Jump to content

Search the Community

Showing results for tags 'active directory'.

  • Search By Tags

    Type tags separated by commas.
  • Search By Author

Content Type


Forums

  • General
    • Announcements and Site News
    • Administration
  • AutoIt v3
    • AutoIt Help and Support
    • AutoIt Technical Discussion
    • AutoIt Example Scripts
  • Scripting and Development
    • Developer General Discussion
    • Language Specific Discussion
  • IT Administration
    • Operating System Deployment
    • Windows Client
    • Windows Server
    • Office

Categories

  • AutoIt Team
    • Beta
    • MVP
  • AutoIt
    • Automation
    • Databases and web connections
    • Data compression
    • Encryption and hash
    • Games
    • GUI Additions
    • Hardware
    • Information gathering
    • Internet protocol suite
    • Maths
    • Media
    • PDF
    • Security
    • Social Media and other Website API
    • Windows
  • Scripting and Development
  • IT Administration
    • Operating System Deployment
    • Windows Client
    • Windows Server
    • Office

Find results in...

Find results that contain...


Date Created

  • Start

    End


Last Updated

  • Start

    End


Filter by number of...

Joined

  • Start

    End


Group


Member Title


Location


WWW


Interests

  1. As the Active Directory UDF - Help & Support thread has grown too big, I start a new one. The original thread can be found here.
  2. Scope of this script is to compare the users membership of two or more AD Groups, to understand complex active directory environments, and find groups/users overlapping. So you can retrieve the list of groups, select 2 or more groups and obtain a list with the membership of every user. The list is processed in sqlite and exported as a CSV file. Thank always to @water for the mighty active directory UDF. You will need also my _gollog UDF for logging. CompareADGroups.au3
  3. Version 1.6.2.0

