Sign in to follow this  
Followers 0
RogFleming

Open Source LDAP (Generic)

5 posts in this topic

#1 ·  Posted (edited)

I been trying to use a LDAP inegration dll (NSLDAPSSL32V30.dll)for generic access to any LDAP based directory. Using Dependency Walker I have found many functions, my question is how can I call these function using CallDll I only have the function names, I do not have parameters. Is there a standard process to use? I found an example in 'C' which calls the following:

int ldap_sasl_bind(

LDAP *ld,

const char *dn,

const char *mechanism,

const struct berval *cred,

LDAPControl **serverctrls,

LDAPControl **clientctrls,

int *msgidp

);

int ldap_sasl_bind_s(

LDAP *ld,

const char *dn,

const char *mechanism,

const struct berval *cred,

LDAPControl **serverctrls,

LDAPControl **clientctrls,

struct berval **servercredp

);

int ldap_simple_bind(

LDAP *ld,

const char *dn,

const char *passwd

);

Functions Found

ldap_abandon
ldap_add
GetExecutionEnvironment
ldap_unbind
LL_MaxInt
LL_MinInt
LL_Zero
PL_ArenaAllocate
PL_ArenaFinish
ldap_compare
ldap_delete
ldap_result2error
ldap_err2string
ldap_modify
ldap_modrdn
ldap_open
ldap_first_entry
ldap_next_entry
PL_ArenaGrow
PL_ArenaRelease
ldap_get_dn
ldap_dn2ufn
ldap_first_attribute
ldap_next_attribute
ldap_get_values
ldap_get_values_len
ldap_count_entries
ldap_count_values
ldap_value_free
ldap_explode_dn
ldap_result
ldap_msgfree
PL_CompactArenaPool
ldap_search
ldap_add_s
ldap_bind_s
ldap_unbind_s
ldap_delete_s
ldap_modify_s
ldap_modrdn_s
ldap_search_s
ldap_search_st
ldap_compare_s
ldap_ufn_search_c
ldap_ufn_search_s
ldap_init_getfilter
ldap_getfilter_free
ldap_getfirstfilter
ldap_getnextfilter
ldap_simple_bind
ldap_simple_bind_s
ldap_bind
ldap_friendly_name
ldap_free_friendlymap
ldap_ufn_search_ct
PL_FinishArenaPool
PL_FreeArenaPool
ldap_modrdn2
ldap_modrdn2_s
ldap_ufn_setfilter
ldap_ufn_setprefix
ldap_ufn_timeout
ldap_init_getfilter_buf
ldap_setfilteraffixes
ldap_sort_entries
ldap_sort_values
ldap_sort_strcasecmp
ldap_count_values_len
ldap_name2template
ldap_value_free_len
PL_InitArenaPool
PL_strcasecmp
PL_strchr
PL_strcpy
PL_strdup
ldap_init
ldap_is_dns_dn
ldap_explode_dns
ldap_mods_free
ldap_is_ldap_url
ldap_free_urldesc
ldap_url_parse
ldap_url_search
ldap_url_search_s
ldap_url_search_st
ldap_set_rebind_proc
PL_strfree
PL_strlen
PL_strncasecmp
PL_strnchr
ber_skip_tag
ber_peek_tag
ber_get_int
ber_get_stringb
ber_get_stringa
ber_get_stringal
ber_get_bitstringa
ber_get_null
ber_get_boolean
ber_first_element
ber_next_element
ber_scanf
ber_bvfree
ber_bvecfree
ber_put_int
ber_put_ostring
ber_put_string
ber_put_bitstring
ber_put_null
ber_put_boolean
ber_start_seq
ber_start_set
ber_put_seq
ber_put_set
ber_printf
ber_read
ber_write
ber_free
ber_flush
ber_alloc
ber_dup
ber_get_next
ber_get_tag
ber_put_enum
der_alloc
ber_alloc_t
ber_bvdup
ber_init_w_nullchar
ber_reset
ber_get_option
ber_set_option
ber_sockbuf_alloc
ber_sockbuf_get_option
ber_sockbuf_set_option
ber_init
ber_flatten
ber_special_alloc
ber_special_free
ber_get_next_buffer
ber_err_print
ber_sockbuf_free
PL_strncpy
PL_strncpyz
PL_strndup
PL_strnlen
PL_strnrchr
PL_strrchr
PRP_DestroyNakedCondVar
PRP_NakedBroadcast
