Jump to content

Active Directory UDF


water
 Share

Recommended Posts

I have a little issue I am trying to mimic the ifmember function that Microsoft has made available by using the _AD_IsMemberOf() function suppled with your UDF, as an example:

If _CMD(@LogonServer & '\netlogon\ifmember Domain Admins') Then mapdrive("s:", $source & "\source")EndIf

The code that has been suppled as an example seems not to work..

#include <AD.au3>

Global $aUser, $sFQDN_Group

; Open Connection to the Active Directory
_AD_Open()

; Get the Fully Qualified Domain Name (FQDN) for the current user
$sFQDN_User = _AD_SamAccountNameToFQDN()

; Get an array of group names (FQDN) that the current user is immediately a member of
_AD_GetUserGroups($aUser, @UserName)
$sFQDN_Group = $aUser[1]

; Check the group membership of the specified user for the specified group
$iResult = _AD_IsMemberOf($sFQDN_Group, $sFQDN_User)
Select
    Case $iResult = 1
        MsgBox(64, "Active Directory Functions", _
                "User: " & $sFQDN_User & @CRLF & _
                "Group: " & $sFQDN_Group & @CRLF & _
                "User is a member of the specified group!")
    Case ($iResult = 0 And @error = 1)
        MsgBox(64, "Active Directory Functions", _
                "User: " & $sFQDN_User & @CRLF & _
                "Group: " & $sFQDN_Group & @CRLF & _
                "Group does not exist!")
    Case ($iResult = 0 And @error = 2)
        MsgBox(64, "Active Directory Functions", _
                "User: " & $sFQDN_User & @CRLF & _
                "Group: " & $sFQDN_Group & @CRLF & _
                "User does not exist!")
    Case ($iResult = 0)
        MsgBox(64, "Active Directory Functions", _
                "User: " & $sFQDN_User & @CRLF & _
                "Group: " & $sFQDN_Group & @CRLF & _
                "User is a not member of the specified group!")
EndSelect

; Close Connection to the Active Directory
_AD_Close()

Error I get is;

D:\addons\autoit\Logon Script\ad_test.au3 (13) : ==> Subscript used with non-Array variable.:

$sFQDN_Group = $aUser[1]

$sFQDN_Group = $aUser^ ERROR

unfortunately I am not too clear on the logic of this example.

Is it possible to show an example of how this code would be implemented for my case or show me where the above code went wrong.

Edited by PeterAtkin

[topic='115020'] AD Domain Logon Script[/topic]

Link to comment
Share on other sites

My bad. That's an error introduced by removing "ByRef".

Please change line

_AD_GetUserGroups($aUser, @UserName)
to
$aUser = _AD_GetUserGroups(@UserName)
and everything works fine.

In your case you want to check the membership of the currentuser in a specific group. So I would code:

if _AD_isMemberOf("groupname",@Username) Then <Do what has to be done when the user is a member of group "groupname">

You can specify "groupname" as samaccountname (blabla) or FQDN (CN=blabla,OU=blabla,DC=blabla).

My UDFs and Tutorials:

Spoiler

UDFs:
Active Directory (NEW 2022-02-19 - Version 1.6.1.0) - Download - General Help & Support - Example Scripts - Wiki
ExcelChart (2017-07-21 - Version 0.4.0.1) - Download - General Help & Support - Example Scripts
OutlookEX (2021-11-16 - Version 1.7.0.0) - Download - General Help & Support - Example Scripts - Wiki
OutlookEX_GUI (2021-04-13 - Version 1.4.0.0) - Download
Outlook Tools (2019-07-22 - Version 0.6.0.0) - Download - General Help & Support - Wiki
PowerPoint (2021-08-31 - Version 1.5.0.0) - Download - General Help & Support - Example Scripts - Wiki
Task Scheduler (NEW 2022-07-28 - Version 1.6.0.1) - Download - General Help & Support - Wiki

Standard UDFs:
Excel - Example Scripts - Wiki
Word - Wiki

Tutorials:
ADO - Wiki
WebDriver - Wiki

 

Link to comment
Share on other sites

Wow that was fast, but seems still some very odd issues the first _AD_isMemberOf("Domain Users", @UserName) dos not get reconised at all

AD_Open()
If _AD_isMemberOf("Domain Users", @UserName) Then
RunAsWait("Administrator", "cfu", "password", 4, "net time " & @LogonServer & " /SET /Y", @SW_HIDE)
ProgressSet(10, "Removing old network shares please wait...")
If $number_of_network_drives > 1 Then
  _deldrive("*")
Else
  ;MsgBox(16, "Total Number of network drives", " number of network drives :" & $number_of_network_drives)
EndIf
ProgressSet(15, "Adding default shares")
_mapdrive("h:", $homebase & "\user$\" & @UserName)
_mapdrive("p:", $public & "\public")
ProgressSet(25, "Domain Users home share")
ProgressSet(35, "Setting up network printers")
_add_network_printers()
EndIf

