Windows NT/2000 ADSI Scripting for System Administration

   
Creating the IIsFTPManagement Class Module

In this section, you will continue the creation of the IIsAdmin.DLL COM server application you started in Chapter 8,"Programmatic Management of the IIS Metabase."

Example 10.1 Creating the IIsAdmin.DLL COM Server Application: The IIsFTPManagement Class Module

  1. Open the IIsAdmin ActiveX DLL Visual Basic project that was started in Chapter 8. You can also download the project from http://www.newriders.com/adsi.

  2. If you are adding to the IIsAdmin project, add a new class module to the project. If this is a new project, be sure to set a reference to Active DS Type Library.

  3. Name the new module IIsFTPManagement .

  4. Enter the following code into the General Declarations section of the class module:

    Public Function ManageIdentityProperties(ByVal TargetComputer As String, ByVal SiteIndex As Integer, ByVal IdentityProperty As String, ByVal Action As String, Optional ByVal NewValue As String) As Variant Dim Site As IADs Set Site = GetObject("IIS://"&TargetComputer&"/MSFTPSVC/"&SiteIndex) Select Case UCase(Action) Case "QUERY" Select Case UCase(IdentityProperty) Case "DESCRIPTION" ManageIdentityProperties = Site.ServerComment Case "MAXCONNECTIONS" ManageIdentityProperties = Site.MaxConnections Case "TIMEOUT" ManageIdentityProperties = Site.ConnectionTimeout End Select Case "SET" If NewValue <> " Then Select Case UCase(IdentityProperty) Case "DESCRIPTION" Site.ServerComment = NewValue Site.SetInfo If Err.Number = 0 Then ManageIdentityProperties = True Case "MAXCONNECTIONS" Site.MaxConnections = NewValue Site.SetInfo If Err.Number = 0 Then ManageIdentityProperties = True Case "TIMEOUT" Site.ConnectionTimeout = NewValue Site.SetInfo If Err.Number = 0 Then ManageIdentityProperties = True End Select End If End Select End Function Public Function ManageServerBindings(ByVal TargetComputer As String, ByVal SiteIndex As Integer, ByVal Action As String, Optional ByVal Element As Variant) As Variant On Error Resume Next Dim Binding As Variant Dim Site As IADs Dim NewElement() As Variant Dim i As Long Dim Entry As Variant Set Site = GetObject("IIS://"&TargetComputer&"/MSFTPSVC/"&SiteIndex) Select Case UCase(Action) Case "QUERY" If IsArray(Site.ServerBindings) = True Then For Each Entry In Site.ServerBindings i = UBound(NewElement) + 1 ReDim Preserve NewElement(i) NewElement(i) = Entry Next ManageServerBindings = NewElement Else ManageServerBindings = Array(Site.ServerBindings) End If Case "SET" If Element <> " Then If IsArray(Element) = True Then For Each Entry In Element i = UBound(NewElement) + 1 ReDim Preserve NewElement(i) NewElement(i) = Entry Next Site.ServerBindings = NewElement Else Site.ServerBindings = Array(Element) End If Site.SetInfo If Err.Number = 0 Then ManageServerBindings = True End If End Select End Function Public Function ManageSecurityProperties(ByVal TargetComputer As String, ByVal SiteIndex As Integer, ByVal IdentityProperty As String, ByVal Action As String, Optional ByVal NewValue As String) As Variant Dim Site As IADs Set Site = GetObject("IIS://"&TargetComputer&"/MSFTPSVC/"&SiteIndex) Select Case UCase(Action) Case "QUERY" Select Case UCase(IdentityProperty) Case "ALLOWANONYMOUS" ManageSecurityProperties = Site.AllowAnonymous Case "ANONYMOUSUSERNAME" ManageSecurityProperties = Site.AnonymousUserName Case "ANONYMOUSUSERPASS" ManageSecurityProperties = Site.AnonymousUserPass Case "ANONYMOUSPASSWORDSYNC" ManageSecurityProperties = Site.AnonymousPasswordSync Case "ANONYMOUSONLY" ManageSecurityProperties = Site.AnonymousOnly End Select Case "SET" If NewValue <> " Then Select Case UCase(IdentityProperty) Case "ALLOWANONYMOUS" Site.AllowAnonymous = NewValue Site.SetInfo If Err.Number = 0 Then ManageSecurityProperties = True Case "ANONYMOUSUSERNAME" Site.AnonymousUserName = NewValue Site.SetInfo If Err.Number = 0 Then ManageSecurityProperties = True Case "ANONYMOUSUSERPASS" Site.AnonymousUserPass = NewValue Site.SetInfo If Err.Number = 0 Then ManageSecurityProperties = True Case "ANONYMOUSPASSWORDSYNC" Site.AnonymousPasswordSync = NewValue'/ Site.SetInfo If Err.Number = 0 Then ManageSecurityProperties = True Case "ANONYMOUSONLY" Site.AnonymousOnly = NewValue Site.SetInfo If Err.Number = 0 Then ManageSecurityProperties = True End Select End If End Select End Function Public Function ManageOperators(ByVal TargetComputer As String, ByVal SiteIndex As Integer, ByVal Action As String, Optional ByVal NewOperator As String) As Variant On Error Resume Next Dim i As Long Dim Entry As Variant Dim NewElement() As Variant Dim Site As IADs Dim ACE As Variant Dim DiscretionaryACL As Variant Set Site = GetObject("IIS://"&TargetComputer&"/MSFTPSVC/"&SiteIndex) Select Case UCase(Action) Case "QUERY" Set SecurityDescriptor = Site.AdminAcl Set DiscretionaryACL = SecurityDescriptor.DiscretionaryACL For Each Item In DiscretionaryACL If Item.AccessMask = 11 Or Item.AccessMask = 262315 Then i = UBound(NewElement) + 1 ReDim Preserve NewElement(i) NewElement(i) = Item.Trustee End If Next ManageOperators = NewElement Case "SET" Set SecurityDescriptor = Site.AdminAcl Set DiscretionaryACL = SecurityDescriptor.DiscretionaryACL Set ACE = CreateObject("AccessControlEntry") ACE.Trustee = NewOperator ACE.AccessMask = 11 DiscretionaryACL.AddAce ACE SecurityDescriptor.DiscretionaryACL = DiscretionaryACL Site.AdminAcl = SecurityDescriptor Site.SetInfo If Err.Number = 0 Then ManageOperators = True End Select End Function Public Function ManageMessageProperties(ByVal TargetComputer As String, ByVal SiteIndex As Integer, ByVal IdentityProperty As String, ByVal Action As String, Optional ByVal NewValue As Variant) As Variant On Error Resume Next Dim i As Long Dim MessageLine As Variant Dim NewElement() As Variant Dim Site As IADs Set Site = GetObject("IIS://"&TargetComputer&"/MSFTPSVC/"&SiteIndex) Select Case UCase(Action) Case "QUERY" Select Case UCase(IdentityProperty) Case "GREETINGMESSAGE" For Each MessageLine In Site.GreetingMessage i = UBound(NewElement) + 1 ReDim Preserve NewElement(i) NewElement(i) = MessageLine Next ManageMessageProperties = NewElement Case "EXITMESSAGE" ManageMessageProperties = Site.ExitMessage Case "MAXCLIENTSMESSAGE" ManageMessageProperties = Site.MaxClientsMessage End Select Case "SET" If NewValue <> " Then Select Case UCase(IdentityProperty) Case "GREETINGMESSAGE" If IsArray(NewValue) = True Then For Each MessageLine In NewValue i = UBound(NewElement) + 1 ReDim Preserve NewElement(i) NewElement(i) = MessageLine Next Site.GreetingMessage = NewElement Else Site.GreetingMessage = Array(NewValue) End If Site.SetInfo If Err.Number = 0 Or Err.Number = 9 Then ManageMessageProperties = True Case "EXITMESSAGE" Site.ExitMessage = NewValue Site.SetInfo If Err.Number = 0 Then ManageMessageProperties = True Case "MAXCLIENTSMESSAGE" Site.MaxClientsMessage = NewValue Site.SetInfo If Err.Number = 0 Then ManageMessageProperties = True End Select End If End Select End Function Public Function ManageDirectory(ByVal TargetComputer As String, ByVal SiteIndex As Integer, ByVal VirtualDirectoryRelativePath As String, ByVal IdentityProperty As String, ByVal Action As String, Optional ByVal NewValue As String) As Variant Dim VirtualDirectory As IADs Set VirtualDirectory = GetObject("IIS://"&TargetComputer&"/MSFTPSVC/"& SiteIndex&VirtualDirectoryRelativePath) Select Case UCase(Action) Case "QUERY" Select Case UCase(IdentityProperty) Case "PATH" ManageDirectory = VirtualDirectory.Path Case "UNCUSERNAME" ManageDirectory = VirtualDirectory.UNCUserName Case "UNCPASSWORD" ManageDirectory = VirtualDirectory.UNCPassword Case "ACCESSREAD" ManageDirectory = VirtualDirectory.AccessRead Case "ACCESSWRITE" ManageDirectory = VirtualDirectory.AccessWrite Case "DONTLOG" ManageDirectory = VirtualDirectory.DontLog Case "MSDOSDIROUTPUT" ManageDirectory = VirtualDirectory.MSDOSDirOutput End Select Case "SET" If NewValue <> " Then Select Case UCase(IdentityProperty) Case "PATH" VirtualDirectory.Path = NewValue VirtualDirectory.SetInfo If Err.Number = 0 Then ManageDirectory = True Case "UNCUSERNAME" VirtualDirectory.UNCUserName = NewValue VirtualDirectory.SetInfo If Err.Number = 0 Then ManageDirectory = True Case "UNCPASSWORD" VirtualDirectory.UNCPassword = NewValue VirtualDirectory.SetInfo If Err.Number = 0 Then ManageDirectory = True Case "ACCESSREAD" VirtualDirectory.AccessRead = NewValue VirtualDirectory.SetInfo If Err.Number = 0 Then ManageDirectory = True Case "ACCESSWRITE" VirtualDirectory.AccessWrite = NewValue VirtualDirectory.SetInfo If Err.Number = 0 Then ManageDirectory = True Case "DONTLOG" VirtualDirectory.DontLog = NewValue VirtualDirectory.SetInfo If Err.Number = 0 Then ManageDirectory = True Case "MSDOSDIROUTPUT" VirtualDirectory.MSDOSDirOutput = NewValue VirtualDirectory.SetInfo If Err.Number = 0 Then ManageDirectory = True End Select End If End Select End Function Public Function ManageIPRestrictions(ByVal TargetComputer As String, ByVal SiteIndex As Integer, ByVal RelativePath As String, ByVal Action As String, Optional ByVal RestrictAction As String, Optional ByVal Restrict As String, Optional ByVal IPSubnet As String) As Variant On Error Resume Next Dim Site As IADs Dim IPSecurity As Variant Dim NewElement() As Variant Dim IPAddress As String Dim ActionType As String Set Site = GetObject("IIS://"&TargetComputer&"/MSFTPSVC/"&SiteIndex& RelativePath) Select Case UCase(Action) Case "QUERY" Set IPSecurity = Site.IPSecurity If IPSecurity.GrantByDefault Then For Each Entry In IPSecurity.IPDeny If InStr(1, Entry, "255.255.255.255") Then i = UBound(NewElement) + 1 ReDim Preserve NewElement(i) NewElement(i) = "Denied IP: "&Replace(Entry, ", 255.255.255.255", ") Else i = UBound(NewElement) + 1 ReDim Preserve NewElement(i) NewElement(i) = "Denied Subnet: "&Entry End If Next For Each Entry In IPSecurity.DomainDeny i = UBound(NewElement) + 1 ReDim Preserve NewElement(i) NewElement(i) = "Denied Domain: "&Entry Next Else For Each Entry In IPSecurity.IPGrant If InStr(1, Entry, "255.255.255.255") Then i = UBound(NewElement) + 1 ReDim Preserve NewElement(i) NewElement(i) = "Allowed IP: "&Replace(Entry, ", 255.255.255.255", ") Else i = UBound(NewElement) + 1 ReDim Preserve NewElement(i) NewElement(i) = "Allowed Subnet: "&Entry End If Next For Each Entry In IPSecurity.DomainGrant i = UBound(NewElement) + 1 ReDim Preserve NewElement(i) NewElement(i) = "Allowed Domain: "&Entry Next End If ManageIPRestrictions = NewElement Case "SET" If Restrict <> " Then Select Case UCase(RestrictAction) Case "GRANTIP" Set IPSecurity = Site.IPSecurity IPSecurity.GrantByDefault = False Site.IPSecurity = IPSecurity Site.SetInfo IPSecurity.IPGrant = Array(Restrict&", 255.255.255.255") Site.IPSecurity = IPSecurity Site.SetInfo If Err.Number = 0 Then ManageIPRestrictions = True Case "GRANTSUBNET" Set IPSecurity = Site.IPSecurity IPSecurity.GrantByDefault = False IPSecurity.IPGrant = Array(Restrict&", "& IPSubnet) Site.IPSecurity = IPSecurity Site.SetInfo If Err.Number = 0 Then ManageIPRestrictions = True Case "GRANTDOMAIN" Set IPSecurity = Site.IPSecurity IPSecurity.GrantByDefault = False IPSecurity.DomainGrant = Array(Restrict) Site.IPSecurity = IPSecurity Site.SetInfo If Err.Number = 0 Then ManageIPRestrictions = True Case "DENYIP" Set IPSecurity = Site.IPSecurity IPSecurity.GrantByDefault = True IPSecurity.IPDeny = Array(Restrict&", 255.255.255.255") Site.IPSecurity = IPSecurity Site.SetInfo If Err.Number = 0 Then ManageIPRestrictions = True Case "DENYSUBNET" Set IPSecurity = Site.IPSecurity IPSecurity.GrantByDefault = True IPSecurity.IPDeny = Array(Restrict&", "&IPSubnet) Site.IPSecurity = IPSecurity Site.SetInfo If Err.Number = 0 Then ManageIPRestrictions = True Case "DENYDOMAIN" Set IPSecurity = Site.IPSecurity IPSecurity.GrantByDefault = True IPSecurity.DomainDeny = Array(Restrict) Site.IPSecurity = IPSecurity Site.SetInfo If Err.Number = 0 Then ManageIPRestrictions = True End Select End If End Select End Function