PRP_NakedNotify
PRP_NakedWait
PRP_NewNakedCondVar
PRP_TryLock
PR_Abort
PR_Accept
PR_AcceptRead
PR_Access
PR_AllocFileDesc
PR_Assert
PR_AtomicDecrement
PR_AtomicIncrement
PR_AtomicSet
PR_AttachThread
PR_AttachThreadGCAble
PR_Available
PR_Available64
PR_Bind
PR_BlockClockInterrupts
PR_CEnterMonitor
PR_CExitMonitor
PR_CNotify
PR_CNotifyAll
PR_CWait
PR_CallOnce
PR_Calloc
PR_CeilingLog2
PR_ChangeFileDescNativeHandle
PR_ClearInterrupt
PR_ClearThreadGCAble
PR_Close
PR_CloseFileMap
PR_Connect
PR_CreateFileMap
PR_CreateIOLayerStub
PR_CreateNetAddr
PR_CreatePipe
PR_CreateProcess
PR_CreateProcessDetached
PR_CreateThread
PR_CreateThreadGCAble
ldap_memfree
ldap_ber_free
PR_Delete
PR_DestroyCondVar
PR_DestroyLock
PR_DestroyMonitor
PR_DestroyNetAddr
PR_DestroyProcessAttr
PR_DestroySegment
PR_DetachProcess
PR_DetachThread
PR_DisableClockInterrupts
PR_EnterMonitor
PR_EnumerateHostEnt
PR_EnumerateThreads
PR_ExitMonitor
PR_ExplodeTime
PR_FD_CLR
PR_FD_ISSET
PR_FD_NCLR
PR_FD_NISSET
PR_FD_NSET
PR_FD_SET
PR_FD_ZERO
PR_FamilyInet
PR_FileDesc2NativeHandle
PR_FindLibrary
PR_FindSymbol
PR_FindSymbolAndLibrary
PR_FloorLog2
PR_FormatTime
PR_FormatTimeUSEnglish
PR_Free
PR_FreeFileDesc
PR_FreeLibraryName
PR_GMTParameters
PR_GetConnectStatus
PR_GetCurrentThread
PR_GetDefaultIOMethods
PR_GetDescType
PR_GetDirectorySepartor
PR_GetEnv
PR_GetError
PR_GetErrorString
PR_GetErrorText
PR_GetErrorTextLength
PR_GetFileInfo
PR_GetFileInfo64
PR_GetFileMethods
PR_GetHostByAddr
PR_GetHostByName
PR_GetHostName
PR_GetIdentitiesLayer
PR_GetLayersIdentity
PR_GetLibraryName
PR_GetLibraryPath
PR_GetMonitorEntryCount
PR_GetNameForIdentity
PR_GetOSError
PR_GetOpenFileInfo
PR_GetOpenFileInfo64
PR_GetPageShift
PR_GetPageSize
PR_GetPeerName
PR_GetProtoByName
PR_GetProtoByNumber
PR_GetSP
PR_GetSegmentAccess
PR_GetSegmentSize
PR_GetSegmentVaddr
PR_GetSockName
PR_GetSockOpt
PR_GetSocketOption
PR_GetSpecialFD
PR_GetSystemInfo
PR_GetTCPMethods
PR_GetThreadAffinityMask
PR_GetThreadExit
PR_GetThreadID
PR_GetThreadPriority
PR_GetThreadPrivate
PR_GetThreadScope
PR_GetThreadState
PR_GetThreadType
PR_GetUDPMethods
PR_GetUniqueIdentity
PR_GrowSegment
PR_ImplodeTime
PR_ImportFile
PR_ImportTCPSocket
PR_ImportUDPSocket
PR_Init
PR_Initialize
PR_InitializeNetAddr
PR_Initialized
PR_Interrupt
PR_IntervalNow
PR_IntervalToMicroseconds
PR_IntervalToMilliseconds
PR_IntervalToSeconds
ldap_init_searchprefs
ldap_init_searchprefs_buf
ldap_free_searchprefs
ldap_first_searchobj
ldap_next_searchobj
ldap_build_filter
PR_JoinThread
PR_KillProcess
PR_Listen
PR_LoadLibrary
PR_LoadStaticLibrary
PR_LocalTimeParameters
PR_Lock
PR_LockFile
PR_LogFlush
PR_LogPrint
PR_Malloc
PR_MapSegment
PR_MemMap
PR_MemUnmap
PR_MicrosecondsToInterval
PR_MillisecondsToInterval
PR_NetAddrSize
PR_NetAddrToString
PR_NewCondVar
PR_NewLock
PR_NewLogModule
PR_NewMonitor
PR_NewNamedMonitor
PR_NewProcessAttr
PR_NewSegment
PR_NewTCPSocket
PR_NewTCPSocketPair
PR_NewThreadPrivateIndex
PR_NewUDPSocket
PR_NormalizeTime
PR_Notify
PR_NotifyAll
PR_NotifyAllCondVar
PR_NotifyCondVar
PR_Now
PR_Open
PR_ParseTimeString
PR_Poll
PR_PopIOLayer
PR_ProcessExit
PR_PushIOLayer
PR_Read
PR_Realloc
PR_Recv
PR_RecvFrom
PR_Rename
PR_ResetProcessAttr
PR_ResumeAll
