Scripts amended to include ADLDS functionality

README.md

@@ -1,27 +1,38 @@
 # ADSchema
-A PowerShell Module that can be used to update the schema in Active Directory
+A PowerShell Module that can be used to update the schema in Active Directory or ADLDS
 
 # Installation
-`Install-Module ADSchema`
+Copy module folder and all files to PSModulePath, typically C:\Program Files\WindowsPowerShell\Modules\
+
+In a new PowerShell instance, import the module for use:
+    `Import-Module ADSchema`
 # Example
 
 ```
-New-ADSchemaAttribute -Name asFavColor -Description 'User Favorite Color' -AttributeType String
-New-ADSchemaClass asPerson -AdminDescription 'Person Class to host custom attributes' -Category Auxiliary
-Add-ADSchemaAttributeToClass -Attribute asFavColor -Class asPerson
-Add-ADSchemaAuxiliaryClassToClass -AuxiliaryClass asPerson -Class user
-set-aduser andy -add @{'asFavColor' = 'blue'}
-get-aduser andy -properties asFavColor
+   For Active Directory Administration:
+   New-ADSchemaAttribute -Name asFavColor -Description 'User Favorite Color' -AttributeType String
+   New-ADSchemaClass asPerson -AdminDescription 'Person Class to host custom attributes' -Category Auxiliary
+   Add-ADSchemaAttributeToClass -Attribute asFavColor -Class asPerson
+   Add-ADSchemaAuxiliaryClassToClass -AuxiliaryClass asPerson -Class user 
+   Set-ADuser andy -add @{'asFavColor' = 'blue'}
+   Get-ADuser andy -properties asFavColor
+
+   For ADLDS Administration:
+   Get-ADSchemaAttribute -class asTestClass -attribute asFavoriteColor -ADLDS $True
+   New-ADSchemaAttribute -Name as-favoriteColor -Description 'Favorite Color' -IsSingleValued $true -AttributeType String -AtributeID $oid -$ADLDS $True
+   New-ADSchemaClass -Name asPerson -AdminDescription 'host custom user attributes' -Category Auxiliary -AttributeID $oid -ADLDS $True -ADLDSService myadldsservice:1234
+   Add-ADSchemaAttributeToClass -AuxiliaryClass asTest -Class User -ADLDS $True -ADLDSService myadldsservice:1234
+   Add-ADSchemaAuxiliaryClassToClass -AuxiliaryClass asTest -Class User -ADLDS $True
 ```
 # Overview
-The purpose of this module is to allow users to easily add attributes and classes to the schema of Active Directory. Editing the schema is often a daunting task and requires knowledge of several  details that most people do not think about on a regular basis. 
+The purpose of this module is to allow users to easily add attributes and classes to the schema of Active Directory or to modify the schema of an ADLDS instance. Editing the schema is often a daunting task and requires knowledge of several details that most people do not think about on a regular basis. 
 
 There is also a lot of fear when it comes to manually adding attributes, because it is a task that cannot be undone. Attributes in AD can be disabled, but they cannot be deleted.
 
-Most of the time, an AD Administrator will want to add a handful of attributes to either user or computer objects for some reason or another. Maybe you want to store a computer's warranty expiration date in AD or you want to put some data you have in your HR System in AD for users,but there isn't a good fit with the out of the box attributes. Attributes should typically be named with a prefix. If I was creating a warranty expiration attribute for my computers, I would use soemthing like as-warrantyDate. 
+Most of the time, an AD Administrator will want to add a handful of attributes to either user or computer objects for some reason or another. Maybe you want to store a computer's warranty expiration date in AD or you want to put some data you have in your HR System in AD for users, but there isn't a good fit with the out of the box attributes. Attributes should typically be named with a prefix. If I was creating a warranty expiration attribute for my computers, I would use soemthing like as-warrantyDate. 
 
 Usually, the best practice is to create your new attributes, and then also create a new class. The new class should be an Auxiliary class. This essentially means that it can extend an existing class. 
 
-Once you create the Auxiliary class, you can bind it to an existing class. This is actually something that can be undone, so it reeduces the fear and worry of really messing up your Active Directory.
+Once you create the Auxiliary class, you can bind it to an existing class. This is actually something that can be undone, so it reduces the fear and worry of really messing up your Active Directory.
 
