Jump to content

Active Directory UDF

water

By water,
in AutoIt Example Scripts

 Share

Recommended Posts

water Universalist

water

Posted
  • Author
Posted

I understand the problem with _AD_Open not returning a proper return value on unseccessful login. Unfortunately this is caused by the Windows OS (at least up to and including Windows XP). Windows 7 returns all LDAP information and will allow for better error checking.

As soon as I get a Windows 7 system in my production environment I will improve the _AD_Open function.

But please don't hold your breath :blink:

My UDFs and Tutorials:

Spoiler

UDFs:
Active Directory (NEW 2022-02-19 - Version 1.6.1.0) - Download - General Help & Support - Example Scripts - Wiki
ExcelChart (2017-07-21 - Version 0.4.0.1) - Download - General Help & Support - Example Scripts
OutlookEX (2021-11-16 - Version 1.7.0.0) - Download - General Help & Support - Example Scripts - Wiki
OutlookEX_GUI (2021-04-13 - Version 1.4.0.0) - Download
Outlook Tools (2019-07-22 - Version 0.6.0.0) - Download - General Help & Support - Wiki
PowerPoint (2021-08-31 - Version 1.5.0.0) - Download - General Help & Support - Example Scripts - Wiki
Task Scheduler (NEW 2022-07-28 - Version 1.6.0.1) - Download - General Help & Support - Wiki

Standard UDFs:
Excel - Example Scripts - Wiki
Word - Wiki

Tutorials:
ADO - Wiki
WebDriver - Wiki

 

Link to comment
Share on other sites
  • Replies 1.5k
  • Created
  • Last Reply

Top Posters In This Topic

Top Posters In This Topic

Popular Posts

water
water

I have converted and extended the adfunctions.au3 written by Jonathan Clelland to a full AutoIt UDF including help file, examples, ScITE integration etc. The example scripts should run fine without

BrewManNH
BrewManNH

The problem is that $username and $password are referencing labels, not your inputs, plus you're not using GUICtrlRead on the $username and $password, you're just passing the handles to the ADOpen com

mnorland
mnorland

Apologies if this isn't the right place for it - but I think it's the right place to ask questions about how things work (wiki didn't seem appropriate). I'm using the AD UDF (stable) for a VPN logi

Posted Images

tom95521 Seeker

tom95521

Posted
Posted

Hi,

Copied the function into AD.au3.

If _AD_IsAccountExpired($sUser) Then

MsgBox(64,"Error", $sUser & " expired.")

EndIf

My test accounts are returning 1 for both future and past expiration dates. I am probably doing something wrong. I think if I am not able to get this to work I will try _AD_GetObjectProperties($sUser,"accountexpires")and compare dates.

Thanks for the AD library. It works great.

Tom

If you like to test here is the code :blink:

; #FUNCTION# ====================================================================================================================
; Name...........: _AD_IsAccountExpired
; Description ...: Returns 1 if the account (user, computer) has expired.
; Syntax.........: _AD_IsAccountExpired([$sAD_Object = @Username])
; Parameters ....: $sAD_Object - Optional: Account (User, computer) to check (default = @Username). Can be specified as Fully Qualified Domain Name (FQDN) or sAMAccountName
; Return values .: Success - 1, The specified account has expired
;   Failure - 0, sets @error to:
;   |0 - Account has not expired
;   |1 - $sAD_Object could not be found
; Author ........: Thomas Rupp
; Modified.......:
; Remarks .......:
; Related .......: _AD_GetAccountsExpired
; Link ..........:
; Example .......: Yes
; ===============================================================================================================================
Func _AD_IsAccountExpired($sAD_Object = @UserName)

