First post to start off with in regards to Active Directory –
I have used a couple of methods, both with varying degrees of success.
- Using ActiveX and command line commands
- Using ActiveX and IADs/ADSI
Using the first has the advantage of being able to pass different credentials onto the command, which enables me to run the script as a different user to the one I’m logged in under.
The second method is a bit cleaner to write, but it needs me logged in under a user that has read/write privileges to AD if I want to change anything, but just viewing AD objects is fine however.
Depending on your environment, I have found that either method works. With the first method, you will get command line windows opening up and closing by themselves when executing queries which may or may not annoy you a bit or a lot.
Either way will work though.