Jump to content

This site uses cookies. By continuing to browse the site you are agreeing to our use of cookies. Find out more here. X
X


Photo

Active Directory UDF


  • Please log in to reply
1122 replies to this topic

#101 water

water

    ?

  • MVPs
  • 15,309 posts

Posted 10 March 2010 - 06:33 PM

Some thoughts to your script:

  • You know that you can specify the attributes to be returned by _AD_GetObjectProperties? In your case:
$object_properties = _AD_GetObjectProperties($initials,"givenName,sn,displayName,company,department,physicalDeliveryOfficeName,lastLogon,pwdLastSet,accountExpires")

  • lastLogon doesn't return the "true" last logon date as this is not propagated to all DCs. Use _AD_GetLastLoginDate instead

Edited by water, 10 March 2010 - 06:36 PM.

UDFs:
Active Directory (NEW 2014-07-21 - Version 1.4.1.1) - Download - General Help & Support - Example Scripts - Wiki
OutlookEX (NEW 2014-07-27 - Version 1.0.0.0) - Download - General Help & Support - Example Scripts - Wiki
ExcelChart (2013-01-21 - Version 0.3.1.1) - Download - General Help & Support - Example Scripts
Excel - Example Scripts - Wiki
Word - Wiki
Tutorials:
ADO - Wiki







#102 gcue

gcue

    just a wannabe

  • Active Members
  • PipPipPipPipPipPip
  • 1,887 posts

Posted 10 March 2010 - 09:24 PM

thanks for the heads up!

#103 deeptrancer

deeptrancer

    Seeker

  • Normal Members
  • 2 posts

Posted 12 March 2010 - 03:34 PM

Function _AD_DisablePasswordExpire doesn't work :mellow: Can Somebody fix it ???

#104 water

water

    ?

  • MVPs
  • 15,309 posts

Posted 13 March 2010 - 01:20 PM

Function _AD_DisablePasswordExpire doesn't work :mellow: Can Somebody fix it ???

Moved your question to the "General Help and Support Thread"
UDFs:
Active Directory (NEW 2014-07-21 - Version 1.4.1.1) - Download - General Help & Support - Example Scripts - Wiki
OutlookEX (NEW 2014-07-27 - Version 1.0.0.0) - Download - General Help & Support - Example Scripts - Wiki
ExcelChart (2013-01-21 - Version 0.3.1.1) - Download - General Help & Support - Example Scripts
Excel - Example Scripts - Wiki
Word - Wiki
Tutorials:
ADO - Wiki

#105 eternally1027

eternally1027

    Seeker

  • Active Members
  • 7 posts

Posted 16 March 2010 - 05:25 PM

Here is another script which I have converted from Jonathan Clelland's AD UDF, v3.3.

It is working perfectly.

It is, admittedly, lacking error checking.

AutoIt         
; #Function#==================================================================================================================== ; Name...........: _AD_MailEnableUser ; Description ...: Enables Mail for a User ; Syntax.........: _AD_MailEnableUser($sAD_User, $mdbstore, $store, $server, $admingroup, $domain, $emaildomain) ; Parameters ....: $sAD_User - Username, $mdbstore - Mailbox Store Name, $store - Information Store ;                : $server - Email Server, $admingroup - Admin Group in Exchange, $domain - Domain Name ;                : $emaildomain - Exchange Server Group Name ; Return values .: 1 (Worked) ; Author ........: Jonathan Clelland ; Modified.......: Ethan Turk ; Remarks .......: ; Related .......: ; Link ..........: ; Example .......: ; =============================================================================================================================== Func _AD_MailEnableUser($sAD_User, $mdbstore, $store, $server, $admingroup, $domain, $emaildomain)     If _AD_ObjectExists($sAD_User) = 0 Then Return 0     $sAD_Query = "<LDAP://" & $sAD_HostServer & "/" & $sAD_DNSDomain & ">;(sAMAccountName=" & $sAD_User & ");ADsPath;subtree"     Local $oAD_RecordSet = $oAD_Connection.Execute($sAD_Query) ; Retrieve the FQDN for the object     $sAD_LDAPEntry = $oAD_RecordSet.fields(0).value     Local $oAD_Object = _AD_ObjGet($sAD_LDAPEntry) ; Retrieve the COM Object for the object     ;If $oAD_Object.HomeMDB <> "" Then Return 0     $mailboxpath = "LDAP://CN="     $mailboxpath = $mailboxpath & $mdbstore     $mailboxpath = $mailboxpath & ",CN="     $mailboxpath = $mailboxpath & $store     $mailboxpath = $mailboxpath & ",CN=InformationStore"     $mailboxpath = $mailboxpath & ",CN="     $mailboxpath = $mailboxpath & $server     $mailboxpath = $mailboxpath & ",CN=Servers,CN="     $mailboxpath = $mailboxpath & $admingroup     $mailboxpath = $mailboxpath & ",CN=Administrative Groups,CN=" & $emaildomain & ",CN=Microsoft Exchange,CN=Services,CN=Configuration,"     $mailboxpath = $mailboxpath & $domain     $oAD_Object.MailNickName = $sAD_User     $oAD_Object.CreateMailbox($mailboxpath)     $oAD_Object.SetInfo     $oAD_Object = 0     Return 1 EndFunc