PR_SecondsToInterval
PR_Seek
PR_Seek64
PR_Select
PR_Send
PR_SendTo
PR_SetCPUAffinityMask
PR_SetError
PR_SetErrorText
PR_SetIPv6Enable
PR_SetLibraryPath
PR_SetLogBuffering
PR_SetLogFile
PR_SetSockOpt
PR_SetSocketOption
PR_SetStdioRedirect
PR_SetThreadAffinityMask
PR_SetThreadExit
PR_SetThreadGCAble
PR_SetThreadPriority
PR_SetThreadPrivate
PR_SetThreadRecycleMode
PR_Shutdown
PR_Sleep
PR_Socket
PR_Stat
PR_StringToNetAddr
PR_SuspendAll
PR_Sync
PR_TLockFile
PR_TestAndEnterMonitor
PR_TestAndLock
PR_TicksPerSecond
PR_TransmitFile
PR_USPacificTimeParameters
PR_UnblockClockInterrupts
PR_UnloadLibrary
PR_Unlock
PR_UnlockFile
PR_VersionCheck
PR_Wait
PR_WaitCondVar
PR_WaitProcess
PR_Write
PR_Writev
PR_Yield
ldap_init_templates
ldap_init_templates_buf
ldap_free_templates
ldap_first_disptmpl
ldap_next_disptmpl
ldap_oc2template
ldap_tmplattrs
ldap_first_tmplrow
ldap_next_tmplrow
ldap_first_tmplcol
ldap_next_tmplcol
ldap_entry2text_search
ldap_entry2text
ldap_vals2text
ldap_entry2html
ldap_entry2html_search
ldap_vals2html
ldap_tmplerr2string
ldap_set_option
ldap_get_option
ldap_charray_merge
PR_cnvtf
PR_dtoa
PR_fprintf
PR_htonl
PR_htonll
PR_htons
PR_ntohl
PR_ntohll
PR_ntohs
ldap_get_lderrno
ldap_set_lderrno
ldap_perror
ldap_set_filter_additions
ldap_create_filter
PR_smprintf
PR_smprintf_free
PR_snprintf
PR_sprintf_append
PR_strtod
ldap_version
ldap_multisort_entries
ldap_msgid
ldap_explode_rdn
ldap_msgtype
ldap_cache_flush
ldap_str2charray
ldap_charray_add
ldap_charray_dup
ldap_charray_free
ldapssl_client_init
ldapssl_init
ldapssl_install_routines
ldapssl_clientauth_init
ldapssl_enable_clientauth
PR_Cleanup
ldapssl_advclientauth_init
PR_sxprintf
PR_vfprintf
PR_vsmprintf
PR_vsnprintf
PR_vsprintf_append
PR_vsxprintf
SetExecutionEnvironment
_PRI_AttachThread
_PR_AddSleepQ
_PR_CreateThread
_PR_DelSleepQ
_PR_MD_FREE_CV
_PR_MD_NEW_CV
ldap_charray_inlist
ldap_charray_position
ldap_rename
ldap_rename_s
ldap_utf8len
ldap_utf8next
ldap_utf8prev
ldap_utf8copy
ldap_utf8characters
ldap_utf8strtok_r
ldap_utf8isalnum
ldap_utf8isalpha
ldap_utf8isdigit
ldap_utf8isxdigit
ldap_utf8isspace
ldap_control_free
ldap_controls_free
ldap_sasl_bind
ldap_sasl_bind_s
ldap_parse_sasl_bind_result
_PR_MD_NOTIFYALL_CV
_PR_MD_NOTIFY_CV
ldap_create_sort_control
ldap_parse_sort_control
_PR_MD_UNLOCK
ldap_get_lang_values
ldap_get_lang_values_len
ldap_free_sort_keylist
ldap_create_sort_keylist
ldap_utf8getcc
ldap_get_entry_controls
ldap_create_persistentsearch_control
ldap_parse_entrychange_control
ldap_parse_result
ldap_parse_extended_result
ldap_parse_reference
ldap_abandon_ext
ldap_add_ext
ldap_add_ext_s
ldap_modify_ext
ldap_modify_ext_s
ldap_first_message
ldap_next_message
ldap_compare_ext
ldap_compare_ext_s
ldap_delete_ext
ldap_delete_ext_s
ldap_search_ext
ldap_search_ext_s
ldap_extended_operation
ldap_extended_operation_s
ldap_first_reference
ldap_next_reference
ldap_count_references
ldap_count_messages
ldap_create_virtuallist_control
ldap_parse_virtuallist_control
_PR_MD_WAIT_CV
_PR_NativeCreateThread
dbopen
mktemp
ldap_memcache_init
ldap_memcache_set
ldap_memcache_get
ldap_memcache_flush
ldap_memcache_destroy
ldap_memcache_update
ldap_keysort_entries
Edited by RogFleming