If _AD_isMemberOf("Domain Admins", @UserName) Then
_mapdrive("s:", $source & "\source")
ProgressSet(40, "Setup admin shares")
EndIf
If _AD_isMemberOf("quoteworks", @UserName) Then
_mapdrive("w:", $accounts & "\quotewerks")
ProgressSet(50, "Setup quoteworks share")
EndIf

If _AD_isMemberOf("core", @UserName) Then
_mapdrive("x:", $accounts & "\core$")
_mapdrive("q:", $accounts & "\quickbooks$")
_mapdrive("t:", $accounts & "\clients$")
_mapdrive("u:", $accounts & "\suppliers$")
ProgressSet(70, "Setup core shares")
EndIf

If _AD_isMemberOf("Engineers", @UserName) Then
_mapdrive("s:", $source & "\source")
ProgressSet(80, "Setup engineer share")
EndIf
_AD_Close()

The others work fine, however now also my delete function no longer works?

Func _deldrive($drived)
Local $i = $number_of_network_drives
If $drived = "*" Then
  Do
   DriveMapDel($network_drives[$i] & ":")
   Sleep(500)
   $i = $i - 1
  Until $i = 0
Else
  DriveMapDel($drived)
  Switch @error
   Case 0
    ;MsgBox(16, "Error", "An unknown error occured trying to delete local drive :" & $network_drives[$i] & ":")
   Case Else
    ;MsgBox(64, "Completed!", "Deleted " & $network_drives[$i])
  EndSwitch
EndIf
EndFunc   ;==>_deldrive

I when back to using the normal ifmember code

[font="Verdana"]If _CMD(@LogonServer & '\netlogon\ifmember Domain Admins') Then mapdrive("s:", $source & "\source")EndIf
and all worked just fine?

Any Ideas that all seems a bit odd to me maybe I am doing somtheing wrong..

I have attached the full working script, checked and rechecked just in case.

logon.au3

Edited by PeterAtkin

[topic='115020'] AD Domain Logon Script[/topic]

Link to comment
Share on other sites

The problem is, that the group "Domain Users" never seems to have any members (here it's empty as well) - would be too many entries. If you run

#include <AD.au3>
_AD_Open()
$R = _AD_IsMemberOf("Domain Users",@UserName)
ConsoleWrite($R & "-" & @error & @CRLF)
$R = _AD_GetUserPrimaryGroup(@UserName)
ConsoleWrite($R & "-" & @error & @CRLF)
_AD_Close()
you will get "0-0" as the first result. The second result will return the primary group which - in most cases - is "Domain Users".

Maybe this approach helps.

BTW: Could we move problems with the UDF to the "General help and Support" thread (see my signature)? Here I would like to discuss suggestions, tests etc. regarding the functions of the UDF.

Edited by water

My UDFs and Tutorials:

Spoiler

UDFs:
Active Directory (NEW 2022-02-19 - Version 1.6.1.0) - Download - General Help & Support - Example Scripts - Wiki
ExcelChart (2017-07-21 - Version 0.4.0.1) - Download - General Help & Support - Example Scripts
OutlookEX (2021-11-16 - Version 1.7.0.0) - Download - General Help & Support - Example Scripts - Wiki
OutlookEX_GUI (2021-04-13 - Version 1.4.0.0) - Download
Outlook Tools (2019-07-22 - Version 0.6.0.0) - Download - General Help & Support - Wiki
PowerPoint (2021-08-31 - Version 1.5.0.0) - Download - General Help & Support - Example Scripts - Wiki
Task Scheduler (NEW 2022-07-28 - Version 1.6.0.1) - Download - General Help & Support - Wiki

Standard UDFs:
Excel - Example Scripts - Wiki
Word - Wiki

Tutorials:
ADO - Wiki
WebDriver - Wiki

 

Link to comment
Share on other sites

No, just for future problems.

To get a good overview what's in your AD and whats not you could download "ADExplorer" from Sysinternals (now M$). No installation required, just run the program.

The group "Domain Users" can be found under "System_Groups". You will notice that the group has no members.