#106 Joe2010

Joe2010

    Seeker

  • Active Members
  • 11 posts

Posted 17 March 2010 - 12:40 PM

Hi,

I tested a lot of functions and fixed the following bugs (Win2003Server Domain):

1.
In the new version AD 0.37 the Func _AD_GetObjectsInOU returns an empty array because of $aAD_DataToRetrieve.
Original:
Line 1133:
$aAD_Objects[$iCount2] = $oAD_RecordSet.Fields($aAD_DataToRetrieve).Value

Fixed (like previous versions):
Line 1133:
$aAD_Objects[$iCount2] = $oAD_RecordSet.Fields($sAD_DataToRetrieve).Value


2.
Also in the Func _AD_GetObjectsInOU the "Searchscope property" doesn't work. The last argument ";subtree" is used for this.
Line 1098:
$oAD_Command.CommandText = "<LDAP://" & $sAD_HostServer & "/" & $sAD_OU & ">;" & $sAD_Filter & ";" & $sAD_DataToRetrieve & ";subtree"

Possible arguments:
";base"
";onelevel"
";subtree"

3.
The Func _AD_FQDNToSamAccountName can't handle OrganizationalUnits with a slash in the name (for example: "Accounts/Controlling").
This is a known Active Directory bug so I declared wrong given slashs "/" from AD as special character "\/" (normaly it's job of Active Directory for example the special character: comma).

Func _AD_FQDNToDisplayname($sAD_FQDN)                 ;AD BUG: Declare wrong given slashs "/" from AD as special character "\/"                 $sAD_FQDN = StringReplace($sAD_FQDN, "/", "\/")                 Local $oAD_Item = _AD_ObjGet("LDAP://" & $sAD_HostServer & "/" & $sAD_FQDN)                 If IsObj($oAD_Item) Then                                Local $sAD_Name = $oAD_Item.name                                $sAD_Name = StringTrimLeft($sAD_Name, 3)                                $sAD_Name = StringReplace($sAD_Name, "\,", ",")                                Return $sAD_Name                 Else                                Return SetError(1, 0, "")                 EndIf EndFunc   ;==>_AD_FQDNToDisplayname


greetings

Edited by Joe2010, 17 March 2010 - 12:50 PM.


#107 jazzyjeff

jazzyjeff

    Universalist

  • Active Members
  • PipPipPipPipPipPip
  • 334 posts

Posted 18 March 2010 - 08:11 PM

Water,

I am using your AD.au3 UDF hoping it'd solve my problems, but unfortunately I cannot get it to work at all. I am trying to use the _AD_IsMemberOf function, but I keep receiving this error when I try to compile the script.
>"C:\Program Files\AutoIt3\SciTE\AutoIt3Wrapper\AutoIt3Wrapper.exe" /run /prod /ErrorStdOut /in "C:\Users\carrollje\Desktop\MasterLog Test1.au3" /autoit3dir "C:\Program Files\AutoIt3" /UserParams
+>16:01:10 Starting AutoIt3Wrapper v.2.0.1.24 Environment(Language:0409 Keyboard:00000409 OS:WIN_7/ CPU:X64 OS:X86)
>Running AU3Check (1.54.19.0) from:C:\Program Files\AutoIt3
+>16:01:11 AU3Check ended.rc:0
>Running:(3.3.2.0):C:\Program Files\AutoIt3\autoit3.exe "C:\Users\carrollje\Desktop\MasterLog Test1.au3"
C:\Program Files\AutoIt3\Include\AD.au3 (482) : ==> Variable must be of type "Object".:
Local $oAD_RecordSet = $oAD_Connection.Execute($sAD_Query)
Local $oAD_RecordSet = $oAD_Connection^ ERROR
->16:01:11 AutoIT3.exe ended.rc:1
>Exit code: 1 Time: 2.251