    16,442 downloads

    Extensive library to control and manipulate Microsoft Active Directory. Threads: Development - General Help & Support - Example Scripts - Wiki Previous downloads: 30467 Known Bugs: (last changed: 2020-10-05) None Things to come: (last changed: 2020-07-21) None BTW: If you like this UDF please click the "I like this" button. This tells me where to next put my development effort
  4. Below are some functions that I created when I needed to get some Group Policy information via script. The quickest way I found to get this information was using the Group Policy Module for PowerShell. This is not a full UDF for the Group Policy Module. There are a lot more options available with the cmdlets, and this only touches on a few. To use the functions below, for a Windows client, you will need to install Remote Server Administration Tools (RSAT). For Windows Server 2012 or later, you will need to install the Group Policy Management Console. Remote Server Administration Tools (RSAT) Installing the Group Policy Management Console via PowerShell for Windows Server 2012 or later. Run in an Admin PowerShell prompt. Install-WindowsFeature –Name GPMC PowerShell Group Policy Module Documentation For the example below, the AD UDF is only required to query GPO names, but is not required to use the functions. #include <AD.au3> #include <WinAPIFiles.au3> Global $sLDAPFilter = "(name=*)" Global $sExcludeFilter = "" Global $sIncludeFilter = "" Global $sBaseDN = "DC=ad,DC=university,DC=edu" Global $sDataToRetrieve = "sAMAccountName" $sIncludeFilter = "(&(displayName=LIBS-*))" ;GPO Names. $sLDAPFilter = "(&(objectClass=groupPolicyContainer)" & $sExcludeFilter & $sIncludeFilter & ")" $sDataToRetrieve = "displayName,name" _AD_Open() Global $aGPONames = _AD_GetObjectsInOU($sBaseDN, $sLDAPFilter, 2, $sDataToRetrieve) If @error Then MsgBox(64, "Active Directory Functions", "No objects found") Exit _AD_Close() EndIf _AD_Close() ;Add column headers to the output array. Global $aDataToRetrieve = StringSplit($sDataToRetrieve, ",", 2) For $i = 0 To UBound($aGPONames, 2) - 1 Step 1 $aGPONames[0][$i] = $aDataToRetrieve[$i] Next _ArraySort($aGPONames) _ArrayDisplay($aGPONames, "LIBS GPOs") ;For Testing. Global $aGPOPermissions = _AD_GetGPOPermissionsPS($aGPONames[1][0]) If @error Then Exit 1 _ArrayDisplay($aGPOPermissions, $aGPONames[1][0]) Global $sOU = "OU=libs,OU=active,DC=ad,DC=university,DC=edu" Global $aGPOLinks = _AD_GetGPOLinksPS($sOU) If @error Then Exit 2 _ArrayDisplay($aGPOLinks, $sOU) Global $aGPOInheritedLinks = _AD_GetGPOInheritedLinksPS($sOU) If @error Then Exit 2 _ArrayDisplay($aGPOInheritedLinks, $sOU) Global $aGPOs = _AD_GetAllGPOsPS() If @error Then Exit 3 _ArraySort($aGPOs) _ArrayDisplay($aGPOs, "GPOs") Global $aGPOName = _AD_GetGPOByNamePS($aGPONames[1][0]) If @error Then Exit 4 _ArrayDisplay($aGPOName, $aGPONames[1][0]) Global $aGPOGuid = _AD_GetGPOByGuidPS($aGPONames[1][1]) If @error Then Exit 5 _ArrayDisplay($aGPOGuid, $aGPONames[1][1]) Global $sReportName = "C:\Users\adamul\Desktop\Group Policy Object (GPO) PowerShell\Reports\" & $aGPONames[1][0] & ".html" _AD_GetGPOReportByNamePS($aGPONames[1][0], $sReportName) If @error Then Exit 6 Global $sReportGUID = "C:\Users\adamul\Desktop\Group Policy Object (GPO) PowerShell\Reports\" & $aGPONames[1][1] & ".html" _AD_GetGPOReportByGuidPS($aGPONames[1][1], $sReportGUID) If @error Then Exit 6 Func _AD_GetGPOPermissionsPS($sGPOName) ;An array of permission level for one or more security principals on a specified GPO. Local $sGPOCmd = 'powershell "Import-Module GroupPolicy; Get-GPPermissions -Name ''' & $sGPOName & ''' -All"' ConsoleWrite($sGPOCmd & @CRLF) ;Turn off redirection for a 32-bit script on 64-bit system. If @OSArch = "X64" And Not @AutoItX64 Then _WinAPI_Wow64EnableWow64FsRedirection(False) Local $iPIDGPOCmd = Run($sGPOCmd, @SystemDir, @SW_HIDE, $STDERR_MERGED) ProcessWaitClose($iPIDGPOCmd) ;Turn on redirection for a 32-bit script on 64-bit system. If @OSArch = "X64" And Not @AutoItX64 Then _WinAPI_Wow64EnableWow64FsRedirection(True) Local $sGPOCmdOutput = StringStripWS(StdoutRead($iPIDGPOCmd), 3) ;~ ConsoleWrite($sGPOCmdOutput & @CRLF & @CRLF) ;For testing. Local $iGPOCmdOutputSS = StringInStr($sGPOCmdOutput, @CRLF & @CRLF) If $iGPOCmdOutputSS = 0 Then Return SetError(1, 0, 0) Local $sGPOCmdOutputSS = StringMid($sGPOCmdOutput, 1, $iGPOCmdOutputSS) ;~ ConsoleWrite(@CRLF & @CRLF & $sGPOCmdOutputSS & @CRLF) Local $sRegEx = "([^:\r\n]*):.*" Local $aProperties = StringRegExp($sGPOCmdOutputSS, $sRegEx, 3) ;~ _ArrayDisplay($aProperties) ;For testing. If StringInStr($sGPOCmdOutput, "ArgumentException") Then Return SetError(2, 0, 0) ;Get data on multiple lines to a single line. $sGPOCmdOutput = StringRegExpReplace($sGPOCmdOutput, "(\r\n\h{2,})", "") Local $aGPOCmdOutput = StringSplit($sGPOCmdOutput, @CRLF & @CRLF, 1) ;~ _ArrayDisplay($aGPOCmdOutput) ;For testing. ;Convert from a list output to a 2D array. Local $aGPOCmdOutput2D[$aGPOCmdOutput[0]][UBound($aProperties)] Local $aTemp For $i = 1 To $aGPOCmdOutput[0] Step 1 $aTemp = StringSplit($aGPOCmdOutput[$i], @CRLF, 1) For $j = 1 To $aTemp[0] Step 1 For $k = 0 To UBound($aProperties) - 1 Step 1 If StringInStr($aTemp[$j], $aProperties[$k]) Then $aGPOCmdOutput2D[$i - 1][$k] = StringStripWS(StringReplace($aTemp[$j], $aProperties[$k] & ":", ""), 3) EndIf Next Next Next ;~ _ArrayDisplay($aGPOCmdOutput2D) ;For testing. For $i = 0 To UBound($aProperties) - 1 Step 1 $aProperties[$i] = StringStripWS($aProperties[$i], 3) Next _ArrayTranspose($aProperties) _ArrayConcatenate($aProperties, $aGPOCmdOutput2D) Return $aProperties EndFunc ;==>_AD_GetGPOPermissionsPS Func _AD_GetGPOLinksPS($sOUName) ;An array of GPOs that are linked directly to the location. Local $sGPOCmd = 'powershell "Import-Module GroupPolicy; (Get-GPInheritance -Target ''' & $sOUName & "').GpoLinks" ConsoleWrite($sGPOCmd & @CRLF) ;Turn off redirection for a 32-bit script on 64-bit system. If @OSArch = "X64" And Not @AutoItX64 Then _WinAPI_Wow64EnableWow64FsRedirection(False) Local $iPIDGPOCmd = Run($sGPOCmd, @SystemDir, @SW_HIDE, $STDERR_MERGED) ProcessWaitClose($iPIDGPOCmd) ;Turn on redirection for a 32-bit script on 64-bit system. If @OSArch = "X64" And Not @AutoItX64 Then _WinAPI_Wow64EnableWow64FsRedirection(True) Local $sGPOCmdOutput = StringStripWS(StdoutRead($iPIDGPOCmd), 3) ;~ ConsoleWrite($sGPOCmdOutput & @CRLF & @CRLF) ;For testing. Local $iGPOCmdOutputSS = StringInStr($sGPOCmdOutput, @CRLF & @CRLF) If $iGPOCmdOutputSS = 0 Then Return SetError(1, 0, 0) Local $sGPOCmdOutputSS = StringMid($sGPOCmdOutput, 1, $iGPOCmdOutputSS) ;~ ConsoleWrite(@CRLF & @CRLF & $sGPOCmdOutputSS & @CRLF) ;For testing. Local $sRegEx = "([^:\r\n]*):.