  5. Compile the code as IIsAdmin.DLL .

  6. Save and close the IIsAdmin project.

Tip

If you do not want to implement your code in a COM object, you can enter the preceding code into a code module in any VB application.

Tip

You can download the Visual Basic 6.0 project or a pre-compiled version of IISAdmin.DLL from http://www.newriders.com/adsi

Using the Functions in IIsFTPManagement

With the IIsFTPManagement class module created, you can access this function from any programming language that supports OLE automation, including Visual Basic, VBScript, and JavaScript.

Tip

To instantiate the object, follow the appropriate syntax found in Chapter 3, "Container Enumeration Methods and Programmatic Domain Account Policy Manipulation." Substitute the IIsAdmin DLL name and IIsFTPManagement class name where necessary.

Use Table 10.3 to help you use the proper syntax for each of the methods of the IIsFTPManagement interface.

Table 10.3. IIsFTPManagement Method Syntax

Action Syntax
Query FTP Site Description

ManageIdentityProperties("Server_Name", 1, "Description", "Query")

Set FTP Site Description

ManageIdentityProperties("Server_Name", 1, "Description", "Set", "New_Description")

Query Maximum Client Connections

ManageIdentityProperties("Server_Name", 1, "MaxConnections", "Query")

Set Maximum Client Connections

ManageIdentityProperties("Server_Name", 1, "MaxConnections", "Set", 100)

Query Connection Timeout

ManageIdentityProperties("Server_Name", 1, "Timeout", "Query")

Set Connection Timeout

ManageIdentityProperties("Server_Name", 1, "Timeout", "Set", "300")

Query FTP Site IP Address and TCP Port

For Each Item In ManageServerBindings("Server_Name", 1, "Query") Debug.Print Item Next

Set FTP Site IP Address and TCP Port

ManageServerBindings("Server_Name", 1, "Set", "xxx.xxx.xxx.xxx:tcp_port")

Query Anonymous Access Allowed

ManageSecurityProperties("Server_Name", 1, "AllowAnonymous", "Query")

Set Anonymous Access Allowed

ManageSecurityProperties("Server_Name", 1, "AllowAnonymous", "Set", True)

Query User Name Used for Anonymous Access

ManageSecurityProperties("Server_Name", 1, "AnonymousUserName", "Query")

Set User Name Used for Anonymous Access

ManageSecurityProperties("Server_Name", 1, "AnonymousUserName", "Set", "Username")

Query Password Used for Anonymous Access

ManageSecurityProperties("Server_Name", 1, "AnonymousUserPass", "Query")

Set Password Used for Anonymous Access

ManageSecurityProperties("Server_Name", 1, "AnonymousUserPass", "Set", "Password")

Query Password Synchronization Configuration

ManageSecurityProperties("Server_Name", 1, "AnonymousPasswordSync", "Query")

Set Password Synchronization Configuration

ManageSecurityProperties("Server_Name", 1, "AnonymousPasswordSync", "Set", True)