The script I am running is this, and it is supposed to exporta users login details into a specific CSV file depending on their security group membership.
AutoIt         
#include <WindowsConstants.au3> #include <AD.au3> $TITLE = ("Username, Computer Name, IP Address, Time, Date") $Login = (@UserName & "," & @ComputerName & "," & @IPAddress1 & "," & @HOUR & ":" & @MIN & ":" & @SEC & "," & @MON & "/" & @MDAY & "/" & @YEAR) $DA = True ;==> Domain Admins $T = True ;==> Teachers $S = True ;==> Students $O = True ;==> Office $CSHT = True ; ==> CSH Teachers $CSHS = True ;==> CSH Students $CSHO = True ;==> CSH Office $EMST = True ; ==> EMS Teachers $EMSS = True ;==> EMS Students $EMSO = True ;==> EMS Office $TCHST = True ; ==> TCHS Teachers $TCHSS = True ;==> TCHS Students $TCHSO = True ;==> TCHS Office $WMST = True ; ==> WMS Teachers $WMSS = True ;==> WMS Students $WMSO = True ;==> WMS Office $WSHT = True ;==> WSH Teachers $WSHS = True ;==> WSH Students $WSHO = True ;==> WSH Office ;==> These functions will do the part of adding a record to the log in the CSV file. ;==> The records are added to the particular log depending on the security group. ;==> Each function is named by the security group. Func DomainAdmins()     If FileReadLine("\\app2\logs$\Domain Admins Log.csv", 1) = $TITLE Then         FileWriteLine("\\app2\logs$\Domain Admins Log.csv", $Login)     Else         FileWriteLine("\\app2\logs$\Domain Admins Log.csv", $TITLE)         FileWriteLine("\\app2\logs$\Domain Admins Log.csv", $Login)     EndIf EndFunc   ;==>DomainAdmins Func Teachers()     If FileReadLine("\\app2\logs$\WSH - Teachers Log.csv", 1) = $TITLE Then         FileWriteLine("\\app2\logs$\WSH - Teachers Log.csv", $Login)     Else         FileWriteLine("\\app2\logs$\WSH - Teachers Log.csv", $TITLE)         FileWriteLine("\\app2\logs$\WSH - Teachers Log.csv", $Login)     EndIf EndFunc   ;==>Teachers Func Students()     If FileReadLine("\\app2\logs$\WSH - Students Log.csv", 1) = $TITLE Then         FileWriteLine("\\app2\logs$\WSH - Students Log.csv", $Login)     Else         FileWriteLine("\\app2\logs$\WSH - Students Log.csv", $TITLE)         FileWriteLine("\\app2\logs$\WSH - Students Log.csv", $Login)     EndIf EndFunc   ;==>Students Func Office()     If FileReadLine("\\app2\logs$\WSH - Office Log.csv", 1) = $TITLE Then         FileWriteLine("\\app2\logs$\WSH - Office Log.csv", $Login)     Else         FileWriteLine("\\app2\logs$\WSH - Office Log.csv", $TITLE)         FileWriteLine("\\app2\logs$\WSH - Office Log.csv", $Login)     EndIf EndFunc   ;==>Office Func CSH_Teachers()     If FileReadLine("\\app2\logs$\CSH - Teachers Log.csv", 1) = $TITLE Then         FileWriteLine("\\app2\logs$\CSH - Teachers Log.csv", $Login)     Else         FileWriteLine("\\app2\logs$\CSH - Teachers Log.csv", $TITLE)         FileWriteLine("\\app2\logs$\CSH - Teachers Log.csv", $Login)     EndIf EndFunc   ;==>CSH_Teachers Func CSH_Students()     If FileReadLine("\\app2\logs$\CSH - Students Log.csv", 1) = $TITLE Then         FileWriteLine("\\app2\logs$\CSH - Students Log.csv", $Login)     Else         FileWriteLine("\\app2\logs$\CSH - Students Log.csv", $TITLE)         FileWriteLine("\\app2\logs$\CSH - Students Log.csv", $Login)     EndIf EndFunc   ;==>CSH_Students Func CSH_Office()     If FileReadLine("\\app2\logs$\CSH - Office Log.csv", 1) = $TITLE Then         FileWriteLine("\\app2\logs$\CSH - Office Log.csv", $Login)     Else         FileWriteLine("\\app2\logs$\CSH - Office Log.csv", $TITLE)         FileWriteLine("\\app2\logs$\CSH - Office Log.csv", $Login)     EndIf EndFunc   ;==>CSH_Office Func EMS_Teachers()     If FileReadLine("\\app2\logs$\EMS - Teachers Log.csv", 1) = $TITLE Then         FileWriteLine("\\app2\logs$\EMS - Teachers Log.csv", $Login)     Else         FileWriteLine("\\app2\logs$\EMS - Teachers Log.csv", $TITLE)         FileWriteLine("\\app2\logs$\EMS - Teachers Log.csv", $Login)     EndIf EndFunc   ;==>EMS_Teachers Func EMS_Students()     If FileReadLine("\\app2\logs$\EMS - Students Log.csv", 1) = $TITLE Then         FileWriteLine("\\app2\logs$\EMS - Students Log.csv", $Login)     Else         FileWriteLine("\\app2\logs$\EMS - Students Log.csv", $TITLE)         FileWriteLine("\\app2\logs$\EMS - Students Log.csv", $Login)     EndIf EndFunc   ;==>EMS_Students Func EMS_Office()     If FileReadLine("\\app2\logs$\EMS - Office Log.csv", 1) = $TITLE Then         FileWriteLine("\\app2\logs$\EMS - Office Log.csv", $Login)     Else         FileWriteLine("\\app2\logs$\EMS - Office Log.csv", $TITLE)         FileWriteLine("\\app2\logs$\EMS - Office Log.csv", $Login)     EndIf EndFunc   ;==>EMS_Office Func TCHS_Teachers()     If FileReadLine("\\app2\logs$\TCHS - Teachers Log.csv", 