Active Directory Scripts

srkonus · September 1, 2009

Hi all,

this is my first post here in the forum. I used autoit in the office to change client settings like word security, set environment variable and so on. Now i try to write a script that compares two users and change user1 to the same settings user2 has (loginscript path, home folder path and so on).

Because of that autoit has no active directory functions i found this threat. But i have some problems with the ad functions:

- Which version is the latest?

- I can include the functions but have no auto completion in the editor - how to turn it on?

- Where can i find a description of the functions and parameters of them?

- Where can i find some examples of the functions?

I hope that somebody here can help me.

kind regards

devilman16 · September 2, 2009

Hi srkonus,

unfortunately I think this adfunctions are not really supported (waiting for help on my last post),

but let me help you a little:

- Which version is the latest?

Latest Version: 3.3.2

- I can include the functions but have no auto completion in the editor - how to turn it on?

I think adfunctions.au3 is not inplemented in Scite

- Where can i find a description of the functions and parameters of them?

In the adfunctions.au3 itself, there are descriptions how to use the functions, and which variables to send.

- Where can i find some examples of the functions?

In this forum, just search a little bit, but they are only hole scripts not really examples.

hope this helps a bit.

GEOSoft · September 2, 2009

The link to the file is in the first post of this thread. Since it is not a standard AutoIt UDF which is included with the AutoIt installation there is no auto-complete in Scite for it, although you could create one yourself. Each function in the file will have the information about parameters included in the function header.

Johny Clelland · September 8, 2009

Hi DevilMan,

You are correct that the format of that OU structure is wrong in the comments for CreateUser and CreateGroup. I will update the comments next time I upload the code.

The reason you are getting the user created as Disabled is because this is the default when you call a create function in this manner. To resolve, simply use _ADEnableAccount to enable the account after creation.

You are getting Description of 'FALSE' because you have performed a comparison in the description argument '$description = "User"', where you should just have put the $description variable you setup.

It would also appear that I never actually set the FName and LName fields, just used these to create the full name of 'LName, FName'.

Add these two lines to the function, under the $ObjUser.Put("description... line to add these;

$ObjUser.Put("givenName", $fname)

$ObjUser.Put("sn", $lname)

That should add those to attributes during creation.

Let me know if this helps,

Johny.

Hello Johny Clelland,

first I want to thank you for your great work.
I am using Autoit since a year I think, but just started with using it in AD.
I am using your latest version 3.3.2 and started with a small script for changing our Users Out Of Office reply wich works like a charm.
Now my new project is to work on an automated User creation, and there are my first problems.

First I think the description for _ADCreateUser and _ADCreateGroup is wrong when it comes to the OU where the user has to be created.
The format is described like:
line 190 and 220: $userou = OU to create the group in. Form is "sampleou=ou, sampleparent=ou, sampledomain1=dc, sampledomain2=dc, sampledomain3=dc"
But its not working for me, instead the description of _ADAudit seams to be the right one also for _ADCreate...:
line 1928: Takes the ou, in the form "ou=Users, ou=Department, dc=mycompany, dc=com"
But if I am trying this:
$userou = "ou=Users, ou=Department, dc=mycompany, dc=com"
$user = "josemair"
$fname = "Josef"
$lname = "Mair"
$description = "this is a Autoit test"
$result = _ADCreateUser($userou, $user, $fname, $lname, $description = "User")
Then I get the user in the right OU with right username but the user is disabled with description "FALSE" and the fname and lname is not in the right field:

Can you help me in this point?
I am using Server 2003 as DC.

Thanks a lot.

skippynz · September 17, 2009

hi - i have been using the adfuctions include for a while and its a great tool but sporatically im getting the an error "Variable must be of type 'Object'." - its completely random and only seems to affect users while running from the login script - i use the following commands in the login script but i havent tracked down which command is giving me the issue

_ADObjectExists($user_groups[$y][1])

_ADSamAccountNametoFQDN($user_groups[$y][1])

_ADSamAccountNametoFQDN(@UserName)

_ADIsMemberOf($group, $user)

any help would be appreciated

cheers

craig

supahfly · September 28, 2009

Hi guys,

Good looking scripts.