Share this post


Link to post
Share on other sites



#2 ·  Posted (edited)

Seems I found a work around, the process requires a go between but it is effective in getting the desired results.

First I needed the following items

NSLDAPSSL32v30.dll http://www.dlldll.com/nsldapssl32v30.dll_download.html

LDAP.DLL ( for TCL ) http://www.sensus.org/tcl/ldap.htm

Freewrap for TCL to create executiable with TCL script which will pass to the LDAP.dll and to the NSLDAPSSL32V30.dll

I creating a command based TCl script which will act like and interpetor from autoit to LDAP.DLL

load [file join [pwd] "ldap.dll"]
proc {main} {argc argv} {
    set args1 [lindex $argv 0]
    if {$argc == 0} {
        puts "Incomplete syntax."
        puts ""
        puts "must be add, compare, delete, join, modify, modrdn,"
        puts "normalize, parent, search, split, or url"
        puts ""
        puts "add dn ?attr values? ..."
        puts ""
        puts "compare dn attr value "
        puts ""
        puts "delete dn"
        puts ""
        puts "search ?options? base ?filter? ?attr ..."
        puts ""
        puts "modify dn ?add: attr values? ?del: attr? ?mod: attr values?"
        puts ""
        exit
    }
    set ps_ldap [ ldap -timeout 10 10.240.52.160 10389 ] <-- need to hard code here the ip address and port number
    catch {$ps_ldap bind uid=admin,ou=system secret} catch_error <-- need to hard code admin username and password
        
    set args2 [lindex $argv 1]
    set args3 [lindex $argv 2]
    set args4 [lindex $argv 3]
    set args5 [lindex $argv 4]
    set args6 [lindex $argv 5]
    set data_return [$ps_ldap $args1 $args2 $args3 $args4 $args5 $args6]
    puts $data_return
    exit 
       
}
proc init {argc argv} {
}
init $argc $argv
main $argc $argv

This will provide the LDAP commands for Autoit

ldap ?options? ?host? ?port?

