If you previously saw my post on nuking AD Trees you saw me insert a piece that wasn’t really involved about my friend Brian Desmond trying to copy conflict objects from one Active Directory to another and hitting a bug in AdMod that wasn’t allowing it. Then I later commented that I fixed the bug in AdMod only to find that apparently Active Directory doesn’t even allow you to do add an object with 0x0A in the DN.
Well I was honored to get an email from Don Hacherl (aka Father of AD) who confirmed that yes indeed, creating objects with 0x0A in the DN was disallowed. He has a very logical explanation. The idea is that if they had a conflict, they needed to have a name they could rename an object to that was absolutely guaranteed to be unique so they didn’t get into a recursive naming collision. So they added the GUID to the name which makes it so there is no issue with other DCs causing the collision and then they added the 0x0A and blocked it from being used by “people” to prevent some crafty person from inadvertently or advertently (heh) causing an issue by using the same name.
And as for the release of the new AdFind/Mod… They are still on the way, I got Brian’s issue worked out, but I am still testing some stuff and I added something for Princess for deleting deleted objects… Heh, that is just me being funny… The official term is forcing deleted items to be recycled. I.E. You don’t want the items hanging around anymore so you want them to get scrubbed of attributes and pushed along the process. He also has brought up an interesting issue around removing massive numbers of members from a group that I am looking into. Seems, like deleting massive numbers of objects, there are situations where you can have an issue removing massive numbers of members from a group. Plus I am overly busy with the “real job”. If anyone wants to fix that for me by offering me a really well paying position (work from home, little to no travel, 40- hours a week) which would give me more time to work on cool stuff to help everyone then please email me. Or alternately if you want to give me the winning numbers to the lotto or just outright make me independently wealthy that would be good as well. Most people don’t seem to believe me, but if I were independently wealthy, I absolutely would be writing joeware tools because I love doing it. My sister creates works of art, I create utilities.
joe