But too bad it's not what i'm looking for. Maybe someone can help me out but it is realy challenging....

I want to create an report with users and their current mailbox size(not mailbox limits) from exchange. and that for eeach OU.

mind dazzeling huh?

I hope there are some smart people. (iam not from that group ^^)

Regards.

water · September 29, 2009

Here is a script to collect the mailbox size. Now you would only have to sum it up by OU. Quite easy:whistle:

Be sure you have the required access rights on the exchange server. In my environment it doesn't work.

Edited September 29, 2009 by water

GEOSoft · September 29, 2009

Here is a script to collect the mailbox size. Now you would only have to sum it up by OU. Quite easy:whistle:

Now that's what I call clean code.

supahfly · September 29, 2009

Here is a script to collect the mailbox size. Now you would only have to sum it up by OU. Quite easy:whistle:
Be sure you have the required access rights on the exchange server. In my environment it doesn't work.

Thx Water!

Yes i have seen that. But can you explain that "Quite easy:whistle:"

that "have to sum it up" is still a headache thing

water · September 29, 2009

Hi supahfly,

in my opinion it's not 'quite easy' - therefore the emoticon.

You get the mailbox sizes for one exchange server from the script. You get the OUs from adfunctions. The hard part is to combine this two parts. What if you have more then one exchange server? And so on ...

BTW: Could you please open a new topic? This is to discuss the adfunctions UDF. For all other AD related topics I would create a new one.

Edited September 29, 2009 by water

cherdeg · September 29, 2009

@nyone: Hey, if you just stumble over this UDF, and decide you like it (or just use it), please go to http://www.autoitscript.com/forum/index.php?showtopic=103158 and let your opinion be counted. BTW: Great idea, water!

Edited September 29, 2009 by cherdeg

Tec · September 30, 2009

Hi

I play with the funktion _ADGetUserGroups and I see, there is no PrimaryGroup in the array.

So I make some changes at _ADGetUserGroups:

Func _ADGetUserGroups(ByRef $usergroups, $user = @UserName)
    Local $oUsr

    $strQuery = "<LDAP://" & $strHostServer & "/" & $strDNSDomain & ">;(sAMAccountName=" & $user & ");ADsPath;subtree"
    $objRecordSet = $objConnection.Execute ($strQuery)
    $ldap_entry = $objRecordSet.fields (0).value
    $oUsr = ObjGet($ldap_entry)
    
    $usergroups = $oUsr.GetEx ("memberof")
    For $i = 0 To UBound($usergroups)-1
        $Zf = Stringsplit($usergroups[$i],"=")
        $Zf = Stringsplit($Zf[2],",")
        $usergroups[$i] = $Zf[1]
    Next    

    $strQuery = "<LDAP://" & $strHostServer & "/" & $strDNSDomain & ">;(objectCategory=group);cn,primaryGroupToken;subtree"
    $objRecordSet = $objConnection.Execute ($strQuery)
    
    While Not $objRecordSet.EOF
        If $objRecordSet.Fields("primaryGroupToken" ).Value = $oUsr.primaryGroupID Then
            $primaryGroup = $objRecordSet.Fields("cn" ).Value
        EndIf
        $objRecordSet.MoveNext
    WEnd
    _ArrayAdd($usergroups,$primaryGroup)
    
    $oUsr = 0
    
    $count = UBound($usergroups)
    _ArrayInsert($usergroups, 0, $count)
EndFunc

Works for me ;-)

GerhardSchr · October 5, 2009

hi

i have an problem with _ADDNToSamAccountName:

GetGroupMembers return me for example the following:

"CN=LASTNAME\, FIRMSTNAME,OU=STREET,OU=Standorte,OU=BB-Benutzer,DC=TOWN,DC=FIRM,DC=de"

so i have delate the "\", but _ADDNToSamAccountName think the "," is a seperator....