    If Not _AD_ObjectExists($sAD_Object) Then Return SetError(1, 0, 0)
    Local $sAD_AccountExpires = _AD_GetObjectAttribute($sAD_Object,"accountexpires")
    If ($sAD_AccountExpires.LowPart = 0 And $sAD_AccountExpires.HighPart = 0) Or _
        ($sAD_AccountExpires.LowPart = 0xFFFFFFFF And $sAD_AccountExpires.HighPart = 0x7FFFFFFF) Then
        Return 0
    Else
        Local $sAD_Temp = DllStructCreate("dword low;dword high")
        DllStructSetData($sAD_Temp, "Low", $sAD_AccountExpires.LowPart)
        DllStructSetData($sAD_Temp, "High", $sAD_AccountExpires.HighPart)
        $sAD_AccountExpires = _Date_Time_FileTimeToSystemTime(DllStructGetPtr($sAD_Temp))
        If $sAD_AccountExpires <= _Date_Time_GetSystemTime() Then Return 1
    EndIf
    Return

EndFunc ;==>_AD_IsAccountExpired

Link to comment
Share on other sites
NML Seeker

NML

Posted
Posted

I understand the problem with _AD_Open not returning a proper return value on unseccessful login. Unfortunately this is caused by the Windows OS (at least up to and including Windows XP). Windows 7 returns all LDAP information and will allow for better error checking.

As soon as I get a Windows 7 system in my production environment I will improve the _AD_Open function.

But please don't hold your breath :blink:

Thanks for getting back. Yes, it was on XP. I've given it a quick test on a Windows 7 PC not on the domain and got the expected fail (not a like for like comparison, admittedly). Will pursue other authentication methods for the moment. To repeat earlier sentiment though, this is a fantastic UDF!

Link to comment
Share on other sites
water Universalist

water

Posted
  • Author
Posted

Hi,

Copied the function into AD.au3.

If _AD_IsAccountExpired($sUser) Then

MsgBox(64,"Error", $sUser & " expired.")

EndIf

My test accounts are returning 1 for both future and past expiration dates. I am probably doing something wrong. I think if I am not able to get this to work I will try _AD_GetObjectProperties($sUser,"accountexpires")and compare dates.

Thanks for the AD library. It works great.

Tom

Hi Tom,

I tested with future expiration dates and I have to admit that it's a bug Posted Image

I will do some further testing and hope to release a working function quite soon.

My UDFs and Tutorials:

Spoiler

UDFs:
Active Directory (NEW 2022-02-19 - Version 1.6.1.0) - Download - General Help & Support - Example Scripts - Wiki
ExcelChart (2017-07-21 - Version 0.4.0.1) - Download - General Help & Support - Example Scripts
OutlookEX (2021-11-16 - Version 1.7.0.0) - Download - General Help & Support - Example Scripts - Wiki
OutlookEX_GUI (2021-04-13 - Version 1.4.0.0) - Download
Outlook Tools (2019-07-22 - Version 0.6.0.0) - Download - General Help & Support - Wiki
PowerPoint (2021-08-31 - Version 1.5.0.0) - Download - General Help & Support - Example Scripts - Wiki
Task Scheduler (NEW 2022-07-28 - Version 1.6.0.1) - Download - General Help & Support - Wiki

Standard UDFs:
Excel - Example Scripts - Wiki
Word - Wiki

Tutorials:
ADO - Wiki
WebDriver - Wiki

 

Link to comment
Share on other sites
water Universalist

water

Posted
  • Author
Posted

Found the bug :blink: You can't compare date/time structures.

This version should work. I tested with a user who expired last year and one which will expire next year. Please give it a try.