*" Local $aProperties = StringRegExp($sGPOCmdOutputSS, $sRegEx, 3) ;~ _ArrayDisplay($aProperties) ;For testing. If StringInStr($sGPOCmdOutput, "ArgumentException") Then Return SetError(1, 0, 0) ;Get data on multiple lines to a single line. $sGPOCmdOutput = StringRegExpReplace($sGPOCmdOutput, "(\r\n\h{2,})", "") Local $aGPOCmdOutput = StringSplit($sGPOCmdOutput, @CRLF & @CRLF, 1) ;~ _ArrayDisplay($aGPOCmdOutput) ;For testing. ;Convert from a list output to a 2D array. Local $aGPOCmdOutput2D[$aGPOCmdOutput[0]][UBound($aProperties)] Local $aTemp For $i = 1 To $aGPOCmdOutput[0] Step 1 $aTemp = StringSplit($aGPOCmdOutput[$i], @CRLF, 1) For $j = 1 To $aTemp[0] Step 1 For $k = 0 To UBound($aProperties) - 1 Step 1 If StringInStr($aTemp[$j], $aProperties[$k]) Then $aGPOCmdOutput2D[$i - 1][$k] = StringStripWS(StringReplace($aTemp[$j], $aProperties[$k] & ":", ""), 3) EndIf Next Next Next ;~ _ArrayDisplay($aGPOCmdOutput2D) ;For testing. For $i = 0 To UBound($aProperties) - 1 Step 1 $aProperties[$i] = StringStripWS($aProperties[$i], 3) Next _ArrayTranspose($aProperties) _ArrayConcatenate($aProperties, $aGPOCmdOutput2D) Return $aProperties EndFunc ;==>_AD_GetGPOLinksPS Func _AD_GetGPOInheritedLinksPS($sOUName) ;An array of GPOs that are applied to the location when Group Policy is processed on a client. Local $sGPOCmd = 'powershell "Import-Module GroupPolicy; (Get-GPInheritance -Target ''' & $sOUName & "').InheritedGpoLinks" ConsoleWrite($sGPOCmd & @CRLF) ;Turn off redirection for a 32-bit script on 64-bit system. If @OSArch = "X64" And Not @AutoItX64 Then _WinAPI_Wow64EnableWow64FsRedirection(False) Local $iPIDGPOCmd = Run($sGPOCmd, @SystemDir, @SW_HIDE, $STDERR_MERGED) ProcessWaitClose($iPIDGPOCmd) ;Turn on redirection for a 32-bit script on 64-bit system. If @OSArch = "X64" And Not @AutoItX64 Then _WinAPI_Wow64EnableWow64FsRedirection(True) Local $sGPOCmdOutput = StringStripWS(StdoutRead($iPIDGPOCmd), 3) ;~ ConsoleWrite($sGPOCmdOutput & @CRLF & @CRLF) ;For testing. Local $iGPOCmdOutputSS = StringInStr($sGPOCmdOutput, @CRLF & @CRLF) If $iGPOCmdOutputSS = 0 Then Return SetError(1, 0, 0) Local $sGPOCmdOutputSS = StringMid($sGPOCmdOutput, 1, $iGPOCmdOutputSS) ;~ ConsoleWrite(@CRLF & @CRLF & $sGPOCmdOutputSS & @CRLF) ;For testing. Local $sRegEx = "([^:\r\n]*):.*" Local $aProperties = StringRegExp($sGPOCmdOutputSS, $sRegEx, 3) ;~ _ArrayDisplay($aProperties) ;For testing. If StringInStr($sGPOCmdOutput, "ArgumentException") Then Return SetError(1, 0, 0) ;Get data on multiple lines to a single line. $sGPOCmdOutput = StringRegExpReplace($sGPOCmdOutput, "(\r\n\h{2,})", "") Local $aGPOCmdOutput = StringSplit($sGPOCmdOutput, @CRLF & @CRLF, 1) ;~ _ArrayDisplay($aGPOCmdOutput) ;For testing. ;Convert from a list output to a 2D array. Local $aGPOCmdOutput2D[$aGPOCmdOutput[0]][UBound($aProperties)] Local $aTemp For $i = 1 To $aGPOCmdOutput[0] Step 1 $aTemp = StringSplit($aGPOCmdOutput[$i], @CRLF, 1) For $j = 1 To $aTemp[0] Step 1 For $k = 0 To UBound($aProperties) - 1 Step 1 If StringInStr($aTemp[$j], $aProperties[$k]) Then $aGPOCmdOutput2D[$i - 1][$k] = StringStripWS(StringReplace($aTemp[$j], $aProperties[$k] & ":", ""), 3) EndIf Next Next Next ;~ _ArrayDisplay($aGPOCmdOutput2D) ;For testing. For $i = 0 To UBound($aProperties) - 1 Step 1 $aProperties[$i] = StringStripWS($aProperties[$i], 3) Next _ArrayTranspose($aProperties) _ArrayConcatenate($aProperties, $aGPOCmdOutput2D) Return $aProperties EndFunc ;==>_AD_GetGPOInheritedLinksPS Func _AD_GetAllGPOsPS() ;An array of information on all the GPOs in a domain. Local $sGPOCmd = 'powershell "Import-Module GroupPolicy; Get-GPO -All"' ConsoleWrite($sGPOCmd & @CRLF) ;Turn off redirection for a 32-bit script on 64-bit system. If @OSArch = "X64" And Not @AutoItX64 Then _WinAPI_Wow64EnableWow64FsRedirection(False) Local $iPIDGPOCmd = Run($sGPOCmd, @SystemDir, @SW_HIDE, $STDERR_MERGED) ProcessWaitClose($iPIDGPOCmd) ;Turn on redirection for a 32-bit script on 64-bit system. If @OSArch = "X64" And Not @AutoItX64 Then _WinAPI_Wow64EnableWow64FsRedirection(True) Local $sGPOCmdOutput = StringStripWS(StdoutRead($iPIDGPOCmd), 3) ;~ ConsoleWrite($sGPOCmdOutput & @CRLF & @CRLF) ;For testing. Local $iGPOCmdOutputSS = StringInStr($sGPOCmdOutput, @CRLF & @CRLF) If $iGPOCmdOutputSS = 0 Then Return SetError(1, 0, 0) Local $sGPOCmdOutputSS = StringMid($sGPOCmdOutput, 1, $iGPOCmdOutputSS) ;~ ConsoleWrite(@CRLF & @CRLF & $sGPOCmdOutputSS & @CRLF) ;For testing. Local $sRegEx = "([^:\r\n]*):.*" Local $aProperties = StringRegExp($sGPOCmdOutputSS, $sRegEx, 3) ;~ _ArrayDisplay($aProperties) If StringInStr($sGPOCmdOutput, "ArgumentException") Then Return SetError(1, 0, 0) ;Get data on multiple lines to a single line. $sGPOCmdOutput = StringRegExpReplace($sGPOCmdOutput, "(\r\n\h{2,})", "") Local $aGPOCmdOutput = StringSplit($sGPOCmdOutput, @CRLF & @CRLF, 1) ;~ _ArrayDisplay($aGPOCmdOutput) ;For testing. ;Convert from a list output to a 2D array. Local $aGPOCmdOutput2D[$aGPOCmdOutput[0]][UBound($aProperties)] Local $aTemp For $i = 1 To $aGPOCmdOutput[0] Step 1 $aTemp = StringSplit($aGPOCmdOutput[$i], @CRLF, 1) For $j = 1 To $aTemp[0] Step 1 For $k = 0 To UBound($aProperties) - 1 Step 1 If StringInStr($aTemp[$j], $aProperties[$k]) Then $aGPOCmdOutput2D[$i - 1][$k] = StringStripWS(StringReplace($aTemp[$j], $aProperties[$k] & ":", ""), 3) EndIf Next Next Next ;~ _ArrayDisplay($aGPOCmdOutput2D) ;For testing. For $i = 0 To UBound($aProperties) - 1 Step 1 $aProperties[$i] = StringStripWS($aProperties[$i], 3) Next _ArrayTranspose($aProperties) _ArrayConcatenate($aProperties, $aGPOCmdOutput2D) Return $aProperties EndFunc ;==>_AD_GetAllGPOsPS Func _AD_GetGPOByNamePS($sGPOName) ;An array of information on one Group Policy Object (GPO) in a domain by Display Name. Local $sGPOCmd = 'powershell "Import-Module GroupPolicy; Get-GPO -Name ''' & $sGPOName & '''"' ConsoleWrite($sGPOCmd & @CRLF) ;Turn off redirection for a 32-bit script on 64-bit system. If @OSArch = "X64" And Not @AutoItX64 Then _WinAPI_Wow64EnableWow64FsRedirection(False) Local $iPIDGPOCmd = Run($sGPOCmd, @SystemDir, @SW_HIDE, $STDERR_MERGED) ProcessWaitClose($iPIDGPOCmd) ;Turn on redirection for a 32-bit script on 64-bit system. If @OSArch = "X64" And Not @AutoItX64 Then _WinAPI_Wow64EnableWow64FsRedirection(True) Local $sGPOCmdOutput = StringStripWS(StdoutRead($iPIDGPOCmd), 3) ;~ ConsoleWrite($sGPOCmdOutput & @CRLF & @CRLF) ;For testing. ;Add end of line characters for single return group to be processed. $sGPOCmdOutput = $sGPOCmdOutput & @CRLF & @CRLF Local $iGPOCmdOutputSS = StringInStr($sGPOCmdOutput, @CRLF & @CRLF) If $iGPOCmdOutputSS = 0 Then Return SetError(1, 0, 0) Local $sGPOCmdOutputSS = StringMid($sGPOCmdOutput, 1, $iGPOCmdOutputSS) ConsoleWrite(@CRLF & @CRLF & $sGPOCmdOutputSS & @CRLF) Local $sRegEx = "([^:\r\n]*):.