Edited by water

My UDFs and Tutorials:

Spoiler

UDFs:
Active Directory (NEW 2022-02-19 - Version 1.6.1.0) - Download - General Help & Support - Example Scripts - Wiki
ExcelChart (2017-07-21 - Version 0.4.0.1) - Download - General Help & Support - Example Scripts
OutlookEX (2021-11-16 - Version 1.7.0.0) - Download - General Help & Support - Example Scripts - Wiki
OutlookEX_GUI (2021-04-13 - Version 1.4.0.0) - Download
Outlook Tools (2019-07-22 - Version 0.6.0.0) - Download - General Help & Support - Wiki
PowerPoint (2021-08-31 - Version 1.5.0.0) - Download - General Help & Support - Example Scripts - Wiki
Task Scheduler (NEW 2022-07-28 - Version 1.6.0.1) - Download - General Help & Support - Wiki

Standard UDFs:
Excel - Example Scripts - Wiki
Word - Wiki

Tutorials:
ADO - Wiki
WebDriver - Wiki

 

Link to comment
Share on other sites

Thanks I solved the issues of domain user by just making a new group and putting the users in. worked a bit clumsy but I do understand why the issue in the first place and not so much of an effort really for me.

I still have an issue with it seems a conflict with my deldrive function

Func _deldrive($dddrive)
 Local $id = $number_of_network_drives
 If $dddrive = "*" Then
  Do
   DriveMapDel($network_drives[$id] & ":")
   Sleep(500)
   $id = $id - 1
   MsgBox(64, "Completed!", "Deleted " & $network_drives[$id])
  Until $id = 0
 Else
  DriveMapDel($dddrive)
  Switch @error
   Case 0
    ;MsgBox(16, "Error", "An unknown error occured trying to delete local drive :" & $network_drives[$id] & ":")
   Case Else
    ;MsgBox(64, "Completed!", "Deleted " & $network_drives[$id])
  EndSwitch
 EndIf
EndFunc   ;==>_deldrive
which makes no sense at all, I tried everything from renaming variables to forcing the script to run its a no go this is really peplexing as its clearly linked with the the AD.AU3 UDF but how I have no idea.

Any clues?

[topic='115020'] AD Domain Logon Script[/topic]

Link to comment
Share on other sites

I really do not understand but all seems to be working now!

Func _delmappeddrive($drived)
 Local $i = $number_of_network_drives
 If $drived = "*" Then
  Do
   DriveMapDel($network_drives[$i] & ":")
   Sleep(500)
   $i = $i - 1
  Until $i = 0
 Else
  DriveMapDel($drived)
  Switch @error
   Case 0
    ;MsgBox(16, "Error", "An unknown error occured trying to delete local drive :" & $network_drives[$i] & ":")
   Case Else
    ;MsgBox(64, "Completed!", "Deleted " & $network_drives[$i])
  EndSwitch
 EndIf
EndFunc   ;==>_delmappeddrive

Func _EnumerateDrives()
 Local $x = 1
 Local $y = 1
 For $dl = 72 To 89 ; (H-Y)
  $network_drives[$x] = Chr($dl)
  $drive = Chr($dl) & ":\"
  $drive_letter = Chr($dl)
  DriveGetFileSystem($drive)
  If @error = 0 Then
   ;MsgBox(16, "Network Drive", "Drive in Use " & $drive & @CRLF & @CRLF & " Array Varible :" & $network_drives[$x])
   $x = $x + 1
  Else
   ;MsgBox(16,"New Drive " & $network_drives[$y], "Free Drive " & $drive_letter)
   $y = $y + 1
  EndIf
 Next
 $number_of_network_drives = $x - 1
 Return $number_of_network_drives
 ;MsgBox(16, "Drives", "Number of network drives in use are " & $number_of_network_drives)
EndFunc   ;==>_EnumerateDrives
I just used the original working script and changed the name of the function and hay it works..

Thanks for all your help in this i'm a happy chappy.. good work..

[topic='115020'] AD Domain Logon Script[/topic]

Link to comment
Share on other sites

What do you mean by "issues"? Any error messages? I can not see a relation to the UDF at the moment. All funktion names start with _AD_ and all global variable names start with AD_ except for some global constants.

My UDFs and Tutorials:

Spoiler

UDFs:
Active Directory (NEW 2022-02-19 - Version 1.6.1.0) - Download - General Help & Support - Example Scripts - Wiki
ExcelChart (2017-07-21 - Version 0.4.0.1) - Download - General Help & Support - Example Scripts
OutlookEX (2021-11-16 - Version 1.7.0.0) - Download - General Help & Support - Example Scripts - Wiki
OutlookEX_GUI (2021-04-13 - Version 1.4.0.0) - Download
Outlook Tools (2019-07-22 - Version 0.6.0.0) - Download - General Help & Support - Wiki
PowerPoint (2021-08-31 - Version 1.5.0.0) - Download - General Help & Support - Example Scripts - Wiki
Task Scheduler (NEW 2022-07-28 - Version 1.6.0.1) - Download - General Help & Support - Wiki

Standard UDFs:
Excel - Example Scripts - Wiki
Word - Wiki

Tutorials:
ADO - Wiki
WebDriver - Wiki

 

Link to comment
Share on other sites

That was the strange thing no error messages at all, it like it just ignored the function completely, I even put an exit in it right at the top of the function to test, it just did not call the function.. I really do not understand or can even guess I checked your AD UDF for a conflict and could not find one that i could see well nothing obvious.

