How to Use Novell Directory Control (NWDir), Part 1 “How To” Article

How to Use Novell Directory
Control (NWDir), Part 1
“How To” Article
NOVELL APPNOTES
Gary J. Porter
Senior Network Analyst
MindWorks, Inc. of Kentucky
[email protected]
This AppNote provides an overview of the theory behind the Novell ActiveX
control. It shows how to extract and manage existing information, as well as
techniques for adding new objects to the database. The Novell Directory Control
(NWDir) is the key RAD component for accessing NDS from any ActiveX or
COM technology.
Contents:
•
Introduction
•
NDS Programming Using ActiveX
•
NWDir: A Functional Description
•
ActiveX Collections: Their Properties, Methods, and Events
•
Speaking to NDS for the First Time
•
Conclusion
Topics
directory services, NDS eDirectory, ActiveX,
Novell Directory Control (NWDir)
Products
NDS eDirectory
Audience
developers, administrators
Level
intermediate
Prerequisite Skills
familiarity with NWDIR
Operating System
NetWare 4 or 5, Windows 95/98/NT/2000
Tools
Rapid Application Development (RAD)
Sample Code
no
M a r c h
2 0 0 1
43
Introduction
This AppNote introduces you to two of the most exciting and empowering
technologies in computing today: Novell’s eDirectory and ActiveX. We discuss
the logic behind the Novell ActiveX control and show how to extract and manage
existing information, as well as techniques for adding new objects to the database.
The Novell Directory Control (NWDir) is a key RAD component for accessing
NDS from any ActiveX or COM technology.
For purposes of consistency, the tree used for the examples in this AppNote will
mirror the one found in Figure 1.
[ROOT] (NDS_Tree)
O=Novell
Accounts
Engineering
Editorial
Management
Marketing
NTS
Figure 1: The NDS tree used throughout this text.
The History of ActiveX
It may come as a shock to some, but computers haven’t always been able to share
common data amongst the multitude of programs that grace our computer store
shelves. When the personal computer was young, application programs stored
their data in proprietary formats. Even today, many still store their data in private,
sometimes secret formats. This is hardly news. However, in the early days, these
programs didn’t even have the ability to convert data from one program’s data
format to another.
In order to fully appreciate the ActiveX environment, we must take a look at the
developmental path which led to ActiveX. It is interesting how a need to share
data between applications eventually gave us a new level in programming.
44
www.novell.com/appnotes
Dynamic Data Exchange (DDE). Dynamic Data Exchange (DDE) was the first
attempt to provide compatibility between applications that were never meant to
talk to one another. In the DDE model, a DDE server serves data to a requesting
DDE client. The DDE Server is an application program (any application program)
that is DDE-aware. The DDE server part of the application silently sits and waits
for a request from a client; a DDE server only acts on incoming requests. Once the
request is received, the server springs into action.
In this model, both the client application and the server application must be
running at the time of connectivity. Data can be exchanged with any application
that supports DDE linking.
Each request from a client contains a unique identifier consisting of three parts:
•
DDE Application Name
•
DDE Topic
•
DDE Item Name
The application name is nearly always the executable name of a DDE server
application program, the topic refers to a group of data, and the item name refers
to a specific field of data within the group. An example of a DDE unique identifier
might be:
Excel | Sheet1:A1
The shortcomings of DDE are that it is terribly slow, and that it requires both
applications to be running. It’s also difficult to implement correctly. The biggest
downfall, however, is its inability to share data beyond the application’s
capability.
Object Linking and Embedding (OLE) 1. The next step toward ActiveX was
Object Linking and Embedding (OLE), pronounced o’lay. Developed by
Microsoft, OLE 1.0 was a mechanism by which documents could be created
containing different kinds of data elements from multiple sources—also known as
compound documents. In other words, a single document could be produced using
multiple Windows applications—at the same time. Elements from outside sources
become objects inside the document and appear as an icon, a metafile, or simply
text and will retain the original formatting and links to the source application.
Another way to look at it is “in place editing.”
When editing an OLE object, the source application is launched and used to make
the edits. When editing is completed, the object is updated and control is handed
back to the original application. Although this is an elegant solution, it has
limitations. Editing is not possible on a computer that does not have the object’s
source application installed. OLE 1.0 had one focus: creating compound
documents.
M a r c h
2 0 0 1
45
OLE 2/Component Object Model (COM). As you might expect, the next step
was OLE 2.0, which introduced Microsoft’s Component Object Model (COM).
Also added to OLE 2.0 was visual editing, drag-and-drop support, uniform data
transfer, OLE automation, and structured data storage. The idea with COM was to
provide a universal apparatus that would allow an application to provide services
to another application. It provided the first uniformity across platforms by using
OLE as a transport—a form of application object transparency. COM forced the
operating system to think of its applications as objects and had the operating
system act as a registry, of sorts, for these objects.
The complication with COM —the brainchild of the OLE architects—was that it
really addressed more than just compound documents, which was its intended
purpose. However, Microsoft needed branding for this new technology and
decided to use the term OLE as a brand name. Suddenly, everything associated
with OLE or COM was called OLE and this new technology encompassed more
than just compound documents.
Visual Basic Controls (VBX). Visual Basic custom controls (VBX) are 16-bit
OLE controls originally written with Visual Basic. The shortcomings with these
controls are that they must be installed in the search path of the operating system
(they can’t be registered within the operating system), they don’t have inheritance,
and they aren’t polymorphic. They simply aren’t true objects in the objectoriented sense. VBXs also lack a sophisticated interface and don’t have the ability
for property pages.