-Last, a quick note about Object Identifiers, also known as OID. OID's are what are used as unique identifiers of schema attributes and classes in Active Directory. They are also used in MIB's for networking. For development purposes, you can generate your own OID's. There is even a function in this module that will do it for you. However, if you are going to extend your production schema, you should register for a Private Enterprise Number. Information on this can be found at http://pen.iana.org/pen/PenApplication.page. 
+Last, a quick note about Object Identifiers, also known as OID. OID's are what are used as unique identifiers of schema attributes and classes in Active Directory. They are also used in MIB's for networking. For development purposes, you can generate your own OID's. There is even a function in this module that will do it for you. However, if you are going to extend your production schema, you should register for a Private Enterprise Number. Information on this can be found at http://pen.iana.org/pen/PenApplication.page. 

en-us/about_adschema.help.txt

@@ -31,12 +31,21 @@ LONG DESCRIPTION
     http://pen.iana.org/pen/PenApplication.page. 
 
 EXAMPLES
+
+   For Active Directory Administration:
    New-ADSchemaAttribute -Name asFavColor -Description 'User Favorite Color' -AttributeType String
    New-ADSchemaClass asPerson -AdminDescription 'Person Class to host custom attributes' -Category Auxiliary
    Add-ADSchemaAttributeToClass -Attribute asFavColor -Class asPerson
    Add-ADSchemaAuxiliaryClassToClass -AuxiliaryClass asPerson -Class user 
    Set-ADuser andy -add @{'asFavColor' = 'blue'}
    Get-ADuser andy -properties asFavColor
 
+   For ADLDS Administration:
+   Get-ADSchemaAttribute -class asTestClass -attribute asFavoriteColor -ADLDS $True
+   New-ADSchemaAttribute -Name as-favoriteColor -Description 'Favorite Color' -IsSingleValued $true -AttributeType String -AtributeID $oid -$ADLDS $True
+   New-ADSchemaClass -Name asPerson -AdminDescription 'host custom user attributes' -Category Auxiliary -AttributeID $oid -ADLDS $True -ADLDSService myadldsservice:1234
+   Add-ADSchemaAttributeToClass -AuxiliaryClass asTest -Class User -ADLDS $True -ADLDSService myadldsservice:1234
+   Add-ADSchemaAuxiliaryClassToClass -AuxiliaryClass asTest -Class User -ADLDS $True
+
 KEYWORDS
-    AD ActiveDirectory Schema
+    AD ActiveDirectory Schema ADLDS

scripts/Add-ADSchemaAttributeToClass.ps1

@@ -17,17 +17,52 @@
 .PARAMETER Class
     The Structural Class you are adding an Auxiliary Class to. 
 
+.PARAMETER ADLDS
+    Boolean - $True to administer ADLDS 
+
+.PARAMETER ADLDSService
+    Hostname and port in format hostname:port
+    Defaults to localhost:389
+
+.EXAMPLE
+    Add-ADSchemaAttributeToClass -Attribute asFavoriteColor -Class User
+    Active Directory: Add the attribute 'asFavoriteColor' to the User Class 
+
+.EXAMPLE
+    Add-ADSchemaAttributeToClass -AuxiliaryClass asTest -Class User -ADLDS $True
+    ADLDS:  Add the attribute 'asFavoriteColor' to the User Class in the default ADLDS instance on localhost:389
+
 .EXAMPLE
-    PS> Add-ADSchemaAuxiliaryClassToClass -AuxiliaryClass asTest -Class User
-    Set the 'asTest' class as an Auxiliary Class of the User Class.
+    Add-ADSchemaAttributeToClass -AuxiliaryClass asTest -Class User -ADLDS $True -ADLDSService myadldsservice:1234
+    ADLDS:  Add the attribute 'asFavoriteColor' to the User Class of an ADLDS instance named myadldsservice:1234
 #>
 
