Active Directory Attribute Management

 

One of the drawbacks to the conventional method used by Hyena and nearly all Microsoft applications when managing Active Directory objects is the presentation of a dialog box to request user input.   Some of the disadvantages to the standard GUI dialog for managing Active Directory include:

Hyena's new Active Directory Attribute Management functions are designed to overcome these limitations and provide new capabilities for direct access and manipulation of AD objects.  By utilizing advanced techniques and optimized directory access functions, this new capability will greatly enhance AD management, especially where multiple attributes need to be modified on a large collection of directory objects. This new function uses a simple multi-step process of selecting and updating AD attributes:

 

Step 1 - Select the directory objects to update.

 

Directory objects can be selected in either Hyena's left or right windows.  To select multiple objects, multi-select them in Hyena's right window. To access the new Attribute Management functions, simply select Manage Directory Attributes... from the context menu of any Active Directory object.  For computer objects, this function can be found on the Directory Functions menu.  

 

Step 2 - Select the directory object attributes to manage.

 

The 'Select Active Directory Attributes' dialog allows three (3) options to view the attributes of the selected object(s):

 

Option 1 - 'Show all Active Directory attributes present in the directory' - This option will only retrieve the attributes that exist in the directory.  Note that Active Directory does not allow the storage of a NULL or 'blank' value for any attribute.  If, for example, you wish to update the 'MiddleName' attribute for a user account, and the middle name has never been assigned, the 'MiddleName' attribute will not exist.  Options 2 or 3 (below) will need to be used.
 

Option 2 - 'Show all attributes defined in the schema for selected object(s)' - This option will retrieve all attributes that are assigned any values for the selected object(s), plus also display any attributes defined in the schema that currently don't have any values assigned to them.  This option is the same as selecting option 3 (below) and selecting all defined schema attributes.
 

Option 3 - 'Only show these attributes:' - Use this option to select any number of attributes that exist in the directory schema for the type of object selected.  Use the Attribute Filters... button to save/recall a previous set of attributes.

 

Step 3 - Modify the selected attributes.

 

To modify an attribute, select it, and double-click or click the Modify... button.  If Hyena supports modification and/or viewing of the attribute data type, the Modify Directory Attribute Value dialog will be displayed.

 

Modification of Single-Valued Attributes

 

When modifying single-valued attributes, simply enter a new value as indicated (text, number, or true/false).  To clear (remove) a value, check the Clear (remove) directory attribute for selected object(s) option.

 

Modification of Multi-Valued Attributes

 

Multi-valued attributes in Active Directory can be updated in several ways.  The options on the 'Modify Directory Attribute Value' dialog when updating multi-valued attributes are:

 

Update - Select this option to REPLACE the contents of all selected directory objects with the new value(s).

Append - Select this option to add one or more values to the existing values of all selected directory objects.

Delete - Select this option to remove (delete) one or more values from the existing values of all selected directory objects.

Clear - This option will completely remove the attribute and data from all selected directory objects.

 

Click OK to complete this step.

 

If a value is modified or cleared, the icon next to the attribute name will be changed.  To modify additional attributes, repeat this step.

 

Step 4 - Commit attribute modifications to Active Directory.

 

To commit (save) the newly modified attribute values for the selected directory object(s), click OK.  To abandon the changes, click Cancel.

 

Using Previous/Next Buttons to Navigate Selected Directory Objects

 

When MULTIPLE directory objects are displayed in Hyena's right window, and a SINGLE directory object is selected and the Manage Directory Attributes... option is chosen, Hyena will place Previous and Next buttons on the Active Directory Object Attributes dialog.  These buttons provide a convenient way to show the attributes for the next/previous objects displayed in the right window.   

 

IMPORTANT NOTE: When using the Next/Previous buttons, Hyena will write any changes to the directory when they are clicked.

 

 


Modifying Attributes for Multiple Directory Objects

 

When more than one directory object is selected and the Manage Directory Attributes... option is chosen, Hyena will display a merged set of attributes.  The values will be displayed for attributes that have the SAME value on ALL directory objects.  However, if one or more of the selected objects has a different value (or no value/NULL) for a given attribute, a "Different Values Found" message will be displayed for the attribute value.

 

The Modify Directory Attribute Value dialog can be used to see the value on one or more of the selected objects.  Click the Get All Values button to retrieve and display the values for all selected objects, or click on any single object to see the object's attribute value.  This approach is used by Hyena as a way of minimizing network traffic and maximizing performance, while still providing an option to see the different values for any number of selected directory objects.

 

 

Important Notes and Warnings