The following sections provide the scriptable operations that can be carried out on the category object.
Create a GPO under a category.
CategoryObject.CreateGPO "GPOName"
The following code allows you to create a GPO in a category in the GP Repository.
Dim oGPRroot, oCategory, sCatergory Set oGPRroot = Wscript.CreateObject("faGPRRoot.faGPRRoot") sCategory = "FAGPR://CN=UserOU,CN=RELEASE,DC=Repository,DC=Net" oGPRroot.ConnectTo("DRIVER={ODBC Driver 13 for SQL Server};SERVER="<SQL Server Instance Name>";Trusted_Connection=Yes;DATABASE=GPO_REPOSITORY;") Set oCategory = oGPRroot.GetObject(sCategory) oGPRroot.GetObject("FAGPR://CN=Desktop,DC=NetIQLabs,DC=com") oCategory.CreateGPO "Software Policy"
CategoryObject.CreateGPO("GPOName")
The following code allows you to create a GPO in a category in the GP Repository.
public static void CreateGPO() { IfaGPRRoot oGPRroot = new faGPRRoot(); oGPRroot.ConnectTo("Provider=SQLOLEDB.1;Integrated Security=SSPI;Initial Catalog=GPO_REPOSITORY;Data Source=GPA_SERVER;Use Procedure for Prepare=1;Auto Translate=True;Packet Size=4096;Workstation ID=GPA_SERVER;Use Encryption for Data=False;Tag with column collation when possible=False"); IfaGPRCategory oCategory = oGPRroot.GetObject("FAGPR://CN=MyCategory, DC=MYDOMAIN,DC=LAB"); oCategory.CreateGPO("Software Policy"); Console.WriteLine("GPO was created correctly"); Console.ReadKey(); }
Deletes a category. This operation would delete all GPOs and subcategories. To use this command, all GPOs in the category must be checked in.
CategoryObject.Delete
The following code deletes a category from the GP Repository.
Dim oGPRroot, oCategory, oGPO Set oGPRroot = Wscript.CreateObject("faGPRRoot.faGPRRoot") oGPRroot.ConnectTo("DRIVER={ODBC Driver 13 for SQL Server};SERVER="<SQL Server Instance Name>";Trusted_Connection=Yes;DATABASE=GPO_REPOSITORY;") Set oCategory = oGPRroot.GetObject("FAGPR://CN=Desktop,DC=NetIQLabs,DC=com") oCategory.Delete
CategoryObject.Delete()
The following code deletes a category from the GP Repository.
public static void DeleteCategory() { IfaGPRRoot oGPRroot = new faGPRRoot(); oGPRroot.ConnectTo("Provider=SQLOLEDB.1;Integrated Security=SSPI;Initial Catalog=GPO_REPOSITORY;Data Source=GPA_SERVER;Use Procedure for Prepare=1;Auto Translate=True;Packet Size=4096;Workstation ID=GPA_SERVER;Use Encryption for Data=False;Tag with column collation when possible=False"); IfaGPRCategory oCategory = oGPRroot.GetObject("FAGPR://CN=NewCategory, DC=MYDOMAIN,DC=LAB"); oCategory.Delete(); Console.WriteLine("Category deleted"); Console.ReadKey(); }
Enumerate the list of GPOs under a category. Prior to the enumeration loop, you need to specify the enumeration type as GPO.
CategoryObject.EnumType = "GPO" For Each GPOObject in CategoryObject [. . . perform operations . . .] Next
The following code allows you to enumerate all GPOs inside a category.
Dim oGPRroot, oCategory, oGPO, sCategory Set oGPRroot = Wscript.CreateObject("faGPRRoot.faGPRRoot") sCategory = "FAGPR://CN=MyCategory, DC=MYDOMAIN,DC=LAB" oGPRroot.ConnectTo("DRIVER={ODBC Driver 13 for SQL Server};SERVER="<SQL Server Instance Name>";Trusted_Connection=Yes;DATABASE=GPO_REPOSITORY;") Set oCategory = oGPRroot.GetObject(sCategory) oGPRroot.GetObject("FAGPR://CN=Desktop,DC=NetIQLabs,DC=com") Wscript.Echo oCategory.Name For Each oGPO in oCategory Wscript.Echo oGPO.Name Next
CategoryObject = oGPRroot.GetObject(CategoryPath) foreach (GPOObject in CategoryObject) { [. . . perform operations . . .] }
The following code allows you to enumerate all GPOs inside a category.