*" Local $aProperties = StringRegExp($sGPOCmdOutputSS, $sRegEx, 3) ;~ _ArrayDisplay($aProperties) ;For testing. If StringInStr($sGPOCmdOutput, "ArgumentException") Then Return SetError(1, 0, 0) ;Get data on multiple lines to a single line. $sGPOCmdOutput = StringRegExpReplace($sGPOCmdOutput, "(\r\n\h{2,})", "") ;Remove last @CRLF to prevent blank row in return array. $sGPOCmdOutput = StringTrimRight($sGPOCmdOutput, 2) Local $aGPOCmdOutput = StringSplit($sGPOCmdOutput, @CRLF & @CRLF, 1) ;~ _ArrayDisplay($aGPOCmdOutput) ;For testing. ;Convert from a list output to a 2D array. Local $aGPOCmdOutput2D[$aGPOCmdOutput[0]][UBound($aProperties)] ;~ _ArrayDisplay($aGPOCmdOutput2D) ;For testing. Local $aTemp For $i = 1 To $aGPOCmdOutput[0] Step 1 $aTemp = StringSplit($aGPOCmdOutput[$i], @CRLF, 1) For $j = 1 To $aTemp[0] Step 1 For $k = 0 To UBound($aProperties) - 1 Step 1 If StringInStr($aTemp[$j], $aProperties[$k]) Then $aGPOCmdOutput2D[$i - 1][$k] = StringStripWS(StringReplace($aTemp[$j], $aProperties[$k] & ":", ""), 3) EndIf Next Next Next ;~ _ArrayDisplay($aGPOCmdOutput2D) ;For testing. For $i = 0 To UBound($aProperties) - 1 Step 1 $aProperties[$i] = StringStripWS($aProperties[$i], 3) Next _ArrayTranspose($aProperties) _ArrayConcatenate($aProperties, $aGPOCmdOutput2D) Return $aProperties EndFunc ;==>_AD_GetGPOByNamePS Func _AD_GetGPOByGuidPS($sGPOGuid) ;An array of information on one Group Policy Object (GPO) in a domain by GUID. Local $sGPOCmd = 'powershell "Import-Module GroupPolicy; Get-GPO -Guid ''' & $sGPOGuid & '''"' ConsoleWrite($sGPOCmd & @CRLF) ;Turn off redirection for a 32-bit script on 64-bit system. If @OSArch = "X64" And Not @AutoItX64 Then _WinAPI_Wow64EnableWow64FsRedirection(False) Local $iPIDGPOCmd = Run($sGPOCmd, @SystemDir, @SW_HIDE, $STDERR_MERGED) ProcessWaitClose($iPIDGPOCmd) ;Turn on redirection for a 32-bit script on 64-bit system. If @OSArch = "X64" And Not @AutoItX64 Then _WinAPI_Wow64EnableWow64FsRedirection(True) Local $sGPOCmdOutput = StringStripWS(StdoutRead($iPIDGPOCmd), 3) ;~ ConsoleWrite($sGPOCmdOutput & @CRLF & @CRLF) ;For testing. ;Add end of line characters for single return group to be processed. $sGPOCmdOutput = $sGPOCmdOutput & @CRLF & @CRLF Local $iGPOCmdOutputSS = StringInStr($sGPOCmdOutput, @CRLF & @CRLF) If $iGPOCmdOutputSS = 0 Then Return SetError(1, 0, 0) Local $sGPOCmdOutputSS = StringMid($sGPOCmdOutput, 1, $iGPOCmdOutputSS) ;~ ConsoleWrite(@CRLF & @CRLF & $sGPOCmdOutputSS & @CRLF) ;For testing. Local $sRegEx = "([^:\r\n]*):.*" Local $aProperties = StringRegExp($sGPOCmdOutputSS, $sRegEx, 3) ;~ _ArrayDisplay($aProperties) ;For testing. If StringInStr($sGPOCmdOutput, "ArgumentException") Then Return SetError(1, 0, 0) ;Get data on multiple lines to a single line. $sGPOCmdOutput = StringRegExpReplace($sGPOCmdOutput, "(\r\n\h{2,})", "") ;Remove last @CRLF to prevent blank row in return array. $sGPOCmdOutput = StringTrimRight($sGPOCmdOutput, 2) Local $aGPOCmdOutput = StringSplit($sGPOCmdOutput, @CRLF & @CRLF, 1) ;~ _ArrayDisplay($aGPOCmdOutput) ;For testing. ;Convert from a list output to a 2D array. Local $aGPOCmdOutput2D[$aGPOCmdOutput[0]][UBound($aProperties)] ;~ _ArrayDisplay($aGPOCmdOutput2D) Local $aTemp For $i = 1 To $aGPOCmdOutput[0] Step 1 $aTemp = StringSplit($aGPOCmdOutput[$i], @CRLF, 1) For $j = 1 To $aTemp[0] Step 1 For $k = 0 To UBound($aProperties) - 1 Step 1 If StringInStr($aTemp[$j], $aProperties[$k]) Then $aGPOCmdOutput2D[$i - 1][$k] = StringStripWS(StringReplace($aTemp[$j], $aProperties[$k] & ":", ""), 3) EndIf Next Next Next ;~ _ArrayDisplay($aGPOCmdOutput2D) ;For testing. For $i = 0 To UBound($aProperties) - 1 Step 1 $aProperties[$i] = StringStripWS($aProperties[$i], 3) Next _ArrayTranspose($aProperties) _ArrayConcatenate($aProperties, $aGPOCmdOutput2D) Return $aProperties EndFunc ;==>_AD_GetGPOByGuidPS Func _AD_GetGPOReportByNamePS($sGPOName, $sReportFullPath, $sReportType = "HTML") ;Generates a report either in XML or HTML format for a specified GPO by name in a domain. Switch $sReportType Case "HTML", "XML" Case Else Return SetError(1, 0, False) EndSwitch Local $sPath = StringRegExpReplace($sReportFullPath, "(^.*\\)(.*)", "$1") ;~ ConsoleWrite($sPath & @CRLF) ;For testing. ;~ If Not FileExists($sPath) Then Return SetError(2, 0, False) Local $sGPOCmd = 'powershell "Get-GPOReport -Name ''' & $sGPOName & ''' -ReportType ' & $sReportType & ' -Path ''' & $sReportFullPath & '''"' ConsoleWrite($sGPOCmd & @CRLF) ;Turn off redirection for a 32-bit script on 64-bit system. If @OSArch = "X64" And Not @AutoItX64 Then _WinAPI_Wow64EnableWow64FsRedirection(False) Local $iPIDGPOCmd = Run($sGPOCmd, @SystemDir, @SW_HIDE, $STDERR_MERGED) ProcessWaitClose($iPIDGPOCmd) ;Turn on redirection for a 32-bit script on 64-bit system. If @OSArch = "X64" And Not @AutoItX64 Then _WinAPI_Wow64EnableWow64FsRedirection(True) Local $sGPOCmdOutput = StringStripWS(StdoutRead($iPIDGPOCmd), 3) ;~ ConsoleWrite($sGPOCmdOutput & @CRLF & @CRLF) ;For testing. If $sGPOCmdOutput <> "" Then SetError(3, 0, False) Return True EndFunc ;==>_AD_GetGPOReportByNamePS Func _AD_GetGPOReportByGuidPS($sGPOGuid, $sReportFullPath, $sReportType = "HTML") ;Generates a report either in XML or HTML format for a specified GPO by GUID in a domain. Switch $sReportType Case "HTML", "XML" Case Else Return SetError(1, 0, False) EndSwitch Local $sPath = StringRegExpReplace($sReportFullPath, "(^.*\\)(.*)", "$1") ;~ ConsoleWrite($sPath & @CRLF) ;For testing. ;~ If Not FileExists($sPath) Then Return SetError(2, 0, False) Local $sGPOCmd = 'powershell "Get-GPOReport -GUID ''' & $sGPOGuid & ''' -ReportType ' & $sReportType & ' -Path ''' & $sReportFullPath & '''"' ConsoleWrite($sGPOCmd & @CRLF) ;Turn off redirection for a 32-bit script on 64-bit system. If @OSArch = "X64" And Not @AutoItX64 Then _WinAPI_Wow64EnableWow64FsRedirection(False) Local $iPIDGPOCmd = Run($sGPOCmd, @SystemDir, @SW_HIDE, $STDERR_MERGED) ProcessWaitClose($iPIDGPOCmd) ;Turn on redirection for a 32-bit script on 64-bit system. If @OSArch = "X64" And Not @AutoItX64 Then _WinAPI_Wow64EnableWow64FsRedirection(True) Local $sGPOCmdOutput = StringStripWS(StdoutRead($iPIDGPOCmd), 3) ;~ ConsoleWrite($sGPOCmdOutput & @CRLF & @CRLF) ;For testing. If $sGPOCmdOutput <> "" Then SetError(3, 0, False) Return True EndFunc ;==>_AD_GetGPOReportByGuidPS Adam
  5. Is there an AD way to search if and where (the hostname) an userid is (or on what host was last time) logged? Thanks
  6. I'm trying to read all cells used in column "C" in excel to an array but not sure how. Local $NameArray = _Excel_RangeRead($oWorkbook, $oWorkbook.Activesheet, $oWorkbook.Range["C"].End)
  7. Hey Guys, Good? I'm ned help to consult in other domain. My three domain contains any domains. How do I get this query done? Tks for the Help!
