Your observations are completely correct. You can get to some attributes (properties) only through WinNT and you can get to others only through LDAP and you can get to some through BOTH.
Appendix B in "Windows NT/2000 ADSI Scripting for system administration" by Thomas Eck gives a complete rundown of the attributes and the provider support. This information might be available on the internet. I think the whole book might be online. -----Original Message----- From: Fugleberg, David A [mailto:[EMAIL PROTECTED]] Sent: Friday, May 31, 2002 1:15 PM To: [EMAIL PROTECTED] Subject: [ActiveDir] ADSI: WinNT provider vs LDAP provider Hello all - I've noticed while stealing bits of VBScript from others that sometimes folks use the WinNT provider, while other times they use the LDAP provider. At first, I thought that scripts using the WinNT provider were written for NT4 domains, and just happened to work against AD due to backward compatibility, but that one should use the LDAP provider when targeting AD. Now I'm not so sure...it seems as though there are some properties that are accessible only through the WinNT provider. For example, I can retrieve the password expiration date with the WinNT provider (objUser.PasswordExpirationDate), but not with the LDAP provider. I figured that since the user attributes in AD are a superset of those in the NT SAM, I'd be able to get all of them with the LDAP provider. That doesn't seem to be the case. What do you do ? Do you use a combination of both providers in your scripts ? Are there different property names for the same attributes depending on which provider you use ? Am I just missing something here ? Dave Dave Fugleberg Information Systems Architect Northwest Airlines 612-726-6860 List info : http://www.activedir.org/mail_list.htm List FAQ : http://www.activedir.org/list_faq.htm List archive: http://www.mail-archive.com/activedir%40mail.activedir.org/ List info : http://www.activedir.org/mail_list.htm List FAQ : http://www.activedir.org/list_faq.htm List archive: http://www.mail-archive.com/activedir%40mail.activedir.org/