How can i solve these problem?

PS.:Sorry for bad english

Thanks

GerhardSchr

GerhardSchr · October 5, 2009

Sory but i can not edit my post:

if i use dsquery and dsget in the cmd it works

devilman16 · October 6, 2009

Supahfly;

Did you ever get this working? I'm trying to accomplish this and came across your post. Didn't know if you had solved the problem already.

Any help would be greatly appreciated.

Thanks.

I have used _ADUserCreateMailbox successfully but its a little bit tricky to find out the right values for the variables:

($user, $mdbstore, $store, $server, $admingroup, $domain, $emaildomain)

The best way would be start adsiedit (Info Download) and see a user attribute homeMDB.

You get sometihng like this where this parts are the variables:

CN=$mdbstore,CN=$store,CN=InformationStore,CN=$server,CN=Servers,CN=$admingroup,CN=Administrative Groups,CN=$emaildomain,CN=Microsoft Exchange,CN=Services,CN=Configuration,$domain

The only thing what was strange on my part was that $domain was in this format "DC=domain,DC=local" where my domain is named "domain.local"

@Johny Clelland

Thank you very much for your help, now its working perfect!

The only thing what is not working for me is setting the AD-attribute "protocolSettings" where is stored if Outlook Web Access, POP3 or IMAP is activated or not.

The problem is I know how to set normal strings with .put method but this is an multi line array value which has to set with .putEx I think.

I searched a lot but everything I tried didn't worked for me.

Probably anyone has a excample for me or already has set multiline values in AD?

Thanks for your help!

edit

I have found the correct usage by myself:

$ObjUser.PutEx(2,"protocolSettings",$owa)

.PutEx ...cause the value is an array

2 ...for three lines of the $owa array to write

$owa ...the array with the lines to write to protocolSettings

In the end it works

/edit

Edited October 7, 2009 by devilman16

EndFunc · November 2, 2009

Hi

I play with the funktion _ADGetUserGroups and I see, there is no PrimaryGroup in the array.

So I make some changes at _ADGetUserGroups:

Func _ADGetUserGroups(ByRef $usergroups, $user = @UserName)
    Local $oUsr

    $strQuery = "<LDAP://" & $strHostServer & "/" & $strDNSDomain & ">;(sAMAccountName=" & $user & ");ADsPath;subtree"
    $objRecordSet = $objConnection.Execute ($strQuery)
    $ldap_entry = $objRecordSet.fields (0).value
    $oUsr = ObjGet($ldap_entry)
    
    $usergroups = $oUsr.GetEx ("memberof")
    For $i = 0 To UBound($usergroups)-1
        $Zf = Stringsplit($usergroups[$i],"=")
        $Zf = Stringsplit($Zf[2],",")
        $usergroups[$i] = $Zf[1]
    Next    

    $strQuery = "<LDAP://" & $strHostServer & "/" & $strDNSDomain & ">;(objectCategory=group);cn,primaryGroupToken;subtree"
    $objRecordSet = $objConnection.Execute ($strQuery)
    
    While Not $objRecordSet.EOF
        If $objRecordSet.Fields("primaryGroupToken" ).Value = $oUsr.primaryGroupID Then
            $primaryGroup = $objRecordSet.Fields("cn" ).Value
        EndIf
        $objRecordSet.MoveNext
    WEnd
    _ArrayAdd($usergroups,$primaryGroup)
    
    $oUsr = 0
    
    $count = UBound($usergroups)
    _ArrayInsert($usergroups, 0, $count)
EndFunc

Works for me ;-)

I've been trying to get this to work. Do you have an example of how to use it?? I sometimes have issues with the ByRef part of the function. I had an issue with several of the functions because there are no examples of use. Many I've figured out but it's not as clear as it could be. However nice work on the UDF. Edited November 2, 2009 by EndFunc

water · December 7, 2009

Just wanted to inform you that I started to make a real UDF out of Jonathan Clelland adfunctions.au3. This UDF includes examples, help files, ScITE integration etc.