However, during the heyday of Windows 3.1, VBX controls were state-of-the-art.
They allowed for reusable software components—one of the first steps toward
Rapid Application Development (RAD) programming.
OLE Custom Controls (OCX). OLE custom control (OCX) was Microsoft’s
second-generation control architecture. OCX is a 16-/32-bit independent program
snippet that can be accessed by other programs in a Windows environment.
Introduced with Windows 95, it was used as a bridging mechanism between VBX
controls and a true 32-bit custom control environment. Because these controls
were a hybrid, they were always slow, not to mention difficult to develop.
ActiveX. In 1996, in an attempt to make the technology less confusing,
Microsoft branded the name ActiveX and used it to define COM-based
technologies. OLE was once again assigned the mission of referring only to
compound documents. ActiveX is actually a collection of smaller things. When
thinking of ActiveX, most people are really thinking ActiveX controls. These
controls allow disparate applications, object spaces, or networks to speak together
by calling each other’s methods (discussed later in this section) in a true 32-bit
environment.
COM has continued to grow and is now part of nearly all facets of Microsoft
technology. As you can see, to use the term ActiveX to describe this technology is
not entirely correct.
46
www.novell.com/appnotes
The good news is that within the Windows environment, ActiveX controls offer
an abundance of diversity. Programmers can develop ActiveX controls using
several different languages, including C, C++, Visual Basic, and Java. The best
news is—it’s easy!
RAD (Rapid Application Development)
It comes as no surprise that the term “re-usable” became important during the
1990s. From razor blades to freezer bags to programming—the idea of waste
(whether it be time or money) conjures up a most revolting feeling. In an effort to
reduce costs and speed up the development process, programmers have moved to
a modular or reusable approach to application development. An easy way to
describe RAD is as a mind-set more than anything else. This new way to approach
programming suggests that you forget the old ideas of programming and bring
together all groups associated with a project to make recommendations during the
development phase. RAD even encourages user involvement during the
development phase of a project, which means that this methodology is often used
for corporate in-house development instead of “for-profit” software.
The modularity of the RAD approach makes its use compelling even for
professional applications developers. Using ActiveX and RAD development
tools, applications can now find their way to the desktop at blinding speeds. The
logic behind this new revolution is simple: in order to keep the costs down and
productivity up, the programmer follows four steps—only writing new code when
all else fails:
1.
Re-use existing code.
2.
Modify existing code.
3.
Buy someone’s code.
4.
Write new code.
When the RAD approach to programming was coupled with the need for
graphical or visual tools, rapid prototyping, and cross-application connectivity,
the relationship between ActiveX and RAD was inevitable.
ActiveX is perfect for the RAD environment because it supports a plethora of
development environments, including Visual Basic, PowerBuilder, and Delphi,
among others. Another reason ActiveX has cemented firmly in the RAD arena is
the toolkit methodology that RAD encourages.
M a r c h
2 0 0 1
47
NDS Programming Using ActiveX
The purpose of the Novell ActiveX controls is to wrap more sophisticated calls
and functions into a manageable, easily applied set of properties and methods that
can be used with several scripting languages, such as Microsoft’s Visual Basic
and Delphi.
Terminology
For those already familiar with NDS, it will be necessary to make some minor
adjustments. NDS terminology comes from well-defined schema specifications;
however, there are several name collisions that need to be addressed early on. The
following inter-discipline technology terminology table (yes, I know—I smiled,
too) has been included to help those who are already familiar with NDS
terminology:
NDS
ActiveX
Tree
Directory
Class
Layout
Syntax
Field type
Object
Entry
Attribute
Field
Fully Distinguished Name
Full Name
Relative Distinguished Name
Short Name
I cannot stress how important this table will be to understanding ActiveX
programming, particularly to those who come from an NDS background.
Throughout this article, I will call objects “entries” and attributes “fields.” I will
also call the object’s Fully Qualified Distinguished Name (FQDN)—its FullName
and the Relative Distinguished Name (RDN)—its “ShortName.” Make a mental
note—or perhaps more importantly, make a bookmark on this page so you can
quickly refer back to the table. You’ll thank yourself later.
Novell ActiveX Controls
The example programs for this AppNote were written and tested using Novell’s
Controls for ActiveX version 3.0, which contain seventeen separate Novell
ActiveX controls. The following table lists the name and the control.
Note: If one counts the number of controls by name, the total number comes
to sixteen. However, Socket Control is actually two separate controls
listed together, NWSvrSkt and NWCliSkt. Therefore, there are actually
seventeen Novell Controls for ActiveX.
48
www.novell.com/appnotes
Control Name
Control
Application Administration Control
NWAppAdm
Bindery Control
NWBind
Browser Control
NWBrowse
Catalog Administration Control
NWCatAdm
Directory Administration Control
NWDirAdm
Directory Control
NWDir
Internet Directory Control
NWIDir
Network Selector Control
NWSelect
Peer Socket Control
NWPrSkt
Print Queue Administration Control
NWPrtQAdm
Print Server Control
NWPrtSvrAdm
Server Administration Control
NWSrvAdm
Session Control
NWSess
Socket Control
NWSrvSkt, NWCliSkt
User Group Control
NWUsrGrp
Volume Administration Control
NWVolAdm
As you can see from the terms, great functionality is afforded the Novell ActiveX
programmer. In this AppNote, we will concentrate on just one of these controls:
the Directory control (NWDir). The remaining controls offered by Novell are
divided into two categories: visual and non-visual. You have the greatest
flexibility with non-visual controls. You can decide just how a collection or
function is displayed, and when. The visual controls are used mostly to display
elements of a collection, and they allow rapid development of applications that
require search and/or display functions.
