- Interactive mode. In interactive mode, ADEdit executes single CLI commands in real time. You can enter a series of commands within a shell to perform simple administrative tasks. ADEdit offers command history that is persistent from session to session. You can use the up arrow and Enter keys to review and re-enter commands instead of retyping complete commands from scratch.
- Script execution. ADEdit can accept and execute a Tcl script file that includes ADEdit commands. The Tcl scripting language includes full programming logic with variables, logical operators, branching, functions (called procedures in Tcl), and other useful program-flow features. As the script executes, ADEdit keeps the Active Directory objects that it is working on in internal memory. It does not require repeated queries to Active Directory as it works on an object.
- Executable file. You can set up any ADEdit Tcl script as an executable file that can run by itself on a UNIX platform.
Scripting makes ADEdit a very flexible administration tool. You can use a single script to handle hundreds or thousands of repetitive tasks that would take a very long time to perform through the console. And you can write a set of scripts to quickly and easily check on and respond to current conditions. A script could, for example, create a new zone, read
etc/passwd files on UNIX computers in that zone, and migrate all existing UNIX users it finds there into new zone user accounts. Another script could find users in specified groups and then assign a new role to all users in those groups.
With that power comes responsibility. It’s quite possible for an ADEdit script—or even a single ADEdit command—to completely erase Active Directory’s contents if used incorrectly. There are, for the most part, no warnings and there is no undo feature if this happens. Only knowledgeable users should use ADEdit, and it is important to test scripts in sample environments before deploying them to the enterprise.