  8. Hello all! As I have just read access to my companies Active Directory I need some users willing to test the rewritten _AD_ModifyAttribute function. My goal is to have the function handle single and multi value attributes the same way and support CLEAR, UPDATE, APPEND and DELETE for the attributes. First step is to test how the function handles single value attributes: Please modify the following script to specify the object (I suggest a dummy user in your test AD environment - the function might still be buggy). Then please run the script and post the restults! If everything works as expected we will test multi value attributes. AD attributes: http://www.rlmueller.net/UserAttributes.htm #include <AD.au3> _AD_Open() $sObject = "user-to-modify" ; <== NEEDS TO BE CHANGED BY YOU! $sAttribute = "Description" ; CLEAR - single value attribute _AD_ModifyAttribute($sObject, $sAttribute, "Original value", 2) ; Set the original value If @error Then Exit MsgBox(0, "Single value - Error!", "CLEAR: Set original value returned @error = " & @error & ", @extended = " & @extended) _AD_ModifyAttributeEX($sObject, $sAttribute, "", 1) If @error Then Exit MsgBox(0, "Single value - Error!", "CLEAR returned @error = " & @error & ", @extended = " & @extended) $sReturnValue = _AD_GetObjectAttribute($sObject, $sAttribute) If @error Then Exit MsgBox(0, "Single value - Error!", "CLEAR: Query new value returned @error = " & @error & ", @extended = " & @extended) MsgBox(0, "Success!", "Value after CLEAR: " & $sReturnValue & @CRLF & "Expected value: ''") ; UPDATE - single value attribute _AD_ModifyAttribute($sObject, $sAttribute, "Original value", 2) ; Set the original value If @error Then Exit MsgBox(0, "Single value - Error!", "UPDATE: Set original value returned @error = " & @error & ", @extended = " & @extended) _AD_ModifyAttributeEX($sObject, $sAttribute, "UPDATE", 2) If @error Then Exit MsgBox(0, "Single value - Error!", "UPDATE returned @error = " & @error & ", @extended = " & @extended) $sReturnValue = _AD_GetObjectAttribute($sObject, $sAttribute) If @error Then Exit MsgBox(0, "Single value - Error!", "UPDATE: Query new value returned @error = " & @error & ", @extended = " & @extended) MsgBox(0, "Success!", "Value after UPDATE: " & $sReturnValue & @CRLF & "Expected value: 'UPDATE'") ; APPEND - single value attribute - APPEND should work the same way as UPDATE _AD_ModifyAttribute($sObject, $sAttribute, "Original value", 2) ; Set the original value _AD_ModifyAttributeEX($sObject, $sAttribute, "APPEND", 3) $sReturnValue = _AD_GetObjectAttribute($sObject, $sAttribute) If @error Then Exit MsgBox(0, "Single value - Error!", "APPEND returned @error = " & @error & ", @extended = " & @extended) MsgBox(0, "Success!", "Value after APPEND: " & $sReturnValue & @CRLF & "Expected value: 'APPEND'") ; DELETE - single value attribute - DELETE should work the same way as CLEAR _AD_ModifyAttribute($sObject, $sAttribute, "Original value", 2) ; Set the original value _AD_ModifyAttributeEX($sObject, $sAttribute, "DELETE", 4) $sReturnValue = _AD_GetObjectAttribute($sObject, $sAttribute) If @error Then Exit MsgBox(0, "Single value - Error!", "DELETE returned @error = " & @error & ", @extended = " & @extended) MsgBox(0, "Success!", "Value after DELETE: " & $sReturnValue & @CRLF & "Expected value: ''") _AD_Close() Exit ; #FUNCTION# ==================================================================================================================== ; Name...........: _AD_ModifyAttribute ; Description ...: Modifies an attribute of the given object to the value specified. ; Syntax.........: _AD_ModifyAttribute($sObject, $sAttribute[, $vValue = ""[, $iOption = 1]]) ; Parameters ....: $sObject - Object (user, group ...) to add/delete/modify an attribute (sAMAccountName or FQDN) ; $sAttribute - Attribute to add/delete/modify ; $vValue - Optional: Value(s) to modify the attribute with. Use a blank string ("") to remove all values (default). ; +$vValue can be a single value (as a string) or a multi-value (as a zero-based one-dimensional array) ; $iOption - Optional: Indicates the mode of modification: Clear, Update, Append, Delete. ; |1 - CLEAR: remove all value(s) from the attribute (default when $vValue = "" or Default) ; |2 - UPDATE: replace the current value(s) with the specified value(s) ; |3 - APPEND: append the specified value(s) to the existing values(s) ; |4 - DELETE: delete the specified value(s) from the object ; Return values .: Success - 1 ; Failure - 0, sets @error to: ; |1 - $sObject does not exist ; |2 - Parameter $iOption is invalid. needs to be in the range1 to 4. ; |x - Error returned by SetInfo method (Missing permission etc.) ; Author ........: Jonathan Clelland ; Modified.......: water ; Remarks .......: ; Related .......: _AD_GetObjectAttribute, _AD_GetObjectProperties, _AD_AddEmailAddress ; Link ..........: http://msdn.microsoft.com/en-us/library/aa746353(VS.85).aspx (ADS_PROPERTY_OPERATION_ENUM Enumeration) ; Example .......: Yes ; =============================================================================================================================== Func _AD_ModifyAttributeEX($sObject, $sAttribute, $vValue = "", $iOption = 1) Local $aValue[1] If $vValue = Default Then $vValue = "" If IsArray($vValue) Then $aValue = $vValue Else ; Move the string value to the array $aValue[0] = $vValue EndIf If $iOption = Default Then $iOption = 1 If $iOption < 1 Or $iOption > 4 Then Return SetError(2, 0, 0) If Not _AD_ObjectExists($sObject) Then Return SetError(1, 0, 0) Local $sProperty = "sAMAccountName" If StringMid($sObject, 3, 1) = "=" Then $sProperty = "distinguishedName" ; FQDN provided $__oAD_Command.CommandText = "<LDAP://" & $sAD_HostServer & "/" & $sAD_DNSDomain & ">;(" & $sProperty & "=" & $sObject & ");ADsPath;subtree" Local $oRecordSet = $__oAD_Command.Execute ; Retrieve the ADsPath for the object Local $sLDAPEntry = $oRecordSet.fields(0).Value Local $oObject = __AD_ObjGet($sLDAPEntry) ; Retrieve the COM Object for the object $oObject.GetInfo Switch $iOption Case 1 $oObject.PutEx(1, $sAttribute, 0) ; CLEAR: remove all the property value(s) from the object Case 2 $oObject.PutEx(2, $sAttribute, $aValue) ; UPDATE: replace the current value(s) with the specified value(s) Case 3 $oObject.PutEx(3, $sAttribute, $aValue) ; APPEND: append the specified value(s) to the existing values(s) Case 4 $oObject.PutEx(4, $sAttribute, $aValue) ; DELETE: delete the specified value(s) from the object EndSwitch $oObject.SetInfo If @error Then Return SetError(@error, 0, 0) Return 1 EndFunc ;==>_AD_ModifyAttributeEX
  9. I have a question about the @error logging features in _AD_CreateUser. Hopefully I am just missing something obvious. In my app I am creating a user if it does not exist then manipulating some attributes. If the user does exist I would then call another function to remove groups from the user and modify some attributes. My question is... If the user already Exists, the _AD_CreateUser option gives $iValue = 0 and @error = 0. How can @error = 1 for the condition that the user already exists? I copied a small ship of the code in question along with my full .au3. I am using AD UDF 1.4.9.0 (Water, thanks for the awesome work on this!!!). $iValue = _AD_CreateUser ($sOU, $sUser, $sCN) If $iValue = 1 Then _FileWriteLog ($Log, "Func UserCheck() - User '" & $sUser & "' successfully created ==> Calling UserAttribsNewUser Function.") Call ("NewUser") ElseIf @error = 1 Then _FileWriteLog ($Log, $sUser & " already exists ==> Calling UserAttribsExistingUser Function.") Call ("ExistingUser") AccountSettingConfigurations-Test1.au3
  10. Hi guys, I'm trying to make a script that could tell me, from a username list file, if the username is active, inactive or not existant in a multi-domain Active Directory.... I found a few scripts giving me hints but I found nothing to help me to accomplish this task... Do you have any ideas ! Thanks Bouzzi!
  11. Version 1.0.0.0