Before we begin writing programs, however, we’ll first discuss some of the
ActiveX methods and properties and get a brief description of each of the Novell
Controls for ActiveX.
Application Administration Control (NWAppAdm). The Application
Administration Control lets you design ZENworks applications. With ZENworks,
user applications can be distributed and managed using NDS to store information
about the Application object or the application’s user. This control is designed to
extract the functionality of ZENworks into a powerful, rapidly deployable tool for
application security, application management, and application distribution.
M a r c h
2 0 0 1
49
With the Application Administration Control you can accomplish the following:
•
Create and delete an Application object
•
Modify attributes of an Application object
•
Assign User, Group, and Organization privileges to the Application object
The Application control, by itself, has three properties:
•
FullName
•
ShortName
•
Applications
These properties can be used to set and return information about the entire current
collection. An example might include setting the current context for the control,
which would involve the FullName property.
Bindery Control (NWBind). The Bindery Control manages backup, search, and
restore functions on a server and administrates network entries (users, groups, and
printers). During the days of network immaturity, servers maintained database
collections of their users locally. In NetWare, this local collection is called the
bindery. However, don’t underestimate the value of the bindery control just
because it represents an abstraction of the traditional Novell Bindery database; it’s
very powerful and quite useful in many circumstances.
With the bindery control, you are managing individual entries on a given
server—rather than in NDS, which abstracts the entire tree. However, all
modifications on a given server are automatically updated into NDS. Many
objects from throughout the tree will appear as part of a local bindery database
because of the external reference function. This function is used to make external
objects (objects from outside the local context) appear local to the NDS database.
The Bindery control allows you to:
50
•
Create and delete local users
•
Search and filter entries
•
Manage passwords
•
Perform backup and restore functions on the local Bindery
www.novell.com/appnotes
Browser Control (NWBrowse). The Novell Browser Control is a visual control
that provides the ability to view an NDS tree and Internet directory that supports
either LDAP or NetWare volumes. This control is used in conjunction with one of
the following controls:
•
Novell Directory Control
•
Novell Internet Directory Control
•
Novell Volume Administration Control
Information from any one of these controls can be displayed in any of several
views, including Tree View, List View, Small Icon View, or Report View.
Once the view is populated with entries from any of the above controls, full name
or short name properties from selected entries can be retrieved and displayed. The
Browser control will also return an object from a given coordinate within a given
view. Figure 2 demonstrates this visual control.
Figure 2: The Browser control is a visual control that provides a window
for displaying, browsing or selecting NDS objects.
M a r c h
2 0 0 1
51
Directory Administration Control (NWDirAdm). The Directory Administration
Control allows you to manage NDS partitions and replicas. With this control the
RAD programmer can create and manage partitions including individual partition
replicas. This control can also be thought of as the NDS database administration
control.
Don’t confuse this control with the functionality offered by the NWDir control for
modifying Schema (or Layout) definitions. The Directory Administration control
allows the thinning of the NDS database (partitioning) and the placement of
individual collections on servers (replication). There are essentially six partition
operations possible (although, by strict definition, repairing timestamps can be
considered a seventh). The operations include the following:
Partition functions
Replica functions
Split
Add
Merge
Delete
Move
Change type
This control allows you to:
•
Create (split) or Merge (join) a partition
•
View and modify properties of a partition
•
Create and delete partition replicas
•
Change a server’s replica type
•
Synchronize replicas of a partition
Catalog Administration Control (NWCatAdm). A catalog is a subset of NDS
information stored as a flat-file on selected servers allowing rapid responses to
directory searches. The information in a catalog can be objects, such as users, or it
can be specific attributes of a set of objects. The entire tree or a subsection of the
tree can be represented. A mechanism call a dredger periodically updates the
catalog information from the NDS database.
The Catalog Administration control allows management of NDS catalogs from a
RAD environment for uses that include contextless logins and LDAP catalogs.
The Catalog Administration controls allows:
52
•
Management of the dredger
•
Update of catalog contents
•
Query for the FullName of individual dredgers
www.novell.com/appnotes
Directory Control (NWDir). The Directory control provides an access
mechanism to the most basic structures found in NDS as well as the objects
contained inside these structures. This control abstracts several different data
collections divided into two major categories: Entries and Schema. Entries are the
abstraction of the individual objects in NDS. The Schema refers to a set of rules
governing the object classes (layouts) in the database and the attributes (fields)
associated with each of these layouts. With this control, the RAD programmer
can:
•
Edit NDS Entries
•
Add objects
•
Delete objects
•
Search for objects
This control is also used to modify layouts, also known as extending the schema.
Truly one of the most powerful features of NDS was introduced when the four
principal NDS designers decided to build a structure that could easily be
modified. The layout structure of NDS follows the rules defined by the X.500
standard, but it also allows you extreme flexibility for shaping NDS into a
powerful tool that, in many cases, seems to be built especially for you. That’s
because, now it is.