; #FUNCTION# ====================================================================================================================
; Name...........: _AD_IsAccountExpired
; Description ...: Returns 1 if the account (user, computer) has expired.
; Syntax.........: _AD_IsAccountExpired([$sAD_Object = @Username])
; Parameters ....: $sAD_Object - Optional: Account (User, computer) to check (default = @Username). Can be specified as Fully Qualified Domain Name (FQDN) or sAMAccountName
; Return values .: Success - 1, The specified account has expired
;   Failure - 0, sets @error to:
;   |0 - Account has not expired
;   |1 - $sAD_Object could not be found
; Author ........: Thomas Rupp
; Modified.......:
; Remarks .......:
; Related .......: _AD_GetAccountsExpired
; Link ..........:
; Example .......: Yes
; ===============================================================================================================================
Func _AD_IsAccountExpired($sAD_Object = @UserName)

    If Not _AD_ObjectExists($sAD_Object) Then Return SetError(1, 0, 0)
    Local $sAD_AccountExpires = _AD_GetObjectAttribute($sAD_Object,"accountexpires")
    If ($sAD_AccountExpires.LowPart = 0 And $sAD_AccountExpires.HighPart = 0) Or _
        ($sAD_AccountExpires.LowPart = 0xFFFFFFFF And $sAD_AccountExpires.HighPart = 0x7FFFFFFF) Then
        Return 0
    Else
        Local $sAD_Temp = DllStructCreate("dword low;dword high")
        DllStructSetData($sAD_Temp, "Low", $sAD_AccountExpires.LowPart)
        DllStructSetData($sAD_Temp, "High", $sAD_AccountExpires.HighPart)
        $sAD_AccountExpires = _Date_Time_FileTimeToStr($sAD_Temp,1)
        Local $sNow = _Date_Time_GetSystemTime()
        $sNow = _Date_Time_SystemTimeToDateTimeStr($sNow,1)
        If $sAD_AccountExpires <= $sNow Then Return 1
    EndIf
    Return

EndFunc ;==>_AD_IsAccountExpired

Be aware that you have to use at least AutoIt 3.6.6.0 for the _Date_Time* functions to work properly.

My UDFs and Tutorials:

Spoiler

UDFs:
Active Directory (NEW 2022-02-19 - Version 1.6.1.0) - Download - General Help & Support - Example Scripts - Wiki
ExcelChart (2017-07-21 - Version 0.4.0.1) - Download - General Help & Support - Example Scripts
OutlookEX (2021-11-16 - Version 1.7.0.0) - Download - General Help & Support - Example Scripts - Wiki
OutlookEX_GUI (2021-04-13 - Version 1.4.0.0) - Download
Outlook Tools (2019-07-22 - Version 0.6.0.0) - Download - General Help & Support - Wiki
PowerPoint (2021-08-31 - Version 1.5.0.0) - Download - General Help & Support - Example Scripts - Wiki
Task Scheduler (NEW 2022-07-28 - Version 1.6.0.1) - Download - General Help & Support - Wiki

Standard UDFs:
Excel - Example Scripts - Wiki
Word - Wiki

Tutorials:
ADO - Wiki
WebDriver - Wiki

 

Link to comment
Share on other sites
tom95521 Seeker

tom95521

Posted
Posted

Hi,

I have the latest non-beta, 3.3.6.1 (April 16th, 2010).

I think the string date/time comparison might still be causing a problem. Is there any way to use numeric epoch time comparison?

I added this line to the function right above return 1 in your function.

MsgBox(64,"IsAccountExpired",$sAD_AccountExpires & "<=" & $sNow)

And the msgbox displays:

2010/26/07 07:00:00 <= 2010/07/21 16:16:42

and also

2010/20/07 07:00:00 <= 2010/07/21 16:28:44

Both dates above return 0 (not expired).

Thanks for working on this. If it's too much trouble I can try to compare the accountexpires date to now. Actually I did not realize you could set the time of day to expire.

Tom

Found the bug :blink: You can't compare date/time structures.

This version should work. I tested with a user who expired last year and one which will expire next year. Please give it a try.