The read-only functions have been finished (just a little bit of discussion is needed with Jonathan).

Please drop me a note if

you find spelling errors (I'm sure you will as I'm no native speaker)
find errors in the UDF or the example scripts
the description in the help files is misleading or incomplete
functions you would like to see are missing

I'm glad for any information you're going to send me.

Next step will be to convert the remaining functions.

As I don't have write access to our AD I need some volunteers to test the new functions. Anyone?

Yogui · December 7, 2009

Hello,

I shall like using this UDF but I do not manage to put on her(it)...

I work under active directory Microsoft under Windows 2003 and I have this error message:

C:\Program Files\AutoIt3\Include\adfunctions.au3 (81) : ==> Variable must be of type "Object".:

$objConnection.ConnectionString = "Provider=ADsDSOObject"

$objConnection^ ERROR

I does not include the error can use me?

Yogui

Saddened for my English me use a translator

water · December 7, 2009

Bonjour Yogui,

which version of adfunctions do you use?

Do you want to use the adfunctions written by John Clelland or my AD.au3 (a converted version of John Clellands adfunctions.au3 which you can find here)?

To really help you, could you please post your code and describe what you try to do with adfunctions?

Edited December 7, 2009 by water

Yogui · December 9, 2009

Bonjour Yogui,

which version of adfunctions do you use?
Do you want to use the adfunctions written by John Clelland or my AD.au3 (a converted version of John Clellands adfunctions.au3 which you can find here)?

To really help you, could you please post your code and describe what you try to do with adfunctions?

I made out a will with both versions the error is always the same.

A specification of my domain is that it has of no extenssion (not compulsory for the time or I have to install the first one to controleur) the problem comes can be of it...

exemple :

#include <adfunctions.au3>
#include <array.au3>
Global $asUsergroups
_ADGetUserGroups($asUsergroups)
For $i = 1 To $asUsergroups[0]
    $Zf = Stringsplit($asUsergroups[$i],"=")
    $Zf = Stringsplit($Zf[2],",")
    $asUsergroups[$i] = $Zf[1]
Next
_Arraydisplay($asUsergroups)

>Running:(3.3.0.0):C:\Program Files\AutoIt3\autoit3.exe "C:\Documents and Settings\yogui\Bureau\testad.au3"    
C:\Program Files\AutoIt3\Include\adfunctions.au3 (81) : ==> Variable must be of type "Object".:
$objConnection.ConnectionString = "Provider=ADsDSOObject"
$objConnection^ ERROR
->09:59:09 AutoIT3.exe ended.rc:1
+>09:59:11 AutoIt3Wrapper Finished
>Exit code: 1    Time: 1.870

Edited December 9, 2009 by Yogui

Active Directory Scripts

Recommended Posts

Link to comment

Share on other sites

Top Posters In This Topic

Top Posters In This Topic

Popular Posts

Johny Clelland

water

Link to comment

Share on other sites

Link to comment

Share on other sites

Link to comment

Share on other sites

Link to comment

Share on other sites

Link to comment

Share on other sites

Link to comment

Share on other sites

Link to comment

Share on other sites

Link to comment

Share on other sites

Link to comment

Share on other sites

Link to comment

Share on other sites

Link to comment

Share on other sites

Link to comment

Share on other sites

Link to comment

Share on other sites

Link to comment

Share on other sites

Link to comment

Share on other sites

Link to comment

Share on other sites

Link to comment

Share on other sites

Link to comment

Share on other sites

Link to comment

Share on other sites

Create an account or sign in to comment

Create an account

Sign in

Recently Browsing 0 members