The Directory Control allows modification of NDS layout in the follow manner:
•
Add new layouts (object classes)
•
Add new fields (attributes)
•
Edit non-base class object and attributes definitions
We will spend a large portion of our time working with the NWDir control, which
I call “the keys to the kingdom.” This allows you the ability to quickly add, delete,
search for, and manage most entries, including NDS schema elements.
Internet Directory Control (NWIDir). This control allows interaction between
the RAD environment and any Lightweight Directory Access Protocol (LDAP)
enabled Internet directory. Using TCP/IP, an LDAP enabled directory exposes
itself through a series of platform independent APIs. The Internet Directory
control, which is LDAP version 3 compliant, provides the functionality to:
•
Search and filter LDAP entries
•
Determine the entry layout and associated fields
•
Return a user name and fields
•
Add, delete and modify LDAP entries
M a r c h
2 0 0 1
53
Note: LDAP is not a directory information base; it is instead, an access method
to an existing X.500 compliant directory or other LDAP enabled directory
database. Information about LDAP can be found at the Internet
Engineering Task Force (IETF) web page at: http://www.ietf.org
RFCs are divided into two major categories: Informational and Standards.
Information about existing and pending standards is listed by Request For
Comment (RFC) number. There are several RFCs dealing with LDAP; the three
most important are listed below:
•
RFC-1487 X.500 Lightweight Directory Access Protocol
•
RFC-1777 Lightweight Directory Access Protocol (v2)
•
RFC-2251 Lightweight Directory Access Protocol (v3)
Network Selector Control (NWSelect). The Network Selector control makes
selecting objects from a collection much easier. Its interface is easy to navigate
providing much more flexibility and functionality for the RAD programmer. This
control is part of a group of controls called visual controls and their primary
purpose is to take the complexity out of writing object browser code. This control
allows visualization of network objects in three basic views:
•
Connections view
•
Details view
•
List view
The control displays both NDS and bindery based objects, and the filtering of
objects for a more focused view. Figure 3 shows an example of the Network
Selector control and the filter function that is built into the control.
54
www.novell.com/appnotes
Figure 3: An example of the Network Browser Control visual control and
its filtering capabilities.
Peer Socket Control (NWPrSkt). The Peer Socket control, is a non-visual
control that provides connectionless socket functionality. The properties and
methods of this control make an in-depth understanding of socket programming
unnecessary. It provides a mechanism for communication in a peer-to-peer
manner between known network addresses. The Peer Socket control allows:
•
Selection of communication protocol
•
Selection of destination address and peer socket
•
Ability to send and receive formatted and unformatted data
•
Open or close a socket with either UDP or IPX protocol
This control is the first to provide broadcast and multicast capabilities in an
ActiveX control.
Print Queue Administration Control (NWPrtQAdm). The Print Queue
Administration control provides properties and methods that allow management
of NetWare print queues. Functionality includes:
•
Viewing and management of print jobs
•
Setting update intervals
•
Displaying status
•
Control how data is sent to a captured LPT port
M a r c h
2 0 0 1
55
With this control, you can also reorder or cancel print jobs and refresh the print
queue.
Print Server Control (NWPrtSvrAdm). This nonvisual control allows
administration of a NetWare print server. The Print Server Administration control
allows setup and management of both local and remote print servers. With this
control, you can:
•
Identify printers and print queues served by the print server
•
Identify users and operators of a print server
•
Determine the status, version and name of a print server
•
Down a print server
•
Hold, abort or restart a print job
This control allows management of all aspects of basic print server functionality.
Session Control (NWSess). The Session control is divided into three categories:
mappings, ports, and login. The login feature of the control launches the Client32
GINA and allows the user to authorize and authenticate to NDS. (The remaining
two controls are very valuable for the ActiveX programmer, but aren’t within the
scope of this AppNote.)
The Session control provides properties and methods that allow you to:
•
Login to the NDS tree
•
Display the current logged in user
•
Logout from the NDS tree
•
Display the current context
•
Display mapped drives
•
Display and set captured printer ports
Remember while using these controls, that the nomenclature used in ActiveX
differs somewhat from that used in NDS, for instance to display the fully qualified
current context name, you use the property object.DefaultFullNameFromTreeName. Remember, the FullName property in ActiveX is equivalent to
Distinguished Name for NDS puritans.
Server Administration Control (NWSrvAdm). The Server Administration
control provides methods and properties that allow the management of NetWare
servers. With this control, we can make changes on the server effecting its
operation and performance. With this control, you can:
56
•
Change server set parameters
•
Load and unload NetWare Loadable Modules (NLMs)
www.novell.com/appnotes
•
Display the server operating system version
•
Execute profiles (NCF files)
•
Broadcast messages
•
Display properties of server connections
Socket Control (NWSrvSkt/NWCliSkt). Socket controls consist of two separate
controls: the server socket (NWSrvSkt) and the client socket (NWCliSkt). The
purpose of this control is to abstract more difficult socket programming
techniques into functional modular code snippets.