Initializes an LDAP connection to specified host (default: localhost) and port (default: 389). Returns the name of a new command in the interpreter that can be used to communicate with the specified LDAP Server. The available options are: -

-timeout seconds

Provide the query timeout. (default: 120)

-version number

Provide the protocol version to use when communicating with the LDAP Server. (default: 3, if ldap toolkit supports it, otherwise 2)

Object Command

$obj add dn ?attr values? ...

Add new object to directory, populating the specified attributes with the coresponding values. Note: many attributes in a directory are multi-value, so the value provided here is a Tcl list of values for each occurance of an attribute.

$obj bind ?dn? ?password?

Issue a bind (e.g. authentication request) against the specified user dn. If neither dn or password are supplied an anonymous bind is performed.

$obj compare dn attr value

Issue a compare, returns 1 (true) if attr matches value, otherwise 0 (false).

$obj delete dn

Issue a delete against the specified dn. Note: Most directories will not allow you to delete a node that has children.

$obj join rdnlist

Join each rdn (relative DN) together to produce a fully qualified dn. (local)

$obj modify dn ?add: attr values? ?del: attr? ?mod: attr values?

Issue a modify against specified dn. This is best shown by example. The following adds two objectclass attributes, deletes the junkAttr attrbute and replaces any existing cn attrbutes with the single value "Matt Newman": -

$obj modify $dn add: objectclass [list person inetOrgPerson] del: junkAttr mod: cn [list "Matt Newman"]

$obj modrdn dn rdn ?retain?

Renames the leaf rdn component of dn in the directory - see LDAP reference documentation for more details.

$obj parent dn

Returns the logical parent dn for the specified dn.

$obj search ?options? base ?filter? ?attr ...?

The heart of most ldap programs - issue a search against the directory. Returns a list of entries, where each entry is in itself an list of attr values pairs, suitable for use with array set. Note: the values associated with a given attribute are a list, since attributes can have multiple values.

If no filter is provided the default filter (objectclass=*) is used. If attribute names are provided after the filter then only the named attributes will be returned. The available options are: -

-attrs bool

Return only the names of the attributes in the matching objects. When this is true the returned format is a list of entries where the first element of each entry is the matching dn and the subsequent fields are the attribute names. (default: false)

-names bool

Return only the dn names of the matching objects. When this is true the returned format is a simple list of dn's. (default: false)

-scope enum

Specify the scope of the LDAP search. Can be base, one, or sub. (default: base)

$obj split dn ?friendly?

Break up the specified dn into a Tcl list of it's component parts. If friendly is true then the qualified (e.g. cn=) is dropped.

$obj url url

Behaves exactly as $obj search, except the search criterial are specified using the standard LDAP URL notation.

So with freewrap I created a executible called AutoitLDAP.exe

so in the autoit scripts the commands would be for example

This would create the directory bind

Run("AutoitLDAP.exe"&" "&"bind"&" "&"ldap_admin"&" "&"ldap_password"&" "&"ldap_address"&" "&"ldap_port")

To create a LDAP query

Run("AutoitLDAP.exe"&" "&"search"&" "-scope"&" "&"sub"&" "&"uid=username,dc=abc,dc=org")

I will reply with a working example next.

Edited by RogFleming

Share this post


Link to post
Share on other sites

I been busy, and figured out a better approach to the LDAP process. I download the SUNONE SDK resource kit and captured the required files to allow LDAP queries,delete, and modifications.

So the files need from the SDK toolkit are: here a installer code to put the required files on a desired lcoation for use later.

