4.14. Creating a Dynamic Object

Tip

This recipe requires the Windows Server 2003 forest functional level.

Problem

You want to create an object that is automatically deleted after a period of time unless it is refreshed.

Solution

Using a graphical user interface

At the time of publication of this book, neither ADSI Edit nor LDP supported creating dynamic objects.

Using a command-line interface

Create an LDIF file called create_dynamic_object.ldf with the following contents:

dn: cn=jsmith,cn=users,dc=rallencorp,dc=com
changetype: add
objectClass: user
objectClass: dynamicObject
entryTTL: 1800
sAMAccountName: jsmith

then run the following command:

> ldifde -v -i -f create_dynamic_object.ldf

Using VBScript

' This code creates a dynamic user object with a TTL of 30 minutes (1800 secs)
set objUsersCont = GetObject("LDAP://cn=users,dc=rallencorp,dc=com")
set objUser = objUsersCont.Create("user", "CN=jsmith")
objUser.Put "objectClass", "dynamicObject"
objUser.Put "entryTTL", 1800
objUser.Put "sAMAccountName", "jsmith" ' mandatory attribute
objUser.SetInfo

Discussion

The ability to create dynamic objects is a new feature in Windows Server 2003. To create a dynamic object, you simply need to specify the objectClass to have a value of dynamicObject in addition to its structural objectClass (e.g., user) value when instantiating the object. The entryTTL attribute can also be set to the number of seconds before the object is automatically deleted. If entryTTL is not set, the object will use the dynamicObjectDefaultTTL attribute specified in the domain. The entryTTL cannot be lower than the dynamicObjectMinTTL for the domain. See Recipe 4.16 for more information on how to view and modify these default values.

Dynamic objects have a few special properties worth noting:

  • A static object cannot be turned into a dynamic object. The object must be marked as dynamic when it is created.

  • Dynamic objects cannot be created in the Configuration NC and Schema NC.

  • Dynamic objects do not leave behind tombstone objects.

  • Dynamic objects that are containers cannot have static child objects.

See Also

Recipe 4.15 for refreshing a dynamic object, and Recipe 4.16 for modifying the default dynamic object properties

Get Active Directory Cookbook now with the O’Reilly learning platform.

O’Reilly members experience books, live events, courses curated by job role, and more from O’Reilly and nearly 200 top publishers.

Start your free trial