The Server Socket control uses either TCP or SPX transport protocols for
development. The server socket is typically used in conjunction with the client
socket control to:
•
Set up the server for listening (for client sockets)
•
Return the server address
•
Indicate the host TCP port or SPX socket
The Client Socket control also uses either TCP or SPX for transport protocols and
is generally used in conjunction with the server socket to:
•
Attach or detach from the host server
•
Identify the server TCP port address or the PSX socket address
•
Communicate with the Server Socket host
User Group Control (NWUsrGrp). The User Group control is a nonvisual control
that allows management of certain NDS User and Group functions. It assists the
administrator by providing easy manipulation of users and groups, including
access rights associated with both layouts. The control allows:
•
Searching for User and Group objects
•
Change properties of Group objects
•
Add or Remove members of a Group
•
Set file rights for a Group object
Volume Administration Control (NWVolAdm). The Volume Administration
control is a very powerful non-visual control that allows control of many of the
tasks associated with the NetWare volume object. Use this control to:
•
Set, view, or change disk space or volume limits
•
Manage trustee assignments
•
View loaded namespaces
•
View total, free, and purgeable disk space
M a r c h
2 0 0 1
57
The Volume Administration Control also allows moving, copying, renaming and
deleting files as well as managing file and directory trustee rights.
NWDir: A Functional Description
The Directory OCX control NWDir abstracts the entire NDS tree, allowing for
object searching, selecting, modification, creation, and deletion. It even allows for
management of the NDS schema by providing procedures to create new object
classes and new field-types, as well as tools for managing existing object classes
and fields. (This will be discussed more thoroughly in an upcoming AppNote.)
Wow! This powerful control is probably the most important of all the Novell
ActiveX Controls.
The Environment
Most programmers dealing with Microsoft products have a thorough
understanding of the terms method and property. But for the sake of those
who are new to the Visual environment, I’ll define them here.
•
Property is an attribute of a control.
•
Method is a function that an object can perform.
What makes these concepts confusing is that they are both tied to the object by
virtue of a dot; for instance: object.FindEntry and object.FullName. Both
examples look similar, but one is a property and the other is a method. Can you
spot each? The first, object.FindEntry, is a method because it represents a
function that the object can perform. The other, object.FullName, is a
property— in this case, the fully qualified distinguished name of the object.
The term property is even more confusing because the term has an alternate NDS
meaning. To minimize confusion, it should be stated that a property, an attribute,
and a field are all the same things with respect to NDS. I will use the terms field,
attribute, and property interchangeably. This is necessary because some of the
reading audience has a strong NDS background (hence the use of the terms
property and attribute), but Visual Basic programmers will be more familiar with
the term field. For the remainder of the AppNote, these terms should be viewed as
the same conceptually, unless otherwise stated. I will use a qualifier to try to
reduce confusion (for example, NDS attribute, NDS property, ActiveX property).
The term field doesn’t have a name collision and will therefore be used
abundantly to describe NDS attributes.
Classes
Most of you are familiar with objects and object classes, so I’ll not bore you with
a long-winded lecture on object-oriented-programming. However, it is necessary
that we review a few of the basics so that we guarantee that common language
exists between us.
58
www.novell.com/appnotes
The concept of the object class allows different kinds of objects, or things, to exist
side-by-side in the NDS tree. Object classes describe the kind of objects that can
exist and the fields that a specific instance of that object class can possess.
Obviously, the User object class is a much different concept than the Print Queue
object class, but some things are common between the two: both share a common
field—the access control list (ACL), among others.
There are hosts of similarities between object classes and there is a reason for this:
in one way or another, all object classes are related. What we are beginning to
unravel is the NDS Schema. It’s not important to completely uncover the Schema
at this point, only to understand some of its terms that will be used to describe
NDS concepts.
Actually, the concept of Object Class in NDS is a bit more complicated than I’m
describing here. Don’t let this statement scare you away, though, the real power of
NDS is its robust and flexible schema.
Collections
A collection is an enumeration of objects or an ordered set of items. The
Collection provides an interface to a grouping of related “things” in NDS. All the
objects defined in the scope of the control are virtual members of the collection.
For instance, the NWDir.Entries property abstracts every object within the
current context. On the other hand, NWDir.Entry is a property that returns object
information about the root-most container object of the current context.
Collections can be defined by a group of similar objects or a single object and its
values.
Properties
As stated earlier, ActiveX Properties represent attributes of the control and every
collection within the control has independent properties. These properties are
different from NDS properties, which are actually fields. Don’t let the
terminology confuse you. Hhowever, it is absolutely imperative that folks new to
ActiveX understand the ActiveX definition for these terms.
Methods
Methods represent various functions that a control can perform. Each collection
and object subordinate to a control has a list of Methods. Most methods used in
the Novell Controls for ActiveX will take arguments. In object-oriented
programming, objects are created from classes. These objects have variables and
methods that belong to them. The variables can be thought of as properties of the
object. The only way to effect change to the variables (properties) is through the
object’s methods, which are specifically designed to modify the properties of the
object.
M a r c h
2 0 0 1
59
Events
An event is an action taken by the system, or a process (such as a mouse click), for
which you can write code to take appropriate action. In the NDS Directory
control, events are often used to indicate the success, or otherwise, of an NDS
update, such as writing to a field or creation of a User object. An event can also be
used to indicate the successful deletion of an object or to indicate the end of an
NDS search.
If you are new to Visual Basic but not new to NDS, some of the terminology may
seem challenging to you at first. If you are new to NDS but not new to Visual
Basic, the NDS concepts will seem just as challenging. In either case, it’s
sometimes difficult to understand a new technology. Since this is the first
AppNote in a series on ActiveX, we will explore and integrate the terminology
used in these technologies. You’ll be amazed how easily programs are written,
and you’ll also be delighted at the flexibility and control afforded the
programmer.
