ADAM Administration with SharePoint and PowerShell

Welcome!

Recently I worked on finding a simple way to create a web based administrative interface for an ADAM directory. The requirements were to create a simple web based interface to allow business personnel to manage users and groups for an application directory. It was also desirable if this solution would easily integrate with SharePoint.

After doing a little searching on the web, I found a combination that fit the bill.

The Quest AD Management Shell CmdLets – This is a PowerShell Snap-In that allows administration of AD and ADAM. The cmdlets are from Quest Software you can find more info here. I have used them in other scripts and they have come in very handy. To make these work in this solution from SharePoint, the Quest Snapin .dll and it’s dependants need to be copied to the global assembly cache and entered as a safecontrol in the sharepoint web.config.

The iLoveSharePoint PowerWebPart 3.0 – This is a web part which allows the execution of PowerShell code from the web part. This web part is from the CodePlex project iLoveSharePoint by Christian Glessner. I was impressed with this web part. It is easy to install and configure and relatively simple to use.

The PowerWebPart allows you to execute scripts that will render asp.net web controls in the web part. This allows you to retrieve user input from the controls to use as script inputs. The possibilities are endless. For my purposes I only needed a very simple user interface.

I wanted a way to use this for different ADAM partitions so I tried to allow for different configuration scripts. The design I decided on consisted of three levels of scripts one for configuration one for data access and one UI script for each web part.

The code sample below is the configuration and connection script. This script defines the user and group containers and the directory connect and disconnect functions.

The next script is the function library for data access to the ADAM directory.

The next script is an example of a UI script for the web part. When a new PowerWebPart is created a template script is added by default. This script provides a framework and some sample code. Christian also has an add-on which allows you to use PowerGui to edit your script from SharePoint. The entire solution contains one script similar to this for each web part.

The screenshot below shows the complete solution. This method was simple, effective and easy to create. I dot sourced the corresponding web part script and the connection script in each web part.

This is a pretty quick and easy way to expose some simple administrative or user functionality on a SharePoint Intranet.

I hope this helps.

Regards,

Dave

Leave a Reply

Your email address will not be published. Required fields are marked *

7 comments

  1. Hi David,
    I’m pleased to see that you like Power WebPart 🙂
    If your interested I can link your post on the CodePlex page.

    Bye,Christian

  2. dmuegge says:

    Christian,

    I appreciate your contribution. I know a few other places I am going to use it in the future.

    Sure, a link to my post would be great.

    Thanks,

    Dave

  3. Martin says:

    Hi,

    I stll trying to install your ADAM Administration with SharePoint and PowerShell sloution.

    Could you explain how to install the quest dll to GAC and how to set as a safecontrol in the sharepoint web.config?

    Many thanks in advanced.

    Greetings

    Martin

  4. dmuegge says:

    Martin,

    To GAC the Quest DLL you must drag and drop copy the dll from it’s installed location into the %windir%assembly directory.
    You can also use the regasm tool from the .Net framework SDK. Instructions for this method are on MSDN.

    To set a safe control in sharepoint you need to add entries like below to the section of the web config. There should be other entries there already.

    Thanks,

    Dave

  5. Murali says:

    When i add ilovesharepoint (power web part v3.0) on the site it is giving an error “Error on Initialization Exception: Requested registry access is not allowed” for non-admin user. It is giving the error for plain web part, which is downloded from http://ilovesharepoint.codeplex.com/releases/view/18883
    And it is running for server administrator fine.

    Could you update me on this ASAP. It is little urgent.

  6. dmuegge says:

    Murali,

    Without knowing details about your installation. I can only guess at the issue.

    I would check to make sure the control was GAC’d properly and also added to the safecontrols in the SharePoint Web.config. There is some information on this in the comments on this post.

    It is also possible there are some permissions problems in SharePoint or the application eventlog registry key, which gets created for each .Net application was not created properly.

    I hope this helps point you in the right direction.

    Thanks,

    Dave

  7. Murali says:

    Dave,

    Everything is updated as specified in iLoveSharePoint package’s readme.txt file And it is working fine for sharepoint server administrators..
    The below error is simply shown on the webpart itself, it is not added in event log.
    The error message appears while displaying the plain web part, without any custom script.

    “Error on Initialization Exception: Requested registry access is not allowed”

    Let me know if you need any more details on this issue.

    Thanks,
    Murali