    1,344 downloads

    ADAT is a tool to simplify common AD administration tasks. Every administration task has its own tab. It is easy to add new functions (tabs) to the tool. Some often used functions are already available: list users, computers, OUs. File ADAT.ini can be customized to hold the AD logon information if necessary. Known Bugs: 2018-03-07: If the Script started from SciTE works but the "Process" button in the compiled exe does not do anything then please add the following line at the top of your script: #Au3Stripper_Ignore_Funcs=Process_Tab* BTW: If you like this tool please click the "I like this" button. This tells me where to next put my development effort
  12. I've been playing with the AD UDF (by water) and I'm really not sure how it works (even after playing for several hours) and I'm hoping that someone can point me in the right direction on this. What I want to do is make it so if I give a network username, it returns back the information about said user (IE name, org, dept, etc). I know the info is in AD, I just don't know how to pull it using the UDF. Anyone have suggestions?
  13. Version 2.0.0

    850 downloads

    On one/multiple big sheet(s) you get users (columns) and groups (rows). The list is sorted descending by number of members so you get the users with most groups and the groups with most members on top of the page. You can filter by (multiple) samaccountname(s), department or you can create your own LDAP query filter. You can filter the resulting list of groups using a Regular Expression. Version 2.0 uses maps so at the moment it requires the latest beta version of AutoIt! BTW: If you like this tool please click the "I like this" button. This tells me where to next put my development effort
  14. Hi there, I have a question about persistent drives and AD. I am playing around with a script but I'm missing something. What i want to do is if a user is part of an OU, it will map a network drive and be persistent. However if a user is moved out of that OU, they will need to have the persistent drive removed. I'm using the ad plugin script, and i can map the drives if a user is in a specific ou, but i cannot seem to delete the drive if the user is out of the OU. Here's an example of code I'm using: #Region ;**** Directives created by AutoIt3Wrapper_GUI **** #AutoIt3Wrapper_Compression=4 #AutoIt3Wrapper_Res_Fileversion=1.0.0 #EndRegion ;**** Directives created by AutoIt3Wrapper_GUI **** #include <AD\AD.au3> func MapDrives() _AD_Open() if _AD_RecursiveIsMemberOf(OU) Then Mapdrive1() Elseif _AD_RecursiveIsMemberOf(different ou) drivemapdel EndIf _AD_Close() EndFunc Func MapDrive1() Drivemapdel ("Z:") DriveMapAdd ("Z:"."\\server\share",$DMA_PERSISTENT,0) EndFunc
  15. I have converted and extended the adfunctions.au3 written by Jonathan Clelland to a full AutoIt UDF including help file, examples, ScITE integration etc. The example scripts should run fine without changes. 2016-08-18: Version: 1.4.6.0 As always: Please test before using in production! KNOWN BUGS: (Last changed: ) None AD 1.4.6.0.zip For AutoIt >= 3.3.12.0 AD 1.4.0.0.zip other versions of AutoIt
  16. Version 3.2.0.3

