bind
Use the bind command to bind ADEdit to a domain. Multiple bind commands can bind ADEdit to multiple domains in multiple forests. ADEdit must be bound to at least one domain before its commands have any effect on Active Directory or Delinea objects. When ADEdit is bound to multiple domains, its commands can work on any of those domains.
You can use bind to bind to any domain for which the DNS can resolve a name and for which you have log-in permission. ADEdit’s host computer does not need to be joined to a domain for ADEdit to bind to and work on that domain.
You can optionally specify a server in the domain to bind to, in which case ADEdit binds to that domain controller. If you don’t specify a server, ADEdit automatically binds to the closest, fastest domain controller. You can use options to request automatic binding to a global catalog (GC) domain controller or to a writable domain controller.
You can authorize the bind connection to a domain controller in the following ways:
- If you provide no
userorpasswordarguments,binduses the user name and password stored in the current Kerberos credential cache on the ADEdit host computer. - If you provide a
userargument without thepasswordargument,bindin interactive mode prompts you for a password, then uses theuserargument along with your entered password for authorization. - If you provide a
userargument andpasswordargument,binduses theuserandpasswordarguments for authorization. - If you specify the
-machineoption, ADEdit authenticates using the credentials for the ADEdit host computer. You cannot provideuserorpasswordarguments if you specify the-machineoption. Note that you must have read permission on the host’s credential files to use this option, so you must typically have root permissions to use the option.
Zone Type
Not applicable
Syntax
bind [-gc] [-write] [-machine] [server@]domain [user [password]]
Abbreviation
None
Options
This command takes the following options:
| Option | Description |
|---|---|
| -gc | Requests an automatic binding to a global catalog (GC) domain controller. This option has no effect if there’s a domain controller specified using the server argument. |
| -write | Requests an automatic binding to a writable domain controller. This option has no effect if there’s a domain controller specified using the server argument. |
| -machine | Binds using the credentials for the ADEdit host computer. Note that most computer accounts have only read permission, not write permission for Active Directory. To use this option, you must have read permission on the local computer’s keytab file and credentials cache. In most cases, only the root user has this right. |
Arguments
This command takes the following arguments:
| Argument | Type | Description |
|---|---|---|
| [server]@domain | string | Required. Specifies the domain to bind to. If you want to specify a domain controller to connect to, precede the domain with the name of the domain controller’s server followed by the “@” symbol. If you don’t specify a domain controller, bind performs an automatic binding to the domain controller that ADEdit determines is most optimal for binding. |
| [user] | string | Optional. Specifies the user name for logging on to the domain controller. If you don’t specify this argument and the -machine option is also not present, ADEdit attempts to log on using your current account credentials. If you specify the -machine option, you cannot use this argument. |
| [password] | string | Optional. Requires the user argument. Specifies the password to use when logging on to the domain controller as user. |
Return Value
This command returns no value.
Examples
The following example binds ADEdit to the domain acme.com, logging in as administrator with the password #3gEgh^&4:
bind acme.com administrator #3gEgh^&4
Note that a password that includes Tcl-special characters such as $ might trigger character substitution that modifies the password. To ensure that a password isn’t altered by the Tcl interpreter, enclose the password in braces (). For example:
bind acme.com maya,garcia {$m1l3s88}
Related Commands
The following commands perform actions related to the bind command:
- get_bind_info returns information about a domain to which ADEdit is bound.
poprestores the context from the top of ADEdit’s context stack to ADEdit.pushsaves ADEdit’s current context to ADEdit’s context stack.- show returns the current context of ADEdit: its bound domains and its currently selected objects.