I'm using Windows 7 up till now I have no erratic behavior, but you never know i guess the script seems to be working like a dream now no issues at all, I will be testing over the next few days if any issues I shall report them to you, but really do not expect any my old script was running a few weeks with no issues in quite a diverse OS environment.

I attached the full script working should you need to look at it, you never know maybe I'm doing something i should'nt be.

logon_ad_working.au3

Edited by PeterAtkin

[topic='115020'] AD Domain Logon Script[/topic]

Link to comment
Share on other sites

Hi Water,

I have some problems using _AD_IsMemberOf().

In our script some actions will only happen when an user is member of a dedicated group.

Therefore _AD_IsMemberOf() works fine. But some actions apply to all users of the domain

so I use "Domain Users" (= "Domänen-Benutzer") to check for. This is also the primary domain

group for all users.

When I change the primary domain group then _AD_IsMemberOf() works well with "Domain Users",

e. g. _AD_IsMemberOf("Domänen-Benutzer", @Username). When I re-set "Domain Users" as primary

domain group _AD_IsMemberOf() return 0.

Some days ago I described the same behaviour using the function _AD_GetUserGroups().

It is possible - and does it make sense to you (I hope so :huggles: ) - to enhance these

functions also to take notice of the primary domain group the user belongs to?

Sure, I could use _AD_GetUserPrimaryGroup() as a work around. But often this isn't

very practical...

Maybe you can help me out... :D

Greets,

-supersonic.

Link to comment
Share on other sites

Hi supersonic,

moved your question and my reply to the "General help and Support" thread.

My UDFs and Tutorials:

Spoiler

UDFs:
Active Directory (NEW 2022-02-19 - Version 1.6.1.0) - Download - General Help & Support - Example Scripts - Wiki
ExcelChart (2017-07-21 - Version 0.4.0.1) - Download - General Help & Support - Example Scripts
OutlookEX (2021-11-16 - Version 1.7.0.0) - Download - General Help & Support - Example Scripts - Wiki
OutlookEX_GUI (2021-04-13 - Version 1.4.0.0) - Download
Outlook Tools (2019-07-22 - Version 0.6.0.0) - Download - General Help & Support - Wiki
PowerPoint (2021-08-31 - Version 1.5.0.0) - Download - General Help & Support - Example Scripts - Wiki
Task Scheduler (NEW 2022-07-28 - Version 1.6.0.1) - Download - General Help & Support - Wiki

Standard UDFs:
Excel - Example Scripts - Wiki
Word - Wiki

Tutorials:
ADO - Wiki
WebDriver - Wiki

 

Link to comment
Share on other sites

Moved your question and my reply to the "General Help and Support Thread".

My UDFs and Tutorials:

Spoiler

UDFs:
Active Directory (NEW 2022-02-19 - Version 1.6.1.0) - Download - General Help & Support - Example Scripts - Wiki
ExcelChart (2017-07-21 - Version 0.4.0.1) - Download - General Help & Support - Example Scripts
OutlookEX (2021-11-16 - Version 1.7.0.0) - Download - General Help & Support - Example Scripts - Wiki
OutlookEX_GUI (2021-04-13 - Version 1.4.0.0) - Download
Outlook Tools (2019-07-22 - Version 0.6.0.0) - Download - General Help & Support - Wiki
PowerPoint (2021-08-31 - Version 1.5.0.0) - Download - General Help & Support - Example Scripts - Wiki
Task Scheduler (NEW 2022-07-28 - Version 1.6.0.1) - Download - General Help & Support - Wiki

Standard UDFs:
Excel - Example Scripts - Wiki
Word - Wiki

Tutorials:
ADO - Wiki
WebDriver - Wiki

 

Link to comment
Share on other sites

Planned changes for the next version:

All functions: They now return "0" in case of an error and set @error accordingly.

I will change that so functions that return a string or an array on success will return "" (empty string) in case of an error and set @error.

Functions that return a numeric result on success will still return 0 in case of an error and set @error accordingly.