Development Environment
Before we begin, let’s take a look at the hardware and software required to
program with the Novell Controls for ActiveX using Visual Basic. Since there are
several differences from one version of an operating system to another, or from
one set of controls to another, I’ve decided to include both a minimum
dependency list and the desired development environment in the ActiveX section
of this AppNote.
On several occasions, after repeatedly entering example code character-forcharacter with unexpected failure, I’ve asked the question, “What was the
development environment for the AppNote’s author?” I hope that this information
will help explain any unexpected anomalies.
The following is a set of minimum dependencies necessary to perform the tasks
and examples in this AppNote:
•
Computer capable of running a Win32 operating system
•
Microsoft Windows 95/98/NT/2000 workstation
•
Novell NDS-aware network (NetWare 4 or 5, eDirectory on Solaris,
eDirectory for NT, eDirectory for Linux, eDirectory for Windows 2000)
•
Novell Controls for ActiveX
•
Rapid Application Development (RAD) tool such as Microsoft Visual Basic
or Visual Studio
•
Novell Client32
The development environment for this section of the AppNote includes:
•
60
Intel Pentium II 400MHz with 128 Megs RAM
www.novell.com/appnotes
•
Microsoft Windows NT 4.0 SP4
•
NetWare 4.11 SP7a and NetWare 5.0 SP3a servers
•
Novell Controls for ActiveX version 3.0 dated September 30, 1999
•
Novell Client32 version 4.60 SP2
•
Microsoft Visual Studio 6 SP3
ActiveX Collections: Their Properties, Methods, and Events
There are ten collections within the NWDir control. Some are directly accessible
from NWDir while others are collections within collections. In the following
section, I’ll explain these collections and their associated Properties, Methods,
and Events. For each collection listed, I’ll list the properties and explain the most
popular methods.
It might help to remember that, with methods, you’re asking the control to do
something. It’s a bit like approaching an acrobat and asking, “I heard you can do a
backward flip while rotating twice in the air.” The acrobat turns and says, “Okay
ya’ll, watch this!” With properties, you’re asking for a characteristic of the control
(color, size, quantity, and so on).
The response to a query about a property will be formatted as to type. The
properties stored within a control can be of any type, such as:
•
Long
•
Boolean
•
String
•
Index
•
Variant
There are other types, but the ones listed here encompass most of the responses
expected. For each of the properties, I’ve included the response type expected.
There are also nine predefined data field types, also called structured data fields,
which are:
•
NWACL—data representing an Access Control List (ACL)
•
NWEMailAdress—data representing an E-mail address
•
NWNetAddress—network address data
•
NWOctetString—byte strings that are uninterrupted by the Directory
•
NWPath—a file system path.
•
NWPostalAddress—postal address data
M a r c h
2 0 0 1
61
•
NWTimeStamp—time information concerning an event.
•
NWTypedName—field types whose values represent a level and an interval
of an entry
•
NWStream—binary data (usually large amounts of data-but not always)
The structured field types will be discussed in more detail in an upcoming
AppNote.
NWDir
NWDir is the essential control for everything discussed in this AppNote. It is used
to set context (which determines which collections are in view) and enables the
collections that you will use to read information and effect changes. It allows you
to search for entries, filter entries, and, if you’re using NDS version 8
(eDirectory), sort collections according to an index.
The control itself has eleven properties, nine methods, and four events. The
properties are:
•
Entries—(NWEntries Collection)
the entries contained in the current
context of the directory.
•
Entry—(NWEntry object) the root object represented by the current context
or FullName.
•
FieldTypes—(NWFieldTypes collection) the field types or attributes of
the Directory.
•
Filters—(String)
allows searching and display of specific layouts at run
time.
•
FullName—(String)
•
Layouts—(NWLayoutDescription) the object classes or layouts contained in
sets or displays the current context.
the current tree.
•
LoginName—(String)
•
Pictures—(NWPictures collection)
the FullName of the current logged-in user.
a collection of bitmaps that iconize
standard NDS objects.
•
the relative distinguished name of the root most object
of the current context.
•
SortedEntries—(Boolean)
•
SortBy—(String)
ShortName—(String)
sorts the NWEntries collection when set to
TRUE (only available for eDirectory).
sets or returns the index key to sort the NWEntries
collection (only available for eDirectory).
The control provides the following methods:
62
www.novell.com/appnotes
•
ContextFromFullName—returns only
the context portion of a FullName.
•
FindEntry—locates
•
FindNextEntry—returns
the following entry from the list sorted by the key
specified in the FindEntry method (only available for eDirectory).
•
FindPrevEntry—returns
the previous entry from the list sorted by the key
specified in FindEntry (only available for eDirectory).
•
FullNameFromTreeAndContext—Concatenates
and establishes a link to an entry in the Directory.
a given tree name and
context to form a FullName.
•
Search—initiates
a search of the current context and/or its subordinates for a
specific set of elements.
•
StopSearch—stops
•
TreeFromFullName—returns the name of
the search begun by the Search method.
the tree from the FullName
property.
•
SearchLimited—used to narrow a search to a specific element, layout, or
number of objects.
The following events are also available for the NWDir control:
•
•
EntryAdded—triggers when an
EntryDeleted—triggers
entry has been successfully added to the tree.
when an entry has been successfully deleted from
the tree.
•
RefreshViews—triggers
when the current context or tree name has been
modified.
