O'Reilly logo

Active Directory Cookbook by Robbie Allen

Stay ahead with the world's most comprehensive technology and business learning platform.

With Safari, you learn the way you learn best. Get unlimited access to videos, live online training, learning paths, books, tutorials, and more.

Start Free Trial

No credit card required

4.15. Refreshing a Dynamic Object

Tip

This recipe requires the Windows Server 2003 forest functional level.

Problem

You want to refresh a dynamic object to keep it from expiring and getting deleted from Active Directory.

Solution

In each solution below, an example of adding a user object is used. Modify the examples as needed to refresh whatever object is needed.

Using a graphical user interface

  1. Open LDP.

  2. From the menu, select Connection Connect.

  3. For Server, enter the name of a domain controller (or leave it blank to do a serverless bind).

  4. For Port, enter 389.

  5. Click OK.

  6. From the menu, select Connection Bind.

  7. Enter credentials of a user that can modify the object.

  8. Click OK.

  9. Select Browse Modify.

  10. For Dn, enter the DN of the dynamic object you want to refresh.

  11. For Attribute, enter entryTTL.

  12. For Values, enter the new time to live (TTL) for the object in seconds.

  13. Under Operation, select Replace.

  14. Click Enter.

  15. Click Run.

Using a command-line interface

Create an LDIF file called refresh_dynamic_object.ldf with the following contents:

dn: cn=jsmith,cn=users,dc=rallencorp,dc=com
changetype: modify
replace: entryTTL
entryTTL: 1800
-

then run the following command:

> ldifde -v -i -f refresh_dynamic_object.ldf

Using VBScript

set objUser = GetObject("LDAP://cn=jsmith,cn=users,dc=rallencorp,dc=com")
objUser.Put "entryTTL", "1800"
objUser.SetInfo

Discussion

Dynamic objects expire after their TTL becomes 0. You can determine when a dynamic object will expire by looking at the current value of an object’s entryTTL, which contains the seconds remaining until expiration. If you’ve created a dynamic object and need to refresh it so that it will not get deleted, you must reset the entryTTL attribute to a new value. There is no limit to the number of times you can refresh a dynamic object. As long as the entryTTL value does not reach 0, the object will remain in Active Directory.

See Also

Recipe 4.11 for modifying an object, and Recipe 4.14 for creating a dynamic object

With Safari, you learn the way you learn best. Get unlimited access to videos, live online training, learning paths, books, interactive tutorials, and more.

Start Free Trial

No credit card required