1) = $TITLE Then         FileWriteLine("\\app2\logs$\TCHS - Teachers Log.csv", $Login)     Else         FileWriteLine("\\app2\logs$\TCHS - Teachers Log.csv", $TITLE)         FileWriteLine("\\app2\logs$\TCHS - Teachers Log.csv", $Login)     EndIf EndFunc   ;==>TCHS_Teachers Func TCHS_Students()     If FileReadLine("\\app2\logs$\TCHS - Students Log.csv", 1) = $TITLE Then         FileWriteLine("\\app2\logs$\TCHS - Students Log.csv", $Login)     Else         FileWriteLine("\\app2\logs$\TCHS - Students Log.csv", $TITLE)         FileWriteLine("\\app2\logs$\TCHS - Students Log.csv", $Login)     EndIf EndFunc   ;==>TCHS_Students Func TCHS_Office()     If FileReadLine("\\app2\logs$\TCHS - Office Log.csv", 1) = $TITLE Then         FileWriteLine("\\app2\logs$\TCHS - Office Log.csv", $Login)     Else         FileWriteLine("\\app2\logs$\TCHS - Office Log.csv", $TITLE)         FileWriteLine("\\app2\logs$\TCHS - Office Log.csv", $Login)     EndIf EndFunc   ;==>TCHS_Office Func WMS_Teachers()     If FileReadLine("\\app2\logs$\WMS - Teachers Log.csv", 1) = $TITLE Then         FileWriteLine("\\app2\logs$\WMS - Teachers Log.csv", $Login)     Else         FileWriteLine("\\app2\logs$\WMS - Teachers Log.csv", $TITLE)         FileWriteLine("\\app2\logs$\WMS - Teachers Log.csv", $Login)     EndIf EndFunc   ;==>WMS_Teachers Func WMS_Students()     If FileReadLine("\\app2\logs$\WMS - Students Log.csv", 1) = $TITLE Then         FileWriteLine("\\app2\logs$\WMS - Students Log.csv", $Login)     Else         FileWriteLine("\\app2\logs$\WMS - Students Log.csv", $TITLE)         FileWriteLine("\\app2\logs$\WMS - Students Log.csv", $Login)     EndIf EndFunc   ;==>WMS_Students Func WMS_Office()     If FileReadLine("\\app2\logs$\WMS - Office Log.csv", 1) = $TITLE Then         FileWriteLine("\\app2\logs$\WMS - Office Log.csv", $Login)     Else         FileWriteLine("\\app2\logs$\WMS - Office Log.csv", $TITLE)         FileWriteLine("\\app2\logs$\WMS - Office Log.csv", $Login)     EndIf EndFunc   ;==>WMS_Office Func WSH_Teachers()     If FileReadLine("\\app2\logs$\WSH - Teachers Log.csv", 1) = $TITLE Then         FileWriteLine("\\app2\logs$\WSH - Teachers Log.csv", $Login)     Else         FileWriteLine("\\app2\logs$\WSH - Teachers Log.csv", $TITLE)         FileWriteLine("\\app2\logs$\WSH - Teachers Log.csv", $Login)     EndIf EndFunc   ;==>WSH_Teachers Func WSH_Students()     If FileReadLine("\\app2\logs$\WSH - Students Log.csv", 1) = $TITLE Then         FileWriteLine("\\app2\logs$\WSH - Students Log.csv", $Login)     Else         FileWriteLine("\\app2\logs$\WSH - Students Log.csv", $TITLE)         FileWriteLine("\\app2\logs$\WSH - Students Log.csv", $Login)     EndIf EndFunc   ;==>WSH_Students Func WSH_Office()     If FileReadLine("\\app2\logs$\WSH - Office Log.csv", 1) = $TITLE Then         FileWriteLine("\\app2\logs$\WSH - Office Log.csv", $Login)     Else         FileWriteLine("\\app2\logs$\WSH - Office Log.csv", $TITLE)         FileWriteLine("\\app2\logs$\WSH - Office Log.csv", $Login)     EndIf EndFunc   ;==>WSH_Office ;==> Select     Case $DA If _AD_IsMemberOf("Domain Admins","") Then DomainAdmins()     ContinueCase     Case $T If _AD_IsMemberOf("Teachers","") Then Teachers()     ContinueCase     Case $S If _AD_IsMemberOf("Students","") Then Students()     ContinueCase     Case $O If _AD_IsMemberOf("Office","") Then Office()     ContinueCase     Case $CSHT If _AD_IsMemberOf("CSH_Teachers","") Then CSH_Teachers()     ContinueCase     Case $CSHS If _AD_IsMemberOf("CSH_Students","") Then CSH_Students()     ContinueCase     Case $CSHO If _AD_IsMemberOf("CSH_Office","") Then CSH_Office()     ContinueCase     Case $EMST If _AD_IsMemberOf("EMS_Teachers","") Then EMS_Teachers()     ContinueCase     Case $EMSS If _AD_IsMemberOf("EMS_Students","") Then EMS_Students()     ContinueCase     Case $EMSO If _AD_IsMemberOf("EMS_Office","") Then EMS_Office()     ContinueCase     Case $TCHST If _AD_IsMemberOf("TCHS_Teachers","") Then TCHS_Teachers()     ContinueCase     Case $TCHSS If _AD_IsMemberOf("TCHS_Students","") Then TCHS_Students()     ContinueCase     Case $TCHSO If _AD_IsMemberOf("TCHS_Office","") Then TCHS_Office()     ContinueCase     Case $WMST If _AD_IsMemberOf("WMS_Teachers","") Then WMS_Teachers()     ContinueCase     Case $WMSS If _AD_IsMemberOf("WMS_Students","") Then WMS_Students()     ContinueCase     Case $WMSO If _AD_IsMemberOf("WMS_Office","") Then WMS_Office()     ContinueCase     Case $WSHT If _AD_IsMemberOf("WSH_Teachers","") Then WSH_Teachers()     ContinueCase     Case $WSHS If _AD_IsMemberOf("WSH_Students","") Then WSH_Students()     ContinueCase     Case $WSHO If _AD_IsMemberOf("WSH_Office","") Then WSH_Office()     ContinueCase EndSelect