; #FUNCTION# ====================================================================================================================
; Name...........: _AD_IsAccountExpired
; Description ...: Returns 1 if the account (user, computer) has expired.
; Syntax.........: _AD_IsAccountExpired([$sAD_Object = @Username])
; Parameters ....: $sAD_Object - Optional: Account (User, computer) to check (default = @Username). Can be specified as Fully Qualified Domain Name (FQDN) or sAMAccountName
; Return values .: Success - 1, The specified account has expired
;   Failure - 0, sets @error to:
;   |0 - Account has not expired
;   |1 - $sAD_Object could not be found
; Author ........: Thomas Rupp
; Modified.......:
; Remarks .......:
; Related .......: _AD_GetAccountsExpired
; Link ..........:
; Example .......: Yes
; ===============================================================================================================================
Func _AD_IsAccountExpired($sAD_Object = @UserName)

    If Not _AD_ObjectExists($sAD_Object) Then Return SetError(1, 0, 0)
    Local $sAD_AccountExpires = _AD_GetObjectAttribute($sAD_Object,"accountexpires")
    If ($sAD_AccountExpires.LowPart = 0 And $sAD_AccountExpires.HighPart = 0) Or _
        ($sAD_AccountExpires.LowPart = 0xFFFFFFFF And $sAD_AccountExpires.HighPart = 0x7FFFFFFF) Then
        Return 0
    Else
        Local $sAD_Temp = DllStructCreate("dword low;dword high")
        DllStructSetData($sAD_Temp, "Low", $sAD_AccountExpires.LowPart)
        DllStructSetData($sAD_Temp, "High", $sAD_AccountExpires.HighPart)
        $sAD_AccountExpires = _Date_Time_FileTimeToStr($sAD_Temp,1)
        Local $sNow = _Date_Time_GetSystemTime()
        $sNow = _Date_Time_SystemTimeToDateTimeStr($sNow,1)
        If $sAD_AccountExpires <= $sNow Then Return 1
    EndIf
    Return

EndFunc ;==>_AD_IsAccountExpired

Be aware that you have to use at least AutoIt 3.6.6.0 for the _Date_Time* functions to work properly.

Link to comment
Share on other sites
water Universalist

water

Posted
  • Author
Posted

This is a bug in the Date UDF. It will be fixed in the next version of AutoIt. See bug report #1638.

A quick fix would be to change line 1954 in Date.au3 from

Return StringFormat("%04d/%02d/%02d %02d:%02d:%02d", $aDate[2], $aDate[1], $aDate[0], $aDate[3], $aDate[4], $aDate[5])
to
Return StringFormat("%04d/%02d/%02d %02d:%02d:%02d", $aDate[2], $aDate[0], $aDate[1], $aDate[3], $aDate[4], $aDate[5])

But I may think about changing the function to do numeric comparison as suggested by you.

My UDFs and Tutorials:

Spoiler

UDFs:
Active Directory (NEW 2022-02-19 - Version 1.6.1.0) - Download - General Help & Support - Example Scripts - Wiki
ExcelChart (2017-07-21 - Version 0.4.0.1) - Download - General Help & Support - Example Scripts
OutlookEX (2021-11-16 - Version 1.7.0.0) - Download - General Help & Support - Example Scripts - Wiki
OutlookEX_GUI (2021-04-13 - Version 1.4.0.0) - Download
Outlook Tools (2019-07-22 - Version 0.6.0.0) - Download - General Help & Support - Wiki
PowerPoint (2021-08-31 - Version 1.5.0.0) - Download - General Help & Support - Example Scripts - Wiki
Task Scheduler (NEW 2022-07-28 - Version 1.6.0.1) - Download - General Help & Support - Wiki

Standard UDFs:
Excel - Example Scripts - Wiki
Word - Wiki

Tutorials:
ADO - Wiki
WebDriver - Wiki

 

Link to comment
Share on other sites
water Universalist

water

Posted
  • Author
Posted

Or if you don't want to change the UDF this version bypasses the buggy function:

; #FUNCTION# ====================================================================================================================
; Name...........: _AD_IsAccountExpired
; Description ...: Returns 1 if the account (user, computer) has expired.
; Syntax.........: _AD_IsAccountExpired([$sAD_Object = @Username])
; Parameters ....: $sAD_Object - Optional: Account (User, computer) to check (default = @Username). Can be specified as Fully Qualified Domain Name (FQDN) or sAMAccountName
; Return values .: Success - 1, The specified account has expired
;   Failure - 0, sets @error to:
;   |0 - Account has not expired
;   |1 - $sAD_Object could not be found
; Author ........: Thomas Rupp
; Modified.......:
; Remarks .......:
; Related .......: _AD_GetAccountsExpired
; Link ..........:
; Example .......: Yes
; ===============================================================================================================================
Func _AD_IsAccountExpired($sAD_Object = @UserName)

    If Not _AD_ObjectExists($sAD_Object) Then Return SetError(1, 0, 0)
    Local $sAD_AccountExpires = _AD_GetObjectAttribute($sAD_Object,"accountexpires")
    If ($sAD_AccountExpires.LowPart = 0 And $sAD_AccountExpires.HighPart = 0) Or _
        ($sAD_AccountExpires.LowPart = 0xFFFFFFFF And $sAD_AccountExpires.HighPart = 0x7FFFFFFF) Then
        Return 0
    Else
        Local $sAD_Temp = DllStructCreate("dword low;dword high")
        DllStructSetData($sAD_Temp, "Low", $sAD_AccountExpires.LowPart)
        DllStructSetData($sAD_Temp, "High", $sAD_AccountExpires.HighPart)
        ; Have to convert to SystemTime because _Date_Time_FileTimeToStr has a bug (#1638)
        Local $sAD_Temp2 = _Date_Time_FileTimeToSystemTime(DllStructGetPtr($sAD_Temp))
        $sAD_AccountExpires = _Date_Time_SystemTimeToDateTimeStr($sAD_Temp2, 1)
        Local $sNow = _Date_Time_GetSystemTime()
        $sNow = _Date_Time_SystemTimeToDateTimeStr($sNow,1)
        If $sAD_AccountExpires <= $sNow Then Return 1
    EndIf
    Return

EndFunc ;==>_AD_IsAccountExpired

My UDFs and Tutorials:

Spoiler

UDFs:
Active Directory (NEW 2022-02-19 - Version 1.6.1.0) - Download - General Help & Support - Example Scripts - Wiki
ExcelChart (2017-07-21 - Version 0.4.0.1) - Download - General Help & Support - Example Scripts
OutlookEX (2021-11-16 - Version 1.7.0.0) - Download - General Help & Support - Example Scripts - Wiki
OutlookEX_GUI (2021-04-13 - Version 1.4.0.0) - Download
Outlook Tools (2019-07-22 - Version 0.6.0.0) - Download - General Help & Support - Wiki
PowerPoint (2021-08-31 - Version 1.5.0.0) - Download - General Help & Support - Example Scripts - Wiki
Task Scheduler (NEW 2022-07-28 - Version 1.6.0.1) - Download - General Help & Support - Wiki

Standard UDFs:
Excel - Example Scripts - Wiki
Word - Wiki

Tutorials:
ADO - Wiki
WebDriver - Wiki

 

Link to comment
Share on other sites
tom95521 Seeker

tom95521

Posted
Posted

Hi,

Works great now. I don't know if you take enhancement requests but it would be cool if the _AD_SetAccountExpire included an option to set time of day. I work in a library and we print internet access cards using AD logins that expire every week. It would be nice if I could set the time to expire at 0900 every Monday.

Thanks for creating this great udf.