    1,106 downloads

    ADCU displays two Active Directory users and their group membership in two listviews. You can filter and export the data to Excel, Outlook mail and the clipboard. Before running the script you need to change file AD-Tools.ini and function _Check_Access in AD-Tools_User.au3. BTW: If you like this UDF please click the "I like this" button. This tells me where to next put my development effort Needs to be run with the latest AutoIt production version (>= 3.3.12.0). Needs to be run with the latest version of the AD UDF (>= 1.4.2.0).
  17. Version 3.2.0.4

    733 downloads

    ADCG displays two Active Directory groups and their direct members in two listviews. You can filter and export the data to Excel, Outlook mail and the clipboard. Before running the script you need to change file AD-Tools.ini and function _Check_Access in AD-Tools_User.au3. BTW: If you like this UDF please click the "I like this" button. This tells me where to next put my development effort Needs to be run with the latest AutoIt production version (>= 3.3.12.0). Needs to be run with the latest version of the AD UDF (>= 1.4.2.0).
  18. Hello. I have 5 DCs, and I need to create a scheduled task to run a script that will test the authentication time for each one of them, once every minute. (Then I'll use it within a log analyser to create graphics). I came up with a script using the great AD UDF (by water). First I tried using "for" and an array, but something was messing up the results, then I went for the dumb old fashioned way: #Include <ad.au3> #include <MsgBoxConstants.au3> Global $AdTestTime = "" Global $Timer1, $Timer2, $Timer3, $Timer4, $Timer5 = "" Global $sAD1 = "MYSERVER109" Global $sAD2 = "MYSERVER110" Global $sAD3 = "MYSERVER111" Global $sAD4 = "MYSERVER112" Global $sAD5 = "MYSERVER113" $Timer1 = Timerinit() _AD_Open("", "", $sAD1) _AD_Close() Local $fDiff1 = TimerDiff($Timer1) $Timer2 = Timerinit() _AD_Open("", "", $sAD2) _AD_Close() Local $fDiff2 = TimerDiff($Timer2) $Timer3 = Timerinit() _AD_Open("", "", $sAD3) _AD_Close() Local $fDiff3 = TimerDiff($Timer3) $Timer4 = Timerinit() _AD_Open("", "", $sAD4) _AD_Close() Local $fDiff4 = TimerDiff($Timer4) $Timer5 = Timerinit() _AD_Open("", "", $sAD5) _AD_Close() Local $fDiff5 = TimerDiff($Timer5) MsgBox(0,"", "MYSERVER109=" & $fDiff1) MsgBox(0,"", "MYSERVER110=" & $fDiff2) MsgBox(0,"", "MYSERVER111=" & $fDiff3) MsgBox(0,"", "MYSERVER112=" & $fDiff4) MsgBox(0,"", "MYSERVER113=" & $fDiff5) Still, something is off here. The first AD to be tested is always the slowest one, by far, like 20 times slower. Then I started to suspect that the first one starts the "negotiation", and the following ones ride the gravy train. If I repeat the first code twice, All servers seem to have a similar result. $Timer1 = Timerinit() _AD_Open("", "", $sAD1) _AD_Close() Local $fDiff1 = TimerDiff($Timer1) $Timer1 = Timerinit() _AD_Open("", "", $sAD1) _AD_Close() Local $fDiff1 = TimerDiff($Timer1) $Timer2.... Am I right? Also, is there a better way to test the authentication time? Thanks for the help. - Dave
  19. I have a script to search Active Directory for stale computers within a given OU. The search yields computer names that do not exist in Active Directory. Could mixed mode Active Directory be causing this? I've included a portion of my script to show that it is probably not a problem with the script. However, since I am using AutoIt to do the search I thought I should post my question here. _AD_Open() For $iLine_Count = 1 to $iNumber_Of_Lines $sOU = FileReadLine($sOU_List, $iLine_Count) $aComputers = _AD_GetObjectsInOU($sOU, "(objectclass=computer)", 2, "name") For $iCount = 0 To UBound($aComputers, 1) - 1 $sSAM_Account_Name = $aComputers[$iCount] & "$" $sHostName = StringTrimRight($sSAM_Account_Name, 1) $sLast_Logon_Date = _AD_GetLastLoginDate($sSAM_Account_Name) $sYear = StringTrimRight($sLast_Logon_Date, 10) $sMonth = StringMid($sLast_Logon_Date, 5, 2) ; "string", start, count $sDay = StringMid($sLast_Logon_Date, 7, 2) If $sYear < 2015 Then If StringLen($sHostName) > 3 Then FileWriteLine($sStale_Host_List, $sHostName) EndIf Next Next _AD_Close()
  20. Is there a way to be able to filter like power can filter? Like the way this powershell script filters for instance: Import-Module ActiveDirectory Get-ADUser -Filter {EmailAddress -eq "$Usersemailaddress"}| Select-Object -ExpandProperty SamAccountName | Out-File C:\Users\"$env:username"\Desktop\email2samconversion.txt Goal is trying to get the SamAccountName by filtering with the email address of a user in AD. I have the AD.UDF but it only works with the Sam and the FQDN. i've tried running powershell in Autoit, but it takes at least 7 seconds to start Powershell>import the module>create the text file>read the text file>Delete the textfile from desktop>Display in Edit box in GUI. I'm wondering if there is a way to filter the search function of AD through autoit kind of like how Powershell does. i've not yet been able to powershell to run properly in Autoit either: I tried: Run(powershell -Command Import-Module ActiveDirectory | Get-ADUser -Filter {mail -eq "$UserEmail"} | Select-Object -ExpandProperty SamAccountName | Out-File C:\users\$env:username\desktop\SamaccountNametextfile.txt") But it keeps failing. I tried using ShellExecute as well and neither of them worked.
  21. #RequireAdmin #include <ButtonConstants.au3> #include <EditConstants.au3> #include <GUIConstantsEx.au3> #include <StaticConstants.au3> #include <WindowsConstants.au3> #include <AD.au3> #include <Array.au3> #include <GuiButton.au3> #include <String.au3> #Region ### START Koda GUI section ### Form= Global $Form1_1 = GUICreate("Get User Groups", 419, 501, -1, -1) Global $Username = GUICtrlCreateInput("", 176, 80, 121, 21) Global $Button1 = GUICtrlCreateButton("GetGroups", 24, 120, 75, 25) Global $Groups = GUICtrlCreateEdit("", 24, 168, 369, 313, BitOR($ES_AUTOVSCROLL,$ES_AUTOHSCROLL,$ES_WANTRETURN,$WS_VSCROLL)) GUICtrlSetData(-1, "") GUICtrlSetData(-1, "") Global $Label2 = GUICtrlCreateLabel("Copy and paste the text below and add it to the onboarding ticket.", 80, 40, 318, 17) Global $Cancel = GUICtrlCreateButton("Cancel", 312, 120, 75, 25) Global $Disable = GUICtrlCreateButton("Copy", 120, 120, 75, 25) Global $Expire = GUICtrlCreateButton("Expire", 216, 120, 75, 25) Global $Unique = GUICtrlCreateLabel("Unique Username", 56, 80, 89, 25) GUISetState(@SW_SHOW) WinActivate($Form1_1) _GUICtrlButton_Enable($Username) #EndRegion ### END Koda GUI section ### While 1 $nMsg = GUIGetMsg() Switch $nMsg Case $GUI_EVENT_CLOSE Exit Case $Button1 GroupArray() Case $Disable Copy() Case $Cancel Exit EndSwitch WEnd ;~ Functions Func GroupArray() _AD_Open() Global $Inputbox = GUICtrlRead($Username) If @error Then Exit MsgBox(16, "Active Directory", "Function _AD_Open encountered a problem. @error = " & @error & ", @extended = " & @extended) ; Get a sorted array of group names (FQDN) that the user is immediately a member of Global $aUser = _AD_GetUserGroups($Inputbox) If @error > 0 Then MsgBox(64, "Active Directory Function", "User '" & $Inputbox & "' has not been assigned to any group or cannot be found.") Else _ArraySort($aUser, 0, 1) $sString = _ArrayToString($aUser, "; ") Global $sorted = _StringBetween($sString, "CN=", ",") Global $Format = _ArrayToString($sorted, "; ") Guictrlsetdata($Groups, $Format) EndIf ; Close Connection to the Active Directory _AD_Close() EndFunc ;==>GroupArray Func Copy() $copy = GUICtrlRead($groups) ClipPut($copy) EndFunc I've found this to be very useful but It only shows the names of the groups in FDQN format. In order to import multiple groups back into AD The have to be formatted like so: Domain users; Finance; Domain Admins; This allows you to copy and paste that back into an AD account where you need add multiple groups to one user. I've written something to clean it up a bit but i'm new to autoit. I just started like 2 weeks ago and i'm not sure how to sort info. The script i've written allows you to take the appropriate info out but it take a little too much info out. I'm using string between and I'd like to know if there is a way to extract info better from the array used in _AD_GetUserGroups I've attached my script and GUI but it pulls too much info due to the _stringbetween function. I just need to know if there is a better way? GetGroups.au3
  22. Hi all, I'm currently writing a backup script to automate the process of storing and compressing data for any member leaving the firm I work at. Ideally I would like to pull the user's display name or full name, for instance, a WMI query selecting FullName WHERE Win32_NetworkLoginProfile Name equals "Domain\kefinnegan" would bring back "Kevin Finnegan" or whatever naming convention your company uses. Although this solution seems ideal as long as you log in as a user with privileged access, it won't work if the domain user you wish to backup has been purged from the Active Directory system entirely as the WMIService seems to query it in some shape or form (thousands of members in our firm, need to trim the fat every now and then). I was wondering if it's possible to query an API, service or possibly even scan registry entries stored on the leaver's machine while logged in as the local administrator (can run the script with privileged domain credentials if needs be) that could give me a domain user's full name, who logged onto this machine, without the use of Active Directory?