What do you think?

Edited by water

My UDFs and Tutorials:

Spoiler

UDFs:
Active Directory (NEW 2022-02-19 - Version 1.6.1.0) - Download - General Help & Support - Example Scripts - Wiki
ExcelChart (2017-07-21 - Version 0.4.0.1) - Download - General Help & Support - Example Scripts
OutlookEX (2021-11-16 - Version 1.7.0.0) - Download - General Help & Support - Example Scripts - Wiki
OutlookEX_GUI (2021-04-13 - Version 1.4.0.0) - Download
Outlook Tools (2019-07-22 - Version 0.6.0.0) - Download - General Help & Support - Wiki
PowerPoint (2021-08-31 - Version 1.5.0.0) - Download - General Help & Support - Example Scripts - Wiki
Task Scheduler (NEW 2022-07-28 - Version 1.6.0.1) - Download - General Help & Support - Wiki

Standard UDFs:
Excel - Example Scripts - Wiki
Word - Wiki

Tutorials:
ADO - Wiki
WebDriver - Wiki

 

Link to comment
Share on other sites

Planned changes for the next version:

All functions: They now return "0" in case of an error and set @error accordingly.

I will change that so functions that return a string or an array on success will return "" (empty string) in case of an error and set @error.

Functions that return a numeric result on success will still return 0 in case of an error and set @error accordingly.

What do you think?

Sounds good to me, will be testing the ad_createcomputer function shortly. (Been waiting for that one Posted Image )

Edited by dot45
Link to comment
Share on other sites

Hi dot45,

are there any functions still missing?

My UDFs and Tutorials:

Spoiler

UDFs:
Active Directory (NEW 2022-02-19 - Version 1.6.1.0) - Download - General Help & Support - Example Scripts - Wiki
ExcelChart (2017-07-21 - Version 0.4.0.1) - Download - General Help & Support - Example Scripts
OutlookEX (2021-11-16 - Version 1.7.0.0) - Download - General Help & Support - Example Scripts - Wiki
OutlookEX_GUI (2021-04-13 - Version 1.4.0.0) - Download
Outlook Tools (2019-07-22 - Version 0.6.0.0) - Download - General Help & Support - Wiki
PowerPoint (2021-08-31 - Version 1.5.0.0) - Download - General Help & Support - Example Scripts - Wiki
Task Scheduler (NEW 2022-07-28 - Version 1.6.0.1) - Download - General Help & Support - Wiki

Standard UDFs:
Excel - Example Scripts - Wiki
Word - Wiki

Tutorials:
ADO - Wiki
WebDriver - Wiki

 

Link to comment
Share on other sites

Does/can the AD function support secure ldap? I'm using the _AD_ObjectExists to check for existing computer accounts and our security policy requires that port 389 is block at the server level so I need secure ldap. Thanks for all of the work on the AD udf, it rocks!!!

Jim Webb

Link to comment
Share on other sites

Does/can the AD function support secure ldap? I'm using the _AD_ObjectExists to check for existing computer accounts and our security policy requires that port 389 is block at the server level so I need secure ldap. Thanks for all of the work on the AD udf, it rocks!!!

Jim Webb

Hi Jim,

at the moment it doesn't support secure LDAP. Unfortunately I'm not very familiar with all this connection stuff - I simply converted Jonathan Clellands adfunctions.au3 and am learning every day.

If you can tell me what has to be done I will be glad to give it a try. I've searched the Internet but was not successful in finding an AutoIt or Visual Basic example.

Do you have a working example?

My UDFs and Tutorials:

Spoiler

UDFs:
Active Directory (NEW 2022-02-19 - Version 1.6.1.0) - Download - General Help & Support - Example Scripts - Wiki
ExcelChart (2017-07-21 - Version 0.4.0.1) - Download - General Help & Support - Example Scripts
OutlookEX (2021-11-16 - Version 1.7.0.0) - Download - General Help & Support - Example Scripts - Wiki
OutlookEX_GUI (2021-04-13 - Version 1.4.0.0) - Download
Outlook Tools (2019-07-22 - Version 0.6.0.0) - Download - General Help & Support - Wiki
PowerPoint (2021-08-31 - Version 1.5.0.0) - Download - General Help & Support - Example Scripts - Wiki
Task Scheduler (NEW 2022-07-28 - Version 1.6.0.1) - Download - General Help & Support - Wiki

Standard UDFs:
Excel - Example Scripts - Wiki
Word - Wiki

Tutorials:
ADO - Wiki
WebDriver - Wiki

 

Link to comment
Share on other sites

Guest
This topic is now closed to further replies.
 Share

×
×
  • Create New...