DirCreate("C:\Program Files\Launchbar\LDAP")
FileInstall("c:\LDAP\ldapdelete.exe","C:\Program Files\Launchbar\LDAP"& "\",1)
FileInstall("c:\LDAP\ldapmodify.exe","C:\Program Files\Launchbar\LDAP"& "\",1)
FileInstall("c:\LDAP\ldapsearch.exe","C:\Program Files\Launchbar\LDAP"& "\",1)
FileInstall("c:\LDAP\libnspr4.dll","C:\Program Files\Launchbar\LDAP"& "\",1)
FileInstall("c:\LDAP\libplc4.dll","C:\Program Files\Launchbar\LDAP"& "\",1)
FileInstall("c:\LDAP\nsldap32v50.dll","C:\Program Files\Launchbar\LDAP"& "\",1)
FileInstall("c:\LDAP\nsldappr32v50.dll","C:\Program Files\Launchbar\LDAP"& "\",1)
FileInstall("c:\LDAP\nsldapssl32v50.dll","C:\Program Files\Launchbar\LDAP"& "\",1)
FileInstall("c:\LDAP\sasl32.dll","C:\Program Files\Launchbar\LDAP"& "\",1)

Useage Manual

usage: ldapmodify.exe [options]
options:
    -n          show what would be done but don't actually do it
    -v          run in verbose mode (diagnostics to standard output)
    -h host     LDAP server name or IP address (default: localhost)
    -p port     LDAP server TCP port number (default: 389)
    -V n        LDAP protocol version number (2 or 3; default: 3)
    -Z          make an SSL-encrypted connection
    -P pathname path to SSL certificate database (default: current directory)
    -N          name of certificate to use for SSL client authentication
    -K pathname path to key database to use for SSL client authentication
                (default: path to certificate database provided with -P option)
    -m pathname path to security module database
    -W          SSL key password
    -3          check hostnames in SSL certificates
    -Q [token][:certificate name]       PKCS 11
    -I pin      card password file
    -D binddn   bind dn
    -w passwd   bind passwd (for simple authentication)
    -w -        prompt for bind passwd (for simple authentication)
    -j file     read bind passwd from 'file' (for simple authentication)
    -E          ask server to expose (report) bind identity
    -R          do not automatically follow referrals
    -O limit    maximum number of referral hops to traverse (default: 5)
    -M          manage references (treat them as regular entries)
    -0          ignore LDAP library version mismatches
    -i charset  character set for command line input (default taken from locale)

    -k dir      conversion routine directory (default: current directory)
    -Y proxyid  proxied authorization id,
                e.g, dn:uid=bjensen,dc=example,dc=com
    -H          display usage information
    -J controloid[:criticality[:value|::b64value|:<fileurl]]
                criticality is a boolean value (default is false)
    -o attrName=attrVal SASL options which are described in the man page
    -c          continuous mode (do not stop on errors)
    -A          display non-ASCII values in conjunction with -v
    -f file     read modifications from file (default: standard input)
    -b          read values that start with / from files (for bin attrs)
    -F          force application of all changes, regardless of
                replica lines
    -e rejfile  save rejected entries in "rejfile"
    -B suffix   bulk import to "suffix"
    -q          be quiet when adding/modifying entries
ldap

Example
 Directory of C:\Program Files\Launchbar\LDAP

11/10/2009  12:54 PM    <DIR>          .
11/10/2009  12:54 PM    <DIR>          ..
11/10/2009  11:43 AM            36,864 ldapdelete.exe
11/10/2009  11:43 AM            45,056 ldapmodify.exe
11/10/2009  04:00 PM             2,513 ldapmodify.hlp
11/10/2009  11:43 AM            53,248 ldapsearch.exe
11/10/2009  12:55 PM             4,429 ldapsearch.hlp
11/10/2009  11:43 AM           196,608 libnspr4.dll
11/10/2009  11:43 AM            28,672 libplc4.dll
11/10/2009  11:43 AM           147,456 nsldap32v50.dll
11/10/2009  11:43 AM            24,576 nsldappr32v50.dll
11/10/2009  11:43 AM            40,960 nsldapssl32v50.dll
11/10/2009  11:43 AM            69,632 sasl32.dll
              11 File(s)        650,014 bytes
               2 Dir(s)  18,840,387,584 bytes free


C:\Program Files\Launchbar\LDAP>ldapmodify -h 10.240.52.109 -p 10389 -D "uid=adm
in,ou=system" -w secret
dn: cn=ssouser2,cn=question1,cn=questions,ou=SelfService
changetype: add
objectClass: person
objectClass: top
cn: ssouser2
sn: The name of the high school you attended
userPassword:: eXVjYWlwYQ==

adding new entry cn=ssouser2,cn=question1,cn=questions,ou=SelfService


dn: cn=ssouser3,cn=question1,cn=questions,ou=SelfService
changetype: add
objectClass: person
objectClass: top
cn: ssouser3
sn: test
userPassword:

adding new entry cn=ssouser3,cn=question1,cn=questions,ou=SelfService

Debug Mode:

C:\Program Files\Launchbar\LDAP>ldapmodify -h 10.240.52.109 -p 10389 -v -a -f fl
eminr.ldif -D "uid=admin,ou=system" -w secret
ldapmodify: started Tue Nov 10 17:26:21 2009

ldap_init( 10.240.52.109, 10389 )
add objectClass:
        person
        top
add cn:
        ssouser5
add sn:
        test
add userPassword:
        abc123
adding new entry cn=ssouser5,cn=question1,cn=questions,ou=SelfService
modify complete


LDIf file

dn: cn=ssouser5,cn=question1,cn=questions,ou=SelfService
objectClass: person
objectClass: top
cn: ssouser5
sn: test
userPassword: abc123

Now is time to build the script! The only question is to either try to send the text to a hidden console or create the LDAP file manually and then have the command read the LDAP file.

You guys have any ideas?

Share this post


Link to post
Share on other sites

I've been searching for an easy way in AutoIt to delete a user through an LDAP all day, and this seems like the most promising lead. Where did you download the SDK from? Can you post a link? Or, if anyone else has any other suggestions, here's the code I was using (modified slightly from ADFunctions.au3 in the include directory):

#include <ADFunctions.au3>

Global $UserCN, $UserOU

$UserID = "Test1"
$UserOU = "OU=ABC,OU=DEF,DC=corp,DC=com"
$UserCN = "Test1\, Kevin"
$UserDN = "CN=Test1\, Kevin,OU=ABC,OU=DEF,DC=corp,DC=com"

MsgBox(0, "Object Exists", _ADObjectExists($UserID))

Global $objRootDSE = ObjGet("LDAP://RootDSE")
Global $strDNSDomain = $objRootDSE.Get ("defaultNamingContext")  ; Retrieve the current AD domain name
Global $strHostServer = $objRootDSE.Get ("dnsHostName") ; Retrieve the name of the connected DC
Global $strConfiguration = $objRootDSE.Get ("ConfigurationNamingContext") ; Retrieve the Configuration naming context

Global $objUser = ObjGet("LDAP://" & $strHostServer & "/" & $UserDN)
MsgBox(0, "Account Name", $objUser.SAMAccountName) ; THIS SUCCESSFULLY RETURNS THE ACCOUNT NAME

$objUser.Delete                                    ; HOWEVER, NEITHER OF THESE LINES WORK
$objUser.Delete("user", $UserID)

MsgBox(0, "Object Exists", _ADObjectExists($UserID)) ; SEE IF THE USER STILL EXISTS

Share this post


Link to post
Share on other sites

#5 ·  Posted (edited)

You could try the AD UDF (for download see my signaure). It's based on Jonathan Clellands adfunctions.au3 extended with help file, examples, ScITE integration and some additional functions.

To delete a user I would try something like:

$Result = _AD_Open()
$Result = _AD_DeleteObject("<Here comes the SamAccountName or FQDN of the user to delete>","user")
$Result = _AD_CLose()
Edited by water

My UDFs and Tutorials:

Spoiler

UDFs:
Active Directory (NEW 2017-04-18 - Version 1.4.8.0) - Download - General Help & Support - Example Scripts - Wiki
OutlookEX (NEW 2017-02-27 - Version 1.3.1.0) - Download - General Help & Support - Example Scripts - Wiki
ExcelChart (2015-04-01 - Version 0.4.0.0) - Download - General Help & Support - Example Scripts
Excel - Example Scripts - Wiki
Word - Wiki
PowerPoint (2015-06-06 - Version 0.0.5.0) - Download - General Help & Support

Tutorials:
ADO - Wiki

 

Share this post


Link to post
Share on other sites

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!


Register a new account

Sign in

Already have an account? Sign in here.


Sign In Now
Sign in to follow this  
Followers 0