•
SearchCompleted—triggers
when a Directory search has been completed.
Name Methods. I’ve grouped three of the methods into one definition because it
makes more sense to explain them all at once they’re simply different ideas of the
same thing. The FullName property identifies the namespace (NDS:\\), the tree
name (NDS_Tree\), and the context (Novell\Accounts) of the currently selected
“position” in the Directory. FullName is the concatenation of all three
entities—namespace, tree, and context. ContextFromFullName method extracts
the context portion of the current FullName and TreeFromFullName extracts the
tree name from the current FullName.
If the current FullName equals NDS:\\NDS_Tree\Novell\Accounts, the tree name
equals NDS_Tree and the context portion equals \Novell\Accounts. The tree
name is never considered part of the context. Examples of both methods are
shown below:
Object.NWDir1.ContextFromFullName(NWDir1.FullName)
Object.NWDir1.TreeFromFullName(NWDir1.FullName)
The third name method helps us tie these two concepts back into a FullName.The
following syntax is used to accomplish the task.
M a r c h
2 0 0 1
63
Object.FullNameFromTreeAndContext(Tree Name as String, Context as
String)
By supplying valid values for the tree name and context, as shown below, a
complete FullName is generated:
Text1.Text = NWDir1.FullNameFromTreeAndContext("NDS_Tree",
"Novell")
Find Methods. One of the most important functions to learn is how to find
objects in the NDS tree. This section will discuss all three find methods:
FindEntry, FindNextEntry, and FindPrevEntry. The FindEntry method is
uncomplicated and a bit easier to code than the search methods that we'll discuss
later. The syntax of the method is:
object.FindEntry(Name As String)
The FindEntry method can operate at warp speed if NDS 8 (eDirectory) is
installed, by allowing its advanced search features to perform the find. There are
two optional parameters for the eDirectory environment: Key and Value. The key
parameter provides the search method with a link to an NDS 8 index. An example
of a valid key includes Surname, Given Name, CN, and UniqueID. If a “*” is input
for the value parameter, all matching elements will be returned. In the NDS 8
environment, the FindEntry method can be expanded to the following:
object.FindEntry(Name As String, [Key as String, Value As Variant])
FindNextEntry and FindPrevEntry are as simple to use as they sound.
FindNextEntry simply increments to the next element in the list and the
FindPrevEntry method toggles to the previous entry in the list:
Set entry = NWDir1.FindNextEntry
Set entry = NWDir1.FindPrevEntry
Search Methods. This section combines the three search methods: Search,
StopSearch,
and SearchLimited.
The most obvious question you should have at this point is, “What is the
difference between FindEntry and Search?” FindEntry searches for and finds a
specific object in the Directory, while Search returns all entries that match a
specific set of conditions. The ability to specify conditions for the search is very
powerful because it allows for searching for not only object names but for specific
object classes, as well. The search is also defined by its limits, which can be the
objects bound by the current context (Search_Subordinates) or from the current
context down the tree (Search_Subtree). The term Search_Subordinates seems
confusing to some folks until they realize that the focus is the Entry object of the
current FullName. Everything in the current context is subordinate to the Entry
object that represents the root of the current context. The syntax for the Search
method follows:
64
www.novell.com/appnotes
object.Search(NameFilter As String, ClassFilter As String, Scope As
NWSearchScope, StartContext As String, [SearchMode As
NWSearchMode])
where NameFilter is a comma-delimited list of names for the search. ClassFilter is
the Layout, or list of comma-delimited Layouts to be included in the search.
Scope is either Search_Subordinates or Search_Subtree. StartContext is the
FullName of the beginning context for the search. SearchMode, which is optional,
is either SEARCH_SYNCHRONOUS or SEARCH_ASYNCHRONOUS.
The difference between SEARCH_SYNCHRONOUS and SEARCH_ASYNCHRONOUS is
actually rather straightforward. A SEARCH_SYNCHRONOUS search returns
information at the end of the search. A SEARCH_ASYNCHRONOUS search returns
information as it is found, while the search continues in the background.
For both synchronous and asynchronous searches, the problem exists of how to
determine when the search event has completed. This is accomplished with the
SearchCompleted event. When a search is completed this event triggers to
indicate its successful completion. The SearchCompleted event is handled in
code just like a DblClick or a MouseDown or any other event in Visual Basic.
Private Sub NWDir1_SearchCompleted(ByVal Results As Variant)
' Place the items found in a listbox
If IsArray(Results) Then
For Each NDSItem In Results
List1.AddItem NDSItem
Next
ElseIf Results Then
List1.AddItem Results
Else
MsgBox "No Items found"
End If
End Sub
The StopSearch method is used with asynchronous searches. As information is
returned, decisions can be made on the completeness of the search. If certain
events occur, the StopSearch method can be employed to stop the Search:
object.StopSearch
The SearchLimited method is very similar to the Search method. It employs a
limit so that not every member matching a given set of parameters is
returned—only the number of elements matching the limit parameter. The
SearchLimited method only works in an eDirectory environment. If it is used in
a non-NDS 8 environment or if the limit variable is set to zero, every member
matching the remaining parameters will be returned. The syntax of the method is:
M a r c h
2 0 0 1
65
object.SearchLimited(NameFilter As String, ClassFilter As String,
Scope As NWSearchScope, StartContext As String, [SearchMode As
NWSearchMode], [Limit As Long])
Note: The SearchLimited method is used in conjunction with the SortBy and
SortedEntries properties. The SearchLimited method, and SortBy and
SortedEntries properties are eDirectory specific and will only function
correctly in an NDS 8 environment.