public static void EnumerateGPOs() { string sCategory = "FAGPR://CN=MyCategory, DC=MYDOMAIN,DC=LAB"; IfaGPRRoot oGPRroot = new faGPRRoot(); oGPRroot.ConnectTo("Provider=SQLOLEDB.1;Integrated Security=SSPI;Initial Catalog=GPO_REPOSITORY;Data Source=GPA_SERVER;Use Procedure for Prepare=1;Auto Translate=True;Packet Size=4096;Workstation ID=GPA_SERVER;Use Encryption for Data=False;Tag with column collation when possible=False"); IfaGPRCategory oCategory = oGPRroot.GetObject(sCategory); foreach (IfaGPRGpo gprGpo in oCategory) { Console.WriteLine(gprGpo.Name); } Console.ReadKey(); }
Enumerate the subcategories in a category. This task is similar to enumerating the list of GPOs under a category. However, the extra step prior to the enumeration loop is for you to specify the enumeration type to be CATEGORY. If you do not, the enumeration would return the list of GPOs.
CategoryObject.EnumType = "CATEGORY" For Each SubCategoryObject in CategoryObject [. . . perform operations . . .] Next
The following code allows you to enumerate all child categories inside a parent category.
Dim oGPRroot, oCategory, oSubCategory Set oGPRroot = Wscript.CreateObject("faGPRRoot.faGPRRoot") oGPRroot.ConnectTo("DRIVER={ODBC Driver 13 for SQL Server};SERVER="<SQL Server Instance Name>";Trusted_Connection=Yes;DATABASE=GPO_REPOSITORY;") Set oCategory = oGPRroot.GetObject("FAGPR://CN=Desktop,DC=NetIQLabs,DC=com") oCategory.Enumtype = "CATEGORY" Wscript.Echo oCategory.Name For Each oSubCategory in oCategory Wscript.Echo oSubCategory.Name Next
CategoryObject.EnumType = "CATEGORY" foreach (SubCategoryObject in CategoryObject) { [. . . perform operations . . .] }
The following code allows you to enumerate all child categories inside a parent category.
public static void EnumerateSubCategories() { string sCategory = "FAGPR://CN=MyCategory, DC=MYDOMAIN,DC=LAB"; IfaGPRRoot oGPRroot = new faGPRRoot(); oGPRroot.ConnectTo("Provider=SQLOLEDB.1;Integrated Security=SSPI;Initial Catalog=GPO_REPOSITORY;Data Source=GPA_SERVER;Use Procedure for Prepare=1;Auto Translate=True;Packet Size=4096;Workstation ID=GPA_SERVER;Use Encryption for Data=False;Tag with column collation when possible=False"); IfaGPRCategory oCategory = oGPRroot.GetObject(sCategory); oCategory.EnumType = "Category"; foreach (IfaGPRCategory gprCategory in oCategory) { Console.WriteLine(gprCategory.Name); } Console.ReadKey(); }
Import an existing Active Directory GPO into a category.
CategoryObject.ImportGPO "GPOLDAPPath", OverwriteFlag
or
Set GPOObject = CategoryObject.ImportGPO("GPOLDAPPath", OverwriteFlag)
or
CategoryObject.ImportGPO ADSIGPOObject, OverwriteFlag
The following code imports a GPO from Active Directory into the GP Repository.
Dim oGPRroot, oDomain, oCategory Set oGPRroot = Wscript.CreateObject("faGPRRoot.faGPRRoot") oGPRroot.ConnectTo("DRIVER={ODBC Driver 13 for SQL Server};SERVER="<SQL Server Instance Name>";Trusted_Connection=Yes;DATABASE=GPO_REPOSITORY;") Set oCategory = oGPRroot.GetObject("FAGPR://CN=Desktop,DC=NetIQLabs,DC=com") oCategory.ImportGPO "LDAP://maboslpt03.NetIQLabs.com/ CN={D162D0C0-6B7C-4F77-9846-F6EEF520FAD3}, CN=Policies,CN=System,DC=NetIQLabs,DC=com",True
The following code imports a GPO from Active Directory into the GP Repository and associates the newly imported GPO to an object.
Dim oGPRroot, oDomain, oCategory, oGPO Set oGPRroot = Wscript.CreateObject("faGPRRoot.faGPRRoot") oGPRroot.ConnectTo("DRIVER={ODBC Driver 13 for SQL Server};SERVER="<SQL Server Instance Name>";Trusted_Connection=Yes;DATABASE=GPO_REPOSITORY;") Set oCategory = oGPRroot.GetObject("FAGPR://CN=Desktop,DC=NetIQLabs,DC=com") set oGPO = OCategory.ImportGPO ("LDAP://maboslpt03.NetIQLabs.com/CN={D162D0C0-6B7C-4F77-9846-F6EEF520FAD3},CN=Policies,CN=System,DC=NetIQLabs,DC=com",True) wscript.echo "The '" & oGPO.Name & "' GPO has been imported successfully."