Query Anonymous Access Only

ManageSecurityProperties("Server_Name", 1, "AnonymousOnly", "Query")

Set Anonymous Access Only

ManageSecurityProperties("Server_Name", 1, "AnonymousOnly", "Set", True)

Query Site Operators

For Each Item In ManageOperators ("Server_Name", 1, "Query") Debug.Print Item Next

Add Site Operator

ManageOperators("Server_Name", 1, "Set", "User_Name")

Query FTP Site Greeting Message

For Each Item In ManageMessageProperties ("Server_Name", 1, "GreetingMessage", "Query") Debug.Print Item Next

Set New FTP Site Greeting Message

ManageMessageProperties("Server_Name", 1, "GreetingMessage", "Set", Array("Line1", "Line2", "Line3"))

Query FTP Site Exit Message

ManageMessageProperties("Server_Name", 1, "ExitMessage", "Query")

Set FTP Site Exit Message

ManageMessageProperties("Server_Name", 1, "ExitMessage", "Set", "Exit_Message")

Query Maximum Clients Message

ManageMessageProperties("Server_Name", 1, "MaxClientsMessage", "Query")

Set Maximum Clients Message

ManageMessageProperties("Server_Name", 1, "MaxClientsMessage", "set", "too many users right now")

Query Virtual Directory Path

ManageDirectory("Server_Name", 1, "/ROOT", "Path", "Query")

Set Virtual Directory Path

ManageDirectory("Server_Name", 1, "/ROOT", "Path", "Set", "C:\")

Query Remote Virtual Directory UNC User Name

ManageDirectory("Server_Name", 1, "/ROOT", "UNCUserName", "Query")

Set Remote Virtual Directory UNC User Name

ManageDirectory("Server_Name", 1, "/ROOT", "UNCUserName", "Set", "User_Name")

Query Remote Virtual Directory UNC User Password

ManageDirectory("Server_Name", 1, "/ROOT", "UNCPassword", "Query")

Set Remote Virtual Directory UNC User Password

ManageDirectory("Server_Name", 1, "/ROOT", "UNCPassword", "Set", "User_Password")

Query Virtual Directory Read Access Permission

ManageDirectory("Server_Name", 1, "/ROOT", "AccessRead", "Query")

Set Virtual Directory Read Access Permission

ManageDirectory("Server_Name", 1, "/ROOT", "AccessRead", "Set", False)

Query Virtual Directory Write Access Permission

ManageDirectory("Server_Name", 1, "/ROOT", "AccessWrite", "Query")

Set Virtual Directory Write Access Permission

ManageDirectory("Server_Name", 1, "/ROOT", "AccessWrite", "Set", False)

Query Virtual Directory Logging

ManageDirectory("Server_Name", 1, "/ROOT", "DontLog", "Query")

Set Virtual Directory Logging

ManageDirectory("Server_Name", 1, "/ROOT", "DontLog", "Set", True)

Query Virtual Directory Directory Listing Style

ManageDirectory("Server_Name", 1, "", MSDOSDirOutput","Query")

Set Virtual Directory Directory Listing Style

ManageDirectory("Server_Name", 1, "", MSDOSDirOutput","Set", True)

Query IP Restrictions

For Each Item In ManageIPRestrictions ("Server_Name", 1, "/ROOT", "Query") Debug.Print Item Next

Deny All Access Except Specified IP

ManageIPRestrictions("Server_Name", 1, "/ROOT", "Set", "GrantIP", "xxx.xxx.xxx.xxx")

Deny All Access Except Specified Subnet

ManageIPRestrictions("Server_Name", 1, "/ROOT", "Set", "GrantSubnet", "xxx.xxx.xxx.xxx", "xxx.xxx.xxx.0")

Deny All Access Except Specified DNS Domain

ManageIPRestrictions("Server_Name", 1, "/ROOT", "Set", "GrantDomain", "DNS_Domain")

Grant All Access Except Specified Address

ManageIPRestrictions("Server_Name", 1, "/ROOT", "Set", "DenyIP", "xxx.xxx.xxx.xxx")

Grant All Access Except Specified Subnet

ManageIPRestrictions("Server_Name", 1, "/ROOT", "Set", "DenySubnet", "xxx.xxx.xxx.xxx", "xxx.xxx.xxx.0")

Grant All Access Except Specified Domain

ManageIPRestrictions("Server_Name", 1, "/ROOT", "Set", "DenyDomain", "DNS_Domain")

   
Top
Related

Категории