 Function Add-ADSchemaAttributeToClass {
 param(
-    $Attribute,
-    $Class
+    [Parameter(Mandatory=$True)]
+    [String]$Attribute,
+    [Parameter(Mandatory=$True)]
+    [String]$Class,
+    [Parameter(Mandatory=$False)]
+    [Boolean]$ADLDS,
+    [Parameter(Mandatory=$False)]
+    [String]$ADLDSService
 )
-    $schemaPath = (Get-ADRootDSE).schemaNamingContext  
-    $Schema = Get-ADObject -SearchBase $schemaPath -Filter "name -eq `'$Class`'"
-    $Schema | Set-ADObject -Add @{mayContain = $Attribute}
+If (!$ADLDS)
+    {
+        $schemaPath = (Get-ADRootDSE).schemaNamingContext  
+        $Schema = Get-ADObject -SearchBase $schemaPath -Filter "name -eq `'$Class`'"
+        $Schema | Set-ADObject -Add @{mayContain = $Attribute}
+    }
+    ElseIf ($ADLDS -eq $True) 
+    {
+        If (!$ADLDSService)
+        {
+            $ADLDSService = 'localhost:389'
+        }
+        $DirectoryContext = New-Object System.DirectoryServices.ActiveDirectory.DirectoryContext([System.DirectoryServices.ActiveDirectory.DirectoryContextType]::DirectoryServer, $ADLDSService)
+        $schemaPath = [System.DirectoryServices.ActiveDirectory.ActiveDirectorySchema]::GetSchema($DirectoryContext)  
+        $Schema = Get-ADObject -Server $ADLDSService -SearchBase $schemaPath -Filter "name -eq `'$Class`'"
+        $Schema | Set-ADObject -Add @{mayContain = $Attribute}
+    }
 }

scripts/Add-ADSchemaAuxiliaryClassToClass.ps1

@@ -18,23 +18,55 @@
 .PARAMETER Class
     The structural class you are adding an Auxiliary Class to.. 
 
+.PARAMETER ADLDS
+    Boolean - $True to administer ADLDS 
+
+.PARAMETER ADLDSService
+    Hostname and port in format hostname:port
+    Defaults to localhost:389
+
+.EXAMPLE
+	PS> Add-ADSchemaAuxiliaryClassToClass -AuxiliaryClass asTest -Class User
+    Active Directory: Set the asTest class as an aux class of the User class.
+
 .EXAMPLE
-    PS> Add-ADSchemaAuxiliaryClassToClass -AuxiliaryClass asTest -Class User
-    Set the asTest class as an aux class of the User class.
+	PS> Add-ADSchemaAuxiliaryClassToClass -AuxiliaryClass asTest -Class User -ADLDS $True
+    ADLDS: Set the asTest class as an aux class of the User class of the default ADLDS instance on localhost:389
+
+.EXAMPLE
+	PS> Add-ADSchemaAuxiliaryClassToClass -AuxiliaryClass asTest -Class User -ADLDS $True -ADLDSService myadldsservice:1234
+    ADLDS: Set the asTest class as an aux class of the User class of an ADLDS instance named myadldsservice:1234
 
 #>
 
 Function Add-ADSchemaAuxiliaryClassToClass {
     param(
-        [Parameter()]
-        $AuxiliaryClass,
-
-        [Parameter()]
-        $Class
+	[Parameter(Mandatory=$True)]
+    [String]$AuxiliaryClass,
+    [Parameter(Mandatory=$True)]
+    [String]$Class,
+    [Parameter(Mandatory=$False)]
+    [Boolean]$ADLDS,
+    [Parameter(Mandatory=$False)]
+    [String]$ADLDSService      
     )
-
-    $schemaPath = (Get-ADRootDSE).schemaNamingContext  
-    $auxClass = Get-ADObject -SearchBase $schemaPath -Filter "name -eq `'$AuxiliaryClass`'" -Properties governsID
-    $classToAddTo  = Get-ADObject -SearchBase $schemaPath -Filter "name -eq `'$Class`'"
-    $classToAddTo | Set-ADObject -Add @{auxiliaryClass = $($auxClass.governsID)}
+If (!$ADLDS)
+	{
+		$schemaPath = (Get-ADRootDSE).schemaNamingContext  
+		$auxClass = Get-ADObject -SearchBase $schemaPath -Filter "name -eq `'$AuxiliaryClass`'" -Properties governsID
+		$classToAddTo  = Get-ADObject -SearchBase $schemaPath -Filter "name -eq `'$Class`'"
+		$classToAddTo | Set-ADObject -Add @{auxiliaryClass = $($auxClass.governsID)}
+	}
+ElseIf ($ADLDS -eq $True) 
+    {
+        If (!$ADLDSService)
+        {
+            $ADLDSService = 'localhost:389'
+        }
+	    $DirectoryContext = New-Object System.DirectoryServices.ActiveDirectory.DirectoryContext([System.DirectoryServices.ActiveDirectory.DirectoryContextType]::DirectoryServer, $ADLDSService)
+		$schemaPath = [System.DirectoryServices.ActiveDirectory.ActiveDirectorySchema]::GetSchema($DirectoryContext)
+		$auxClass = Get-ADObject -SearchBase $schemaPath -server $ADLDSService -Filter "name -eq `'$AuxiliaryClass`'" -Properties governsID
+		$classToAddTo  = Get-ADObject -SearchBase $schemaPath -server $ADLDSService -Filter "name -eq `'$Class`'"
+		$classToAddTo | Set-ADObject -Add @{auxiliaryClass = $($auxClass.governsID)}
+	}
 }