The following code imports a GPO from Active Directory into the GP Repository by passing the Active Directory GPO object as a parameter.
Dim oGPRroot, oDomain, oCategory Set oGPRroot = Wscript.CreateObject("faGPRRoot.faGPRRoot") oGPRroot.ConnectTo("DRIVER={ODBC Driver 13 for SQL Server};SERVER="<SQL Server Instance Name>";Trusted_Connection=Yes;DATABASE=GPO_REPOSITORY;") Set oCategory = oGPRroot.GetObject("FAGPR://CN=Desktop,DC=NetIQLabs,DC=com") Set oGpo = GetObject("LDAP://maboslpt03.NetIQLabs.com/ CN={D162D0C0-6B7C-4F77-9846-F6EEF520FAD3}, CN=Policies,CN=System,DC=NetIQLabs,DC=com") oCategory.ImportGPO oGpo,True
CategoryObject.ImportGPO("GPOLDAPPath", OverwriteFlag)
or
GPOObject = CategoryObject.ImportGPO("GPOLDAPPath", OverwriteFlag)
or
CategoryObject.ImportGPO(ADSIGPOObject, OverwriteFlag)
The following code imports a GPO from Active Directory into the GP Repository.
public static void ImportGPOFromAD() { string sCategory = "FAGPR://CN=MyCategory, DC=MYDOMAIN,DC=LAB"; string sGPOLDAP = "LDAP://MYDOMAIN.LAB/CN={000344FD-1494-45A4-BF39-5022C4B4741A},CN=Policies,CN=System,DC=MYDOMAIN,DC=LAB"; IfaGPRRoot oGPRroot = new faGPRRoot(); oGPRroot.ConnectTo("Provider=SQLOLEDB.1;Integrated Security=SSPI;Initial Catalog=GPO_REPOSITORY;Data Source=GPA_SERVER;Use Procedure for Prepare=1;Auto Translate=True;Packet Size=4096;Workstation ID=GPA_SERVER;Use Encryption for Data=False;Tag with column collation when possible=False"); IfaGPRCategory oCategory = oGPRroot.GetObject(sCategory); oCategory.ImportGPO(sGPOLDAP, true); Console.WriteLine("GPO imported"); Console.ReadKey(); }
This operation includes parameters that are defined as follows:
Specifies the LDAP path of the GPO that needs to be imported from a live Active Directory domain. To obtain the LDAP path of the GPO (LDAP://...), use the ADSI Edit tool. If the ADSI Edit tool is not available, substitute the following information in the LDAP path:
"LDAP://DomainController/CN={GUID},CN=Policies,CN=System,DC=Domain"
The parameters in this syntax statement are defined as follows:
Type the name of the primary domain controller of the domain. Provide the full computer name, which has the actual computer name along with the domain to which it belongs. You can find the full name on the Network Identification tab of the Property page of My Computer.
Type the GUID number that corresponds to the GPO you want to import.
Type the name of the domain to which the GPO belongs. The domain name should be in the distinguished name format. For example, to specify the domain name, mydomain.com, the syntax should be DC=MYDOMAIN, DC=COM.
Specifies and ADSI pointer to the GPO in Active Directory.
Specifies the overriding condition for the import. The values are False and True. False denotes do not override if the GPO already exists in the domain. True denotes override the existing GPO.
Read the name property of a category.
CategoryObject.Name
The following code prints all domain‑level categories for each domain in the GP Repository.
Dim oGPRroot, oCategory, oDomain Set oGPRroot = Wscript.CreateObject("faGPRRoot.faGPRRoot") oGPRroot.ConnectTo("DRIVER={ODBC Driver 13 for SQL Server};SERVER="<SQL Server Instance Name>";Trusted_Connection=Yes;DATABASE=GPO_REPOSITORY;") For Each oDomain in oGPRroot Wscript.Echo oDomain.Name For Each oCategory in oDomain Wscript.Echo oCategory.Name Next Next
CategoryObject.Name
The following code prints all domain‑level categories for each domain in the GP Repository.
public static void ReadCategoryName() { IfaGPRRoot oGPRroot = new faGPRRoot(); oGPRroot.ConnectTo("Provider=SQLOLEDB.1;Integrated Security=SSPI;Initial Catalog=GPO_REPOSITORY;Data Source=GPA_SERVER;Use Procedure for Prepare=1;Auto Translate=True;Packet Size=4096;Workstation ID=GPA_SERVER;Use Encryption for Data=False;Tag with column collation when possible=False"); foreach (IfaGPRDomain gprDomain in oGPRroot) { Console.WriteLine(gprDomain.Name); foreach (IfaGPRCategory gprCategory in gprDomain) { Console.WriteLine(gprCategory.Name); } } Console.ReadKey(); }