Tom

Or if you don't want to change the UDF this version bypasses the buggy function:

; #FUNCTION# ====================================================================================================================
; Name...........: _AD_IsAccountExpired
; Description ...: Returns 1 if the account (user, computer) has expired.
; Syntax.........: _AD_IsAccountExpired([$sAD_Object = @Username])
; Parameters ....: $sAD_Object - Optional: Account (User, computer) to check (default = @Username). Can be specified as Fully Qualified Domain Name (FQDN) or sAMAccountName
; Return values .: Success - 1, The specified account has expired
;   Failure - 0, sets @error to:
;   |0 - Account has not expired
;   |1 - $sAD_Object could not be found
; Author ........: Thomas Rupp
; Modified.......:
; Remarks .......:
; Related .......: _AD_GetAccountsExpired
; Link ..........:
; Example .......: Yes
; ===============================================================================================================================
Func _AD_IsAccountExpired($sAD_Object = @UserName)

    If Not _AD_ObjectExists($sAD_Object) Then Return SetError(1, 0, 0)
    Local $sAD_AccountExpires = _AD_GetObjectAttribute($sAD_Object,"accountexpires")
    If ($sAD_AccountExpires.LowPart = 0 And $sAD_AccountExpires.HighPart = 0) Or _
        ($sAD_AccountExpires.LowPart = 0xFFFFFFFF And $sAD_AccountExpires.HighPart = 0x7FFFFFFF) Then
        Return 0
    Else
        Local $sAD_Temp = DllStructCreate("dword low;dword high")
        DllStructSetData($sAD_Temp, "Low", $sAD_AccountExpires.LowPart)
        DllStructSetData($sAD_Temp, "High", $sAD_AccountExpires.HighPart)
        ; Have to convert to SystemTime because _Date_Time_FileTimeToStr has a bug (#1638)
        Local $sAD_Temp2 = _Date_Time_FileTimeToSystemTime(DllStructGetPtr($sAD_Temp))
        $sAD_AccountExpires = _Date_Time_SystemTimeToDateTimeStr($sAD_Temp2, 1)
        Local $sNow = _Date_Time_GetSystemTime()
        $sNow = _Date_Time_SystemTimeToDateTimeStr($sNow,1)
        If $sAD_AccountExpires <= $sNow Then Return 1
    EndIf
    Return

EndFunc ;==>_AD_IsAccountExpired

Link to comment
Share on other sites
water Universalist

water

Posted
  • Author
Posted

I don't know if you take enhancement requests but it would be cool if the _AD_SetAccountExpire included an option to set time of day.

Sure, any request that enhances the UDF and that does not create script breaking changes is welcome.

I will have a look at it and post an example as soon as possible.

My UDFs and Tutorials:

Spoiler

UDFs:
Active Directory (NEW 2022-02-19 - Version 1.6.1.0) - Download - General Help & Support - Example Scripts - Wiki
ExcelChart (2017-07-21 - Version 0.4.0.1) - Download - General Help & Support - Example Scripts
OutlookEX (2021-11-16 - Version 1.7.0.0) - Download - General Help & Support - Example Scripts - Wiki
OutlookEX_GUI (2021-04-13 - Version 1.4.0.0) - Download
Outlook Tools (2019-07-22 - Version 0.6.0.0) - Download - General Help & Support - Wiki
PowerPoint (2021-08-31 - Version 1.5.0.0) - Download - General Help & Support - Example Scripts - Wiki
Task Scheduler (NEW 2022-07-28 - Version 1.6.0.1) - Download - General Help & Support - Wiki

Standard UDFs:
Excel - Example Scripts - Wiki
Word - Wiki

Tutorials:
ADO - Wiki
WebDriver - Wiki

 

Link to comment
Share on other sites
water Universalist

water

Posted
  • Author
Posted

Reading through MSDN I think you can already specify date AND time with _AD_SetAccountExpire.

The docu just doesn't mention it.

Could you please give it a try and specify date AND time as the second parameter to the function?

If the test is successful I will change the docu accordingly.