scripts/Get-ADSchemaAttribute.ps1

@@ -3,22 +3,62 @@
    Gets attributes in an AD Schema
 .DESCRIPTION
    Gets attributes in an AD Schema
+
+.PARAMETER Attribute
+    The attribute that you wish to search for. 
+
+.PARAMETER Class
+    The Structural Class you wish to query. 
+
+.PARAMETER ADLDS
+    Boolean - $True to administer ADLDS 
+
+.PARAMETER ADLDSService
+    Hostname and port in format hostname:port
+    Defaults to localhost:389
+
+.EXAMPLE
+    Get-ADSchemaAttribute -class User -Attribute c*
 .EXAMPLE
-   Get-ADSchemaAttribute -class User -Attribute c*
+    Get-ADSchemaAttribute -class asTestClass -attribute asFavoriteColor
 .EXAMPLE
-   Get-ADSchemaAttribute -class asTestClass -attribute asFavoriteColor
+    Get-ADSchemaAttribute -class User -Attribute c* -ADLDS $True -ADLDSService myadldsservice:1234
+    ADLDS: Get all attributes starting with "c" from the user class from the ADLDS instance named myadldsservice:1234
+.EXAMPLE
+    Get-ADSchemaAttribute -class asTestClass -attribute asFavoriteColor -ADLDS $True
+    ADLDS: Get the attribute named asFavoriteColor from the class asTestClass from the default ADLDS instance on localhost:389
+.EXAMPLE
+    Get-ADSchemaAttribute -class asTestClass -attribute asFavoriteColor -ADLDS $True -ADLDSService myadldsservice:1234
+    ADLDS: Get the attribute named asFavoriteColor from the class asTestClass from the ADLDS instance named myadldsservice:1234
 #>
 Function Get-ADSchemaAttribute {
     param(
-
-        [Parameter()]
-        $Attribute = '*',
-
-        [Parameter()]
-        $Class = 'user'
+    [Parameter(Mandatory=$False)]
+    [String]$Attribute = '*',
+    [Parameter(Mandatory=$False)]
+    [String]$Class = 'user',
+    [Parameter(Mandatory=$False)]
+    [Boolean]$ADLDS,
+    [Parameter(Mandatory=$False)]
+    [String]$ADLDSService
     )
+    If ($ADLDS -eq $NULL)
+    {
     $schema = [directoryservices.activedirectory.activedirectoryschema]::getcurrentschema()
     $attributes = $schema.FindClass($Class).mandatoryproperties 
     $attributes += $schema.FindClass($Class).optionalproperties
     return $attributes | Where-Object {$_.Name -like $Attribute}
+    }
+    ElseIf ($ADLDS -eq $True) 
+    {
+        If (!$ADLDSService)
+        {
+            $ADLDSService = 'localhost:389'
+        }
+    $DirectoryContext = New-Object System.DirectoryServices.ActiveDirectory.DirectoryContext([System.DirectoryServices.ActiveDirectory.DirectoryContextType]::DirectoryServer, $ADLDSService)
+    $schema = [System.DirectoryServices.ActiveDirectory.ActiveDirectorySchema]::GetSchema($DirectoryContext)
+    $attributes = $schema.FindClass($Class).mandatoryproperties 
+    $attributes += $schema.FindClass($Class).optionalproperties
+    return $attributes | Where-Object {$_.Name -like $Attribute}
+    }
 }

scripts/Get-ADSchemaClass.ps1

@@ -8,19 +8,52 @@
 .PARAMETER Class
   The name of the class you want to search for. Supports wildcards
 
