AD. I actually have a service I wrote that does check AD for locked user accounts. Runs once a minute….very quick code. There are hooks for all sorts of things, was just hoping there was one for AD.

        Reply | Quote
        • WSBigKev
          AskWoody Lounger
          January 22, 2008 at 2:26 pm #1093624

          (Edited by HansV to make URL clickable – see Help 19)

          I have tried to do something similar to what you are doing only I wanted to connect our AD with our HR system. Same principal. I got the information below from a blog I found somewhere. (Don’t ask me where, it was a while ago). It didn’t help me but have a look and see, you never know.

          From the BLOG.
          The event notification system doesn’t work like that. It would be nice if it did but it doesn’t. The best you can get with event notification is alerted that there was a change on some part of the tree you are watching and no clue as to what that change was. It isn’t the way you really want to do anything unless you are watching a very limited set of objects.

          If you need to do processing based on updates like that you should most likely do something with USN polling. It is one of the three methods MS describes for tracking changes in AD here http://msdn2.microsoft.com/en-us/library/ms677625.aspx%5B/url%5D
          End of BLOG stuff

          Onward and upward.

          Regards,
          Kevin Bell

          Reply | Quote
          • WSDrew
            AskWoody Lounger
            January 22, 2008 at 5:54 pm #1093668

            This shows some promise. Unfortunately, I’m swamped today, I’ve added that site to my favorites. If I figure out a way to ‘hook’ into AD, I’ll post my solution here.

            Reply | Quote
    Viewing 1 reply thread
    Reply To: Triggers for Active Directory (VB)

    You can use BBCodes to format your content.
    Your account can't use all available BBCodes, they will be stripped before saving.

    Your information:




DON'T MISS OUT!
Subscribe to the Free Newsletter
We promise not to spam you. Unsubscribe at any time.
Invalid email address

View the Forum

  • Recent Replies
  • My Replies
  • My Active Topics
  • New Posts in the Last day
  • Private Messages
  • Knowledge Base
  • How to use the Forums
  • All Forums

    • Recent Topics

    My Profile

    March 2025
    S M T W T F S
     1
    2345678
    9101112131415
    16171819202122
    23242526272829
    3031  

    Remembering Woody

     

    Want to Advertise in the free newsletter? How about a gift subscription in honor of a birthday? Send an email to sb@askwoody.com to ask how.

    Mastodon profile for DefConPatch
    Mastodon profile for AskWoody

     

    Home About FAQ Posts & Privacy Forums My Account
    Register Free Newsletter Plus Membership Gift Certificates MS-DEFCON Alerts

    Copyright ©2004-2025 by AskWoody Tech LLC. All Rights Reserved.