Monday 2 October 2017

ActiveDirectory with VBA Part 1 - Installing AD LDS

So in various roles I've written code in production to query a corporate active directory to query for users and check group membership to drive permission logic. In those times, I always had a corporate instance of Windows Server to program against. What happens if you don't have access to a Windows Server using a ordinary desktop edition of Windows? I am using Windows 8.1 Professional Edition.

It might be tempting to download ApacheDS which is free but that cannot be accesed using VBA's GetObject("LDAP://CN=BillGates,DC=microsoft,DC=com").

You will need to use something like a development edition of Active Directory. Fortunately, a lightweight edition does exists, here is an overview of Active Directory Lightweight Directory Services (AD LDS) and here is a quote highlighting the development use case...



Providing a development environment for AD DS and AD LDS

Because AD LDS uses the same programming model and provides virtually the same administration experience as AD DS, it can be a good fit for developers who are staging and testing various Active Directory-integrated applications. For example, if an application under development requires a different schema from the current server operating system AD DS, the application developer can use AD LDS to provide the application with a tailored schema that works for business needs, data requirements, and workflow processes, without altering the configuration of the corporate Active Directory deployment. Developers can work with an AD LDS instance without the need for a complicated setup and later move the application to AD DS. Developers may want a directory that they can easily program to without requirements for extensive setup or hardware support during the development process. This can be achieved through AD LDS as it can easily be installed and uninstalled on any Windows Server 2008 computer. This allows rapid restoration to a clean state during the application prototyping and development process.

Luckily Active Directory Lightweight Directory Services (AD LDS) is an optional component if you are using Windows 8.1 (and hopefully other desktop editions of Windows), from the Metro interface search box type "Windows features" and then select "Turn Windows features on or off" which should be top hit. Then you should see the following dialog box where you can check "Active Directory Lightweight Directory Services"

Once installed, I followed a Technet tutorial about creating an AD LDS Instance and in Part 2. I'll show you my screenshots as I went through the steps.

No comments:

Post a Comment