My UDFs and Tutorials:

Spoiler

UDFs:
Active Directory (NEW 2022-02-19 - Version 1.6.1.0) - Download - General Help & Support - Example Scripts - Wiki
ExcelChart (2017-07-21 - Version 0.4.0.1) - Download - General Help & Support - Example Scripts
OutlookEX (2021-11-16 - Version 1.7.0.0) - Download - General Help & Support - Example Scripts - Wiki
OutlookEX_GUI (2021-04-13 - Version 1.4.0.0) - Download
Outlook Tools (2019-07-22 - Version 0.6.0.0) - Download - General Help & Support - Wiki
PowerPoint (2021-08-31 - Version 1.5.0.0) - Download - General Help & Support - Example Scripts - Wiki
Task Scheduler (NEW 2022-07-28 - Version 1.6.0.1) - Download - General Help & Support - Wiki

Standard UDFs:
Excel - Example Scripts - Wiki
Word - Wiki

Tutorials:
ADO - Wiki
WebDriver - Wiki

 

Link to comment
Share on other sites
tom95521 Seeker

tom95521

Posted
Posted

Reading through MSDN I think you can already specify date AND time with _AD_SetAccountExpire.

The docu just doesn't mention it.

Could you please give it a try and specify date AND time as the second parameter to the function?

If the test is successful I will change the docu accordingly.

Hi,

Yes, it works if I add example string " 9:00:00 AM" to parameter.

I notice when I have my msgbox debug line enabled in IsAccountExpired function that $sAD_AccountExpires and $sNow are offset by +7 hours. I am in California. Maybe it is using GMT? I guess it does not matter since they both have the same offset.

I really appreciate your efforts. I can now make internet cards for our library that expire any time of day :blink:.

Thanks,

Tom

Link to comment
Share on other sites
water Universalist

water

Posted
  • Author
Posted (edited)

Hi,

Yes, it works if I add example string " 9:00:00 AM" to parameter.

I notice when I have my msgbox debug line enabled in IsAccountExpired function that $sAD_AccountExpires and $sNow are offset by +7 hours. I am in California. Maybe it is using GMT? I guess it does not matter since they both have the same offset.

I really appreciate your efforts. I can now make internet cards for our library that expire any time of day :blink:.

Thanks,

Tom

Hi Tom,

AD stores date/time values in UTC format. To get rid of the offset you have to provide the date/time in UTC for _AD_SetAccountExpire as well.

You can use something like

#include <date.au3>
$tLocal = _Date_Time_GetLocalTime()
$tUTC = _Date_Time_TzSpecificLocalTimeToSystemTime(DllStructGetPtr($tLocal))
$tUTCStr = _Date_Time_SystemTimeToDateTimeStr($tUTC)
ConsoleWrite($tUTCStr & @CRLF)
to convert local time to UTC.

I have to change _AD_IsAccountExpired once again because the comparison to the local time is wrong.

I will post the new code on Monday or Tuesday.

Edited by water

My UDFs and Tutorials:

Spoiler

UDFs:
Active Directory (NEW 2022-02-19 - Version 1.6.1.0) - Download - General Help & Support - Example Scripts - Wiki
ExcelChart (2017-07-21 - Version 0.4.0.1) - Download - General Help & Support - Example Scripts
OutlookEX (2021-11-16 - Version 1.7.0.0) - Download - General Help & Support - Example Scripts - Wiki
OutlookEX_GUI (2021-04-13 - Version 1.4.0.0) - Download
Outlook Tools (2019-07-22 - Version 0.6.0.0) - Download - General Help & Support - Wiki
PowerPoint (2021-08-31 - Version 1.5.0.0) - Download - General Help & Support - Example Scripts - Wiki
Task Scheduler (NEW 2022-07-28 - Version 1.6.0.1) - Download - General Help & Support - Wiki

Standard UDFs:
Excel - Example Scripts - Wiki
Word - Wiki

Tutorials:
ADO - Wiki
WebDriver - Wiki

 

Link to comment
Share on other sites
tom95521 Seeker

tom95521

Posted
Posted

Hi Tom,

AD stores date/time values in UTC format. To get rid of the offset you have to provide the date/time in UTC for _AD_SetAccountExpire as well.

You can use something like

#include <date.