#108 Joe2010

Joe2010

    Seeker

  • Active Members
  • 11 posts

Posted 19 March 2010 - 08:52 AM

Hi jazzyjeff,

it's not a bug of AD.au3! -> "General Help and Support Thread"
Please use the _AD_Open/_AD_Close - Functions to get access to the Active Directory.

Have a look:

Case $DA     _AD_Open()     If _AD_IsMemberOf("domain admins") Then DomainAdmins()     _AD_Close()


greetings

#109 Joe2010

Joe2010

    Seeker

  • Active Members
  • 11 posts

Posted 19 March 2010 - 04:50 PM

Hi Water,

please add the option "User must change password at next logon" to Func _AD_SetPassword.

Func _AD_SetPassword($sAD_User, $sAD_Password = "", $iChangePW = 0) ; changed by Joe2010     If Not _AD_ObjectExists($sAD_User) Then Return SetError(1, 0, 0)     If StringMid($sAD_User, 3, 1) <> "=" Then $sAD_User = _AD_SamAccountNameToFQDN($sAD_User) ; sAMACccountName provided     Local $oAD_User = _AD_ObjGet("LDAP://" & $sAD_HostServer & "/" & $sAD_User)     $oAD_User.SetPassword($sAD_Password)         ; added by Joe2010     $oAD_User.Put("pwdLastSet", $iChangePW) ; $iChangePW: (0 = User must change password at next logon / 1 = User must not change password at next logon)     ;==> added by Joe2010         $oAD_User.SetInfo()     If @error <> 0 Then Return SetError(@error, 0, 0)     Return 1 EndFunc   ;==>_AD_SetPassword

Edited by Joe2010, 19 March 2010 - 04:58 PM.


