Has anyone created a simple (VBS or similar) user interface to modify a
user's iFolder attributes in AD?

My company is using iFolder in an all-Microsoft native 2003 environment.
iFolder is loaded on Windows 2003 Std Server and runs on IE6. For
security reasons we do not want to provide the security necessary and
full feature set of the web GUI to our Local Site Admins, but we would
like them to be able to manage iFolder properties for their local users.
I have included some technical details below. Even if the security issue
were not present, we would need a new UI because the iFolder web GUI does
not handle our display names in Lastname, Firstname format. It chokes on
the commas.

The only thing the admin tool does is:

Enter in the user property "iFolderServerName" the value for the iFolder
server with a random number behind it separated by a ";" such
as "iFolder_server01;25CBDEF5765766E3A5BB9F170A397619 "

Enter the user quota in "iFolderQuota".

Then as the user does a first time logon, the
file "E:\iFolder\Accounts\firstname.lastname@home@25CBD EF5765766E3A5BB9F17
0A397619" (nothing more than an empty text file) . The file is used for
reference in case a restore is required (so that answers that question as
well). The number should be a unique number, and the iFolder admin page
normally generates that random. If the account SID is used, then it is
always unique, and easy identifiable.

Because of the commas, if I now use the admin tool to look up an
individual user, it gives the wrong quota, if I run a report against all
users, I get correct values.

So what needs to be done to fix this completely:

A (small) application or script must be written to access AD directly.
This app/script should be able to read and set values in AD. It should be
able to:

* Search AD for a user name, either on account name ("john.doe") or on
display name ("Doe, John")

* Get the user SID (and modify it slightly so it can be used. E.g., dots,
dashes and spaces must be removed to get a real hex number"

* Set values in:
* "iFolderServerName"
* "iFolderQuota"

* Display the info of a user based on either search criteria.

* Options:
* Enumerate the user directory (used space) on the radsrv02 based on the
hash number to see how much space a user has left.

The only rights needed to administer are the standard "Site OU"
permissions a site admin has already.

So administration can be done by individual site admins, and the admin
tool can be used to run full reports.

A second admin account should be created in the "service accounts" OU,
and only needs to have "administrative privileges" on the iFolder Server.
Other than that, it can be a normal domain user.

So then another user (different from the iFolder service account) is able
to administer ALL except the users. (for that we need that app). So
actually, the application is VERY simple.

Many thanks for any suggestions,