+.PARAMETER ADLDS
+    Boolean - $True to administer ADLDS 
+
+.PARAMETER ADLDSService
+    Hostname and port in format hostname:port
+    Defaults to localhost:389
+
 .EXAMPLE
-   Get-ADSchemaClass -Name User
-
-.EXAMPLE
-   Get-ADSchemaClass com*
+	Get-ADSchemaClass -Name User
+ 	Active Directory: Get the user class
+ .EXAMPLE
+	Get-ADSchemaClass com*
+	Active Directory: Get classes starting with "com"
+
+.EXAMPLE	
+	Get-ADSchemaClass -Name User -ADLDS $True -ADLDSService myadldsservice:1234
+	ADLDS: Get the user class from the ADLDS instance named myadldsservice:1234
+
+.EXAMPLE	
+	Get-ADSchemaClass -Name User -ADLDS $True
+	ADLDS: Get the user class from the default ADLDS instance on localhost:389
 #>
 Function Get-ADSchemaClass {
-    param(
-        [Parameter()]
-        $Class = '*'
-    )
-
-    $schema = [directoryservices.activedirectory.activedirectoryschema]::getcurrentschema()
+        param(
+		[Parameter(Mandatory=$True)]
+		[String]$Class = '*',
+		[Parameter(Mandatory=$False)]
+		[Boolean]$ADLDS,
+		[Parameter(Mandatory=$False)]
+		[String]$ADLDSService      
+		)
+If (!$ADLDS)
+	{
+	$schema = [directoryservices.activedirectory.activedirectoryschema]::getcurrentschema()
+    $classes = $schema.FindAllClasses()
+    return $classes | Where-Object {$_.Name -like $Class}
+	}
+	ElseIf ($ADLDS -eq $True) 
+    {
+        If (!$ADLDSService)
+        {
+            $ADLDSService = 'localhost:389'
+        }
+	$DirectoryContext = New-Object System.DirectoryServices.ActiveDirectory.DirectoryContext([System.DirectoryServices.ActiveDirectory.DirectoryContextType]::DirectoryServer, $ADLDSService)
+    $schema = [System.DirectoryServices.ActiveDirectory.ActiveDirectorySchema]::GetSchema($DirectoryContext)
     $classes = $schema.FindAllClasses()
     return $classes | Where-Object {$_.Name -like $Class}
+	}
 }

scripts/Invoke-ADSchemaReload.ps1

@@ -4,11 +4,47 @@
 .DESCRIPTION
     After the schema has been updated, it needs to be reloaded so your updates
     can be seen immediately. 
+
+.PARAMETER ADLDS
+    Boolean - $True to administer ADLDS 
+
+.PARAMETER ADLDSService
+    Hostname and port in format hostname:port
+    Defaults to localhost:389
+
 .EXAMPLE
     PS C:\> Invoke-ADSchemaReload
+    To administer Active Directory (default)
+
+.EXAMPLE
+    PS C:\> Invoke-ADSchemaReload -ADLDS $True
+    To administer the default ADLDS instance on localhost:389
+
+.EXAMPLE
+    PS C:\> Invoke-ADSchemaReload -ADLDS $True -ADLDSService myadldsservice:1234
+    To administer the ADLDS instance named myadldsservice:1234
 #>
 
 Function Invoke-ADSchemaReload {
-   $dse =  Get-ADRootDSE
-   $dse.schemaUpdateNow = $true
+	param(
+	[Parameter(Mandatory=$False)]
+    [Boolean]$ADLDS,
+    [Parameter(Mandatory=$False)]
+    [String]$ADLDSService
+	)
+	If (!$ADLDS)
+    {
+	$dse =  Get-ADRootDSE
+	$dse.schemaUpdateNow = $true
+	}
+	ElseIf ($ADLDS -eq $True) 
+    {
+        If (!$ADLDSService)
+        {
+            $ADLDSService = 'localhost:389'
+        }
+	$DirectoryContext = New-Object System.DirectoryServices.ActiveDirectory.DirectoryContext([System.DirectoryServices.ActiveDirectory.DirectoryContextType]::DirectoryServer, $ADLDSService)
+    $schema = [System.DirectoryServices.ActiveDirectory.ActiveDirectorySchema]::GetSchema($DirectoryContext)
+    $schema.RefreshSchema()
+	}
 }