Speaking to NDS for the First Time
The best way to learn to program using Novell’s controls for ActiveX is to write a
program. The first one should be simple and useful. For this first program, nothing
will be left to chance; each step will be explained along the way.
Before Visual Basic can access NDS, the Novell Controls for ActiveX must be
loaded and registered on your computer. If you don’t already have the controls,
you can download them from Novell’s Web site at:
http://developer.novell.com/ndk
Select Downloads and search for Novell Controls for ActiveX in the alphabetized
list. You will be downloading OCX.EXE, which contains all the controls. Once
downloaded, launch the program and you will be guided through the process of
registering the controls.
WhoAmI Program
Begin by completing the following steps:
1.
Launch Visual Basic.
2.
Select Standard EXE.
Figure 4 shows the generic startup screen that will be similar to your screen.
66
www.novell.com/appnotes
Figure 4: Visual Basic Integrated Development Editor (IDE) blank project screen
ready to begin editing a Standard EXE template.
From this screen, several ActiveX controls are available by default. They are
represented by the icons listed on the left side of the example in Figure 4.
Before you can begin using the Novell Control for ActiveX, you must
instruct the IDE to include them in the components list.
3.
To do this, click on Project on the menu bar and select Components.
Note: You can also add components by pressing Ctrl-T or by right mouseclicking inside the ActiveX components section and selecting
Components.
4.
Choose Novell Directory Control from the alphabetical listing of ActiveX
controls and select it by clicking in the box provided.
5.
Click on OK to close the Controls menu.
At this point, your program can use the Directory Services control, but only after
you place it somewhere on your form. This may seem a little strange. You may
be thinking, “We have already selected the control. Why can’t we simply begin
using it?”
M a r c h
2 0 0 1
67
That’s a good question, and the answer is simple. There are multitudes of ActiveX
controls available today, and the list is growing. The components menu on the left
of your screen is just that—a menu of possible controls. You could have selected
all the Novell controls at once, although you may not use them in this program. In
order to keep the menu bar functional, only select the control(s) that you intend to
use. Another reason is that most of the controls will allow several instances of
themselves inside a program: NWDir1, NWDir2, and so on. This is only possible
by selecting a component and placing it on the Form page.
Double-click on the Novell Directory Control, represented by the tree icon
displayed in Figure 5, and it will appear on your Form page.
Figure 5: IDE showing the Novell Directory Control on the controls menu
and the same control enabled on the form, Form1.
This establishes a link between Visual Basic and the NDS API set necessary to
carry out any function that you write into your code.
Select the Label tool from the component menu and draw a rectangular box
somewhere on the screen, as shown in Figure 6.
68
www.novell.com/appnotes
Figure 6: Form1 showing a label drawn horizontally and
centered on the form.
Double-click inside Form1 (but not inside the Label1 rectangle) so that the
Private Sub Form_Load function is displayed. Now you are ready to write your
first NDS-aware program. In the Project1 Form1 (Code) section, type in the
following:
Private Sub Form_Load()
Label1.Caption = NWDir1.LoginName
End Sub
Now click on the Start arrow. Figure 7 displays a sample result of the WhoAmI
program.
Figure 7: An NDS aware program displaying the default user's FullName.
With one line of code, you have reached deep inside NDS and extracted
information about yourself. You have asked the network, “Who am I?” and your
program has responded by displaying the NDS namespace, your tree name, your
organization name, your context within the tree, and your userID. Isn’t this
exciting? Moreover, you did it with one line of code!
M a r c h
2 0 0 1
69
The next example is just as simple and informative. This example displays all the
objects that are located within your current context.
Using the same form, add a Listbox just under the label, Label1. Expand it as
shown in Figure 8.
Figure 8: A ListBox just under the label, Label1. Items from
the current context will be displayed in this list.
Double-click on an empty space inside Form1 and add the following code to your
existing code.
Private Sub Form_Load()
Label1.Caption = NWDir1.LoginName
For each Item in NWDir1.Entries
List1.AddItem Item.Shortname
Next
End Sub
When this code is executed, it will display every sibling within your current
context within the List1 ListBox, as illustrated in Figure 9. Note that a simple
modification to display the ShortName (RDN) of all the contents of the current
context was added.
70
www.novell.com/appnotes
Figure 9: The modified WhoAmI program during execution.
These remarkable feats are made possible with just a few simple lines of code.
Imagine what you will accomplish with just a little practice, with the full power of
the NWDir control!
Conclusion
In this first AppNote in a series on the NWDir ActiveX control, you were
introduced to the awesome power and amazing simplicity of using the Novell
Controls for ActiveX to extract eDirectory information. We also wrote a simple
program that utilized both technologies using only a few lines of code.
Future articles will take us on a journey that will expose much of the functionality
of the NWDir control. We will discover and explore the NDS schema along the
way and finally write a Mass User import project that will utilize most of the
functionality of the control. I can’t wait!
Copyright © 2001 by Novell, Inc. All rights reserved.
No part of this document may be reproduced or transmitted
in any form or by any means, electronic or mechanical,
including photocopying and recording, for any purpose
without the express written permission of Novell.
All product names mentioned are trademarks of
their respective companies or distributors.
M a r c h
2 0 0 1
71