  23. Hi. I'm trying to find groupmembers of subgroups in AD groups. I'm not sure how to get started, so I hope someone here have something that could help me to start. Thank you very much.
  24. Hi All, Now before I start, I have trawled through the forum & elsewhere for the last 24 hours or so & found nothing to even point me in the right direction. I have a rather large script that's doing various (AD reads & applying RegWrites based on the SID & AD reads....) & I've stripped it all back & the problem appears to lie with the create object which is calling a sproc I wrote to pull back various based on params passed. Now for the actual issue, all worked fine first time everywhere apart from within a Citrix xenapp session which is when I'm getting hit with the Exception Occured Script Line -1 - Variable must be of type 'Object'. Here is a stripped back portion which I've been testing with against xenapp (with a MsgBox added to easily see if anything did return), can anyone notice anything glaringly stupid that I'm doing? Global $AppError = ObjEvent("AutoIt.Error","ErrFunc") $Emp=@UserName $adDSN="Driver={SQL Server};Server=*****;Database=*****;Uid=****;Pwd=*****" $adCN = ObjCreate ("ADODB.Connection") $adCN.Open ($adDSN) $FNsQuery = "exec [ooo_sp_ad_user] @user="&$Emp&",@type=1" $FNresult = $adCN.Execute($FNsQuery) $ADFirstName=$FNresult.Fields("").Value MsgBox(0, "AD Test", $ADFirstName) $adCN.Close Func ErrFunc() Local $HexNumber Local $strMsg $HexNumber = Hex($AppError.Number, 8) $strMsg = "Error Number: " & $HexNumber & @CRLF $strMsg &= "WinDescription: " & $AppError.WinDescription & @CRLF $strMsg &= "Script Line: " & $AppError.ScriptLine & @CRLF MsgBox(0, "ERROR", $strMsg) SetError(1) Endfunc Any pointers at all would be greatly appreciated. Thanks Bob
  25. This is a simple incomplete password reset tool, my 3rd script with autoit, so the code is elementary. This is something you can use to customize and make your own. It will generate a password, and give you the nato readout so you can read it to an end user over the phone. Feel free to update and make it better, I no longer require it so enjoy! #include <File.au3> #include <ButtonConstants.au3> #include <EditConstants.au3> #include <GUIConstantsEx.au3> #include <StaticConstants.au3> #include <WindowsConstants.au3> #include <AD.au3> #Region ### START Koda GUI section ### Form= $Form1 = GUICreate("AD PAssword Reset Tool", 509, 276, 250, 152) $Label1 = GUICtrlCreateLabel("Password Reset Tool", 40, 8, 442, 46) GUICtrlSetFont(-1, 28, 400, 0, "Arial") GUICtrlSetColor(-1, 0x000000) Global $rnd, $result2 = "" $Input3 = GUICtrlCreateInput("", 60, 96, 400, 32, $SS_CENTER) GUICtrlSetFont(-1, 16, 400, 0, "Arial") GUICtrlSetState(-1, $GUI_DISABLE) $Button1 = GUICtrlCreateButton("Generate Password", 16, 64, 107, 25) $Button2 = GUICtrlCreateButton("Set Password", 260, 162, 75, 25) $Button3 = GUICtrlCreateButton("Unlock Account", 155, 162, 99, 25) $Input1 = GUICtrlCreateInput("", 16, 160, 121, 21) $Group1 = GUICtrlCreateGroup("Account status", 8, 188, 489, 81) $Label4 = GUICtrlCreateLabel("Username: ", 16, 204, 58, 17) $Label5 = GUICtrlCreateLabel("Locked: ", 16, 220, 46, 17) $Label6 = GUICtrlCreateLabel("Password Age:", 16, 236, 75, 17) GUICtrlCreateGroup("", -99, -99, 1, 1) $Label7 = GUICtrlCreateLabel("", 26, 133, 436, 24, $SS_CENTER) GUICtrlSetFont(-1, 12, 400, 0, "MS Sans Serif") GUICtrlSetFont(-1, 9, 800, 0, "MS Sans Serif") $z = "rvxs|rdmf|jzlr|izez|lbyl|yjmz|wzet|pyau|qumv|aocr|wwal|qhyh|dlou|ruqj|vgmg|edpg|wsmv|qmnt|kwgr|tduz|jzgq|ywdn|etet|hxvj|ydwp|vvzx|cwcs|fcru|dnin|jwna|pwks|xoak|audd|ppwe|omzq|xwcy|dudn|rwtz|qvtg|jgzi|hxkr|azug|ixla|iikl|ovgk|skpj|kldj|ovwg|psfy|jmck|gkea|bjmq|trfc|tppm|jvae|fgah|scbj|pqtl|gses|gtzz|xtid|snds|xkok|zgcb|iktk|cvil|ynxn|fqqs|qakc|cnsc|jiaz|nryi|brev|olbe|whfs|kpro|lkcg|vvlp|pjlf|igvl|mnyp|shco|nite|exji|drai|gdgd|cylw|hlgr|qfya|dqle|xhgn|jkbl|cghi|xcow|iwui|ltqm|olmx|rujq|ehop|xpgr|zjfg|zebn|iezt|gazx|cgft|tefk|jijz|smhj|zbwr|vxsd|wjmp|sjbk|hyzm|sszr|iqbq|marj|pdsn|derh|sjit|udlh|xwaz|aodg|quab|gxka|exhs|pzdo|bpjf|pizm|xtio|tdiz|txxv|jaat|hcwi|ekrz|zpyy|ppnm|yewo|upzi|zfmw|suii|alvm|zklz|xesg|nyqk|lvih|eppa|mbdk|soju|hnkt|ifsd|wnzk|pndo|ydrj|bzfs|madj|jhcz|ygnw|zrdu|qskm|lbux|qtdt|xjyy|zkfd|yzhd|dwgn|jdun|kteh|geke|warj|qucv|lvqs|jdda|vrfb|qzjj|rvuo|kzfr|jlka|svhy|dctk|lkss|viju|dqpq|dgxw|mcwy|rtxw|ptsj|bebg|kduq|iivb|zygi|hwql|sgia|hvmj|msxx|woxb|vvsc|zplz|brpf|iyyq|vdvp|dxre|mtky|csjv|yfdl|podp|svrn|eovx|nzax|uplb|neiv|yzdk|mtgq|qrzx|kkhl|rxgm|brqr|fqsv|wcpe|acyf|oqeo|utci|susu|ttha|qnnx|utwc|eoih|bema|abjh|ijyx|tihy|gyll|bkae|kett|mbtk|fuyr|fokr|cazl|exro|azla|cyzv|bnfx|mnxi|qlak|jlai|tcor|fcpy|hudz|zosz|tgzl|zqli|rody|xrvj|ntit|keji|xixi|wbmd|lajm|rlps|klqj|woth|fhmk|psxp|npaz|naph|ahfz|pdkb|fnga|tisy|kijq|drqj|fyym|nfej|vaqa|hnrk|lkeh|wbrh|rmie|iuab|lbxz|mvto|qkqo|wfbk|zawj|sfnb|dagk|vxts|pfnn|eatb|ozor|pkje|slxb|fmpv|yqil|owry|ducb|dywa|xguz|ybrj|eoff|lhfp|qwqk|pada|oele|szmo|lvdw|rsjh|ygid|mtrh|zycp|pfoe|icpz|vxkd|rsdm|isrf|nhsh|mbzq|rukh|usrj|cwno|nxph|utro|xghu|ynvw|wswr|vngd|ahpw|uimq|tirj|ysbv|aetj|wwsx|jxcu|fxvw|mszs|pcuo|tvjf|tsef|setx|zrnr|vcmk|pthb|vqpl|tzfa|lqpu|jqbg|flru|jdrb|agfb|qajb|gopo|dfen|vfnp|myvp|fptx|qvbv|qiii|uuaw|khnh|ujnj|mlds|wicf|ihwv|wumi|smhd|pfda|tltj|ixdo|xvor|zuid|hgst|xfqf|yuuy|qesp|ulke|rqoc|yyae|ejbr|lrob|xwrw|fgcc|phmn|jeib|btmn|sxbn|znio|qxhe|trto|tzty|ohqn|qaej|pgdk|oqvy|dnqb|lfmh|guom|pumx|hxnl|jxxm|pipj|hxjw|jlvu|mbql|hvnh|dzii|xpyx|fjtx|gxjd|ixuy|evpb|ogjp|wqxi|bogv|laoo|bslx|axtq|uwca|qzmp|gojb|kctw|nzlj|fuyw|klzo|nvpg|vhfx|vnmj|jrtx|yuin|lwbr|bpsh|txok|gvrp|acfz|tjga|kgew|rmrh|wszy|fulz|otgd|gnyh|fvsk|roox|xixy|nwqu|rdne|rngx|tyjq|gbrj|kgtn|zoys|pten|sptz|oxkh|kbin|uvwr|cgqw|smec|pvoe|hmdw|nkxs|bzzp|dkzu|txzu|ktrm|bbgp|esgh|ocza|mnoy|ejfc|xfwb|rwkz|mrbl|apwe|wmdr|ojgb|pfvi|napt|mwmb|wukl|rfzs|injw|jmpw|pmxe|pncm|smtx|xgee|oqhe|cqry|sipu|vaew|fuzw|ymkc|vvnr|lrip|nbsn|kjdn|nfdd|amcg|cncw|gmiw|juzo" $wlist = StringSplit($z, "|", 3) GUISetState(@SW_SHOW) #EndRegion ### END Koda GUI section ### _AD_OPEN() While 1 $nMsg = GUIGetMsg() Switch $nMsg Case $GUI_EVENT_CLOSE _AD_CLOSE() Exit Case $Button1 generate() Case $Button2 setpw() EndSwitch WEnd Func GenSymbol() $symnum = Random(1, 7, 1) If $symnum = 1 Then Global $symbb = "!" If $symnum = 2 Then Global $symbb = "@" If $symnum = 3 Then Global $symbb = "$" If $symnum = 4 Then Global $symbb = ";" If $symnum = 5 Then Global $symbb = "?" If $symnum = 6 Then Global $symbb = "%" If $symnum = 7 Then Global $symbb = "#" EndFunc ;==>GenSymbol Func generate() Global $rnd = Random(1000, 9999, 1) Global $result = "" GUICtrlSetData($Input3, $result) Global $line = $wlist[Random(1, UBound($wlist))] GenSymbol() nato1() $line = $symbb & $line & $rnd GUICtrlSetData($Input3, $line) $rnd2 = StringSplit($rnd, "") EndFunc ;==>generate Func nato1() $myword = $line symbol($symbb) $array = StringSplit($myword, "", 1) For $i = 1 To UBound($array) - 1 $z = nato2($array[$i]) $result = $result & $nato & " " Next $nums = StringSplit($rnd, "", 1) For $i = 1 To UBound($nums) - 1 $y = digit($nums[$i]) $result2 = $result2 & $numb & " " Next $result = $symb & " " & $result & $result2 GUICtrlSetData($Label7, $result) ;GUICtrlSetData($Label8, "") $result = "" $result2 = "" EndFunc ;==>nato1 Func setpw() If Not GUICtrlRead($Input3) Then MsgBox(0, "Error", "You must generate a password first.") Else MsgBox(0, "Complete", "Password has been set. Thank you.") EndIf EndFunc ;==>setpw Func nato2($letter) If $letter = "a" Then Global $nato = "Alpha" If $letter = "b" Then Global $nato = "Bravo" If $letter = "c" Then Global $nato = "Charlie" If $letter = "d" Then Global $nato = "Delta" If $letter = "e" Then Global $nato = "Echo" If $letter = "f" Then Global $nato = "Foxtrot" If $letter = "g" Then Global $nato = "Golf" If $letter = "h" Then Global $nato = "Hotel" If $letter = "i" Then Global $nato = "India" If $letter = "j" Then Global $nato = "Juliet" If $letter = "k" Then Global $nato = "Kilo" If $letter = "l" Then Global $nato = "Lima" If $letter = "m" Then Global $nato = "Mike" If $letter = "n" Then Global $nato = "November" If $letter = "o" Then Global $nato = "Oscar" If $letter = "p" Then Global $nato = "Papa" If $letter = "q" Then Global $nato = "Quebec" If $letter = "r" Then Global $nato = "Romeo" If $letter = "s" Then Global $nato = "Sierra" If $letter = "t" Then Global $nato = "Tango" If $letter = "u" Then Global $nato = "Uniform" If $letter = "v" Then Global $nato = "Victor" If $letter = "w" Then Global $nato = "Whiskey" If $letter = "x" Then Global $nato = "X-ray" If $letter = "y" Then Global $nato = "Yankee" If $letter = "z" Then Global $nato = "Zulu" Return EndFunc ;==>nato2 Func symbol($sym) If $sym = "!" Then Global $symb = "Exclamation-Mark" If $sym = "@" Then Global $symb = "At-Sign" If $sym = "$" Then Global $symb = "Dollar-Sign" If $sym = ";" Then Global $symb = "Semi-Colon" If $sym = "?" Then Global $symb = "Question-Mark" If $sym = "%" Then Global $symb = "Percent-Sign" If $sym = "#" Then Global $symb = "Pound-Sign" Return EndFunc ;==>symbol Func digit($num) If $num = "1" Then Global $numb = "One" If $num = "2" Then Global $numb = "Two" If $num = "3" Then Global $numb = "Three" If $num = "4" Then Global $numb = "Four" If $num = "5" Then Global $numb = "Five" If $num = "6" Then Global $numb = "Six" If $num = "7" Then Global $numb = "Seven" If $num = "8" Then Global $numb = "Eight" If $num = "9" Then Global $numb = "Nine" If $num = "0" Then Global $numb = "Zero" Return EndFunc ;==>digit Feel free to update and make it better.
×
×
  • Create New...