#110 Joe2010

Joe2010

    Seeker

  • Active Members
  • 11 posts

Posted 23 March 2010 - 10:36 AM

Sorry...the value for "user must not change password at next logon" is -1 :(

Func _AD_SetPassword($sAD_User, $sAD_Password = "", $iChangePW = 0) ; changed by Joe2010     If Not _AD_ObjectExists($sAD_User) Then Return SetError(1, 0, 0)     If StringMid($sAD_User, 3, 1) <> "=" Then $sAD_User = _AD_SamAccountNameToFQDN($sAD_User) ; sAMACccountName provided     Local $oAD_User = _AD_ObjGet("LDAP://" & $sAD_HostServer & "/" & $sAD_User)     $oAD_User.SetPassword($sAD_Password)         ; added by Joe2010     $oAD_User.Put("pwdLastSet", $iChangePW) ; $iChangePW: (0 = User must change password at next logon / -1 = User must not change password at next logon)     ;==> added by Joe2010         $oAD_User.SetInfo()     If @error <> 0 Then Return SetError(@error, 0, 0)     Return 1 EndFunc   ;==>_AD_SetPassword


#111 ICANSEEYOU7687

ICANSEEYOU7687

    Wayfarer

  • Active Members
  • Pip
  • 77 posts

Posted 25 March 2010 - 03:03 PM

slightly random and maybe im just an idiot, but with the create user function, how can you create a user in AD to lets say... groups\division1\ so the OU is groups, which has another folder in it named division1, where you want the users placed?

thanks! and these scripts are great

#112 Prab

Prab

    Wayfarer

  • Active Members
  • Pip
  • 94 posts

Posted 26 March 2010 - 08:04 PM

Am I misunderstanding the return value from _AD_Open? I just downloaded 0.37 and wanted to make my script error out during _AD_Open. I use all five parameters, and the first 2 are populated from InputBox. The other 3 are static. I use my username and my correct password and it returns 1. I then use my username and an incorrect password and it still returns 1. Seems to me like it shouldn't be able to connect.

Any help is appreciated.

Sidenote, might be a good idea to add this (untested) to the top of _AD_Open to enforce adding all three of the last parameters
If $sAD_DNSDomainParam <> "" Then   If $sAD_HostServerParam = "" OR $sAD_ConfigurationParam == "" Then Return SetError(SOME ERROR INFO) EndIf


#113 water

water

    ?

  • MVPs
  • 15,309 posts

Posted 28 March 2010 - 01:00 PM

@Joe2010
Thanks a lot for testing. All problems will be fixed in version 0.38.
UDFs:
Active Directory (NEW 2014-07-21 - Version 1.4.1.1) - Download - General Help & Support - Example Scripts - Wiki
OutlookEX (NEW 2014-07-27 - Version 1.0.0.0) - Download - General Help & Support - Example Scripts - Wiki
ExcelChart (2013-01-21 - Version 0.3.1.1) - Download - General Help & Support - Example Scripts
Excel - Example Scripts - Wiki
Word - Wiki
Tutorials:
ADO - Wiki

#114 water

water

    ?

  • MVPs
  • 15,309 posts

Posted 28 March 2010 - 01:06 PM

please add the option "User must change password at next logon" to Func _AD_SetPassword.

The function _AD_SetPasswordExpired already sets "pwdLastSet" to 0. I could extend the function to let you set it to -1.
What do you think? Does this make more sense?
UDFs:
Active Directory (NEW 2014-07-21 - Version 1.4.1.1) - Download - General Help & Support - Example Scripts - Wiki
OutlookEX (NEW 2014-07-27 - Version 1.0.0.0) - Download - General Help & Support - Example Scripts - Wiki
ExcelChart (2013-01-21 - Version 0.3.1.1) - Download - General Help & Support - Example Scripts
Excel - Example Scripts - Wiki
Word - Wiki
Tutorials:
ADO - Wiki

#115 water

water

    ?

  • MVPs
  • 15,309 posts

Posted 28 March 2010 - 01:10 PM

how can you create a user in AD to lets say... groups\division1\ so the OU is groups, which has another folder in it named division1

You have to specify the OU in the form "OU=groups,OU=division1,DC=microsoft,DC=com"
UDFs:
Active Directory (NEW 2014-07-21 - Version 1.4.1.1) - Download - General Help & Support - Example Scripts - Wiki
OutlookEX (NEW 2014-07-27 - Version 1.0.0.0) - Download - General Help & Support - Example Scripts - Wiki
ExcelChart (2013-01-21 - Version 0.3.1.1) - Download - General Help & Support - Example Scripts
Excel - Example Scripts - Wiki
Word - Wiki
Tutorials:
ADO - Wiki

#116 water

water

    ?

  • MVPs
  • 15,309 posts

Posted 28 March 2010 - 01:20 PM

Am I misunderstanding the return value from _AD_Open?

Yes and No :(
I tried to put as much error checking into _AD_Open as possible. Unfortunately a check for correct user credentials is not possible as this information is not returned at the time the conncection is opened. The function returns 1 even when you specifiy an incorrect password but will crash as soon as you call another _AD-function.
We already opened a ticket.

Error checking will be enhanced in version 0.38.

Edited by water, 28 March 2010 - 01:24 PM.

UDFs:
Active Directory (NEW 2014-07-21 - Version 1.4.1.1) - Download - General Help & Support - Example Scripts - Wiki
OutlookEX (NEW 2014-07-27 - Version 1.0.0.0) - Download - General Help & Support - Example Scripts - Wiki
ExcelChart (2013-01-21 - Version 0.3.1.1) - Download - General Help & Support - Example Scripts
Excel - Example Scripts - Wiki
Word - Wiki
Tutorials:
ADO - Wiki

#117 Joe2010

Joe2010

    Seeker

  • Active Members
  • 11 posts

Posted 29 March 2010 - 10:27 AM

The function _AD_SetPasswordExpired already sets "pwdLastSet" to 0. I could extend the function to let you set it to -1.
What do you think? Does this make more sense?


Hi Water,

i can't find the function _AD_SetPasswordExpired. There is only _AD_DisablePasswordExpire in AD 0.37. I think an opposite function would be great.
But the "pwdLastSet" = 0 - param in the Func _AD_SetPassword makes a lot of sense. For example if an user forget his password and i set it to "1234", the user must promptly change his password at next logon.

#118 water

water

    ?

  • MVPs
  • 15,309 posts

Posted 29 March 2010 - 11:16 AM

I can't find the function _AD_SetPasswordExpired.

Your are right. It's still in the pipeline for version 0.38.
I'll think about it and hope to come up with a good solution.
UDFs:
Active Directory (NEW 2014-07-21 - Version 1.4.1.1) - Download - General Help & Support - Example Scripts - Wiki
OutlookEX (NEW 2014-07-27 - Version 1.0.0.0) - Download - General Help & Support - Example Scripts - Wiki
ExcelChart (2013-01-21 - Version 0.3.1.1) - Download - General Help & Support - Example Scripts
Excel - Example Scripts - Wiki
Word - Wiki
Tutorials:
ADO - Wiki

#119 Joe2010

Joe2010

    Seeker

  • Active Members
  • 11 posts

Posted 29 March 2010 - 11:29 AM

Hi Water,

on the subject of >>can't handle OrganizationalUnits with a slash in the name (for example: "Accounts/Controlling")<<, I found some other affected functions.
Additionally I added the code lines below in case the bug would be fixed @Server2008 for example (it should be :().

Func _AD_FQDNToSamAccountName($sAD_FQDN)     ; added by Joe2010     ;AD BUG: In case the bug is fixed declare right given slashs "wrong"     $sAD_FQDN = StringReplace($sAD_FQDN, "\/", "/")     ;AD BUG: Declare wrong given slashs "/" from AD as special character "\/" (normaly it's job of Active Directory for example the special character: comma)     $sAD_FQDN = StringReplace($sAD_FQDN, "/", "\/")     ; added by Joe2010     Local $oAD_Object = _AD_ObjGet("LDAP://" & $sAD_HostServer & "/" & $sAD_FQDN)     If $oAD_Object = 0 Then Return SetError(1, 0, "")     Local $sAD_Result = $oAD_Object.sAMAccountName     Return $sAD_Result EndFunc   ;==>_AD_FQDNToSamAccountName

Func _AD_FQDNToDisplayname($sAD_FQDN)     ; added by Joe2010     ;AD BUG: In case the bug is fixed declare right given slashs "wrong"     $sAD_FQDN = StringReplace($sAD_FQDN, "\/", "/")     ;AD BUG: Declare wrong given slashs "/" from AD as special character "\/" (normaly it's job of Active Directory for example the special character: comma)     $sAD_FQDN = StringReplace($sAD_FQDN, "/", "\/")     ; added by Joe2010     Local $oAD_Item = _AD_ObjGet("LDAP://" & $sAD_HostServer & "/" & $sAD_FQDN)     If IsObj($oAD_Item) Then         Local $sAD_Name = $oAD_Item.name         $sAD_Name = StringTrimLeft($sAD_Name, 3)         $sAD_Name = StringReplace($sAD_Name, "\,", ",")         Return $sAD_Name     Else         Return SetError(1, 0, "")     EndIf EndFunc   ;==>_AD_FQDNToDisplayname

AutoIt         
Func _AD_GetPasswordInfo($sAD_Object = @UserName)     If _AD_ObjectExists($sAD_Object) = 0 Then Return SetError(1, 0, "")     ; changed by Joe2010     If StringMid($sAD_Object, 3, 1) <> "=" Then         $sAD_Object = _AD_SamAccountNameToFQDN($sAD_Object) ; sAMAccountName provided     Else         ; added by Joe2010         ;AD BUG: In case the bug is fixed declare right given slashs "wrong"         $sAD_Object = StringReplace($sAD_Object, "\/", "/")         ;AD BUG: Declare wrong given slashs "/" from AD as special character "\/" (normaly it's job of Active Directory for example the special character: comma)         $sAD_Object = StringReplace($sAD_Object, "/", "\/")         ; added by Joe2010     EndIf     ; by Joe2010     Local $sAD_PwdLastChanged     Local $iAD_Error = 0     Local $aAD_PwdInfo[10] = [9]     Local $oAD_Object = ObjGet("LDAP://" & $sAD_DNSDomain)     $aAD_PwdInfo[1] = Int(_AD_Int8ToSec($oAD_Object.Get("maxPwdAge"))) / 86400 ; Convert to Days     $aAD_PwdInfo[2] = _AD_Int8ToSec($oAD_Object.Get("minPwdAge")) / 86400 ; Convert to Days     $aAD_PwdInfo[3] = $oAD_Object.Get("pwdHistoryLength")     $aAD_PwdInfo[4] = $oAD_Object.Get("minPwdLength")     $aAD_PwdInfo[5] = _AD_Int8ToSec($oAD_Object.Get("lockoutDuration")) / 60 ; Convert to Minutes     $aAD_PwdInfo[6] = $oAD_Object.Get("lockoutThreshold")     $aAD_PwdInfo[7] = _AD_Int8ToSec($oAD_Object.Get("lockoutObservationWindow")) / 60 ; Convert to Minutes     Local $oAD_User = _AD_ObjGet("LDAP://" & $sAD_HostServer & "/" & $sAD_Object)     ; Is user account password set to expire     Local $iAD_UAC = $oAD_User.userAccountControl     If BitAND($iAD_UAC, $ADS_UF_DONT_EXPIRE_PASSWD) = $ADS_UF_DONT_EXPIRE_PASSWD Then         $aAD_PwdInfo[9] = "Password does not expire"         $iAD_Error = 2     Else         ; Has user account password been changed before         $sAD_PwdLastChanged = $oAD_User.PasswordLastChanged         If $iAD_COMError = 3 Then             $aAD_PwdInfo[8] = "Password has never been set"             $iAD_Error = 3         Else             $aAD_PwdInfo[8] = StringLeft($sAD_PwdLastChanged, 4) & "/" & StringMid($sAD_PwdLastChanged, 5, 2) & "/" & StringMid($sAD_PwdLastChanged, 7, 2) & _                     " " & StringMid($sAD_PwdLastChanged, 9, 2) & ":" & StringMid($sAD_PwdLastChanged, 11, 2) & ":" & StringMid($sAD_PwdLastChanged, 13, 2)             $aAD_PwdInfo[9] = _DateAdd("d", $aAD_PwdInfo[1], $aAD_PwdInfo[8])         EndIf     EndIf     Return SetError($iAD_Error, 0, $aAD_PwdInfo) EndFunc   ;==>_AD_GetPasswordInfo


Greetings and
thanks a lot for your nice work!

#120 water

water

    ?

  • MVPs
  • 15,309 posts

Posted 29 March 2010 - 11:36 AM

on the subject of >>can't handle OrganizationalUnits with a slash in the name (for example: "Accounts/Controlling")<<, I found some other affected functions.

Thanks a lot for the info.
I will incorporate the changes in the next version. The original UDF by John Clelland already has a function _AD_FixSpecialChars to insert or remove special characters. So I will use this in version 0.38.

BTW: Do you think your code will work? I didn't test it but I think it will change "\/" to "/" and in the next statement back to "\/" again.
; added by Joe2010 ;AD BUG: In case the bug is fixed declare right given slashs "wrong" $sAD_FQDN = StringReplace($sAD_FQDN, "\/", "/") ;AD BUG: Declare wrong given slashs "/" from AD as special character "\/" $sAD_FQDN = StringReplace($sAD_FQDN, "/", "\/") ; added by Joe2010

Edited by water, 29 March 2010 - 11:38 AM.

UDFs:
Active Directory (NEW 2014-07-21 - Version 1.4.1.1) - Download - General Help & Support - Example Scripts - Wiki
OutlookEX (NEW 2014-07-27 - Version 1.0.0.0) - Download - General Help & Support - Example Scripts - Wiki
ExcelChart (2013-01-21 - Version 0.3.1.1) - Download - General Help & Support - Example Scripts
Excel - Example Scripts - Wiki
Word - Wiki
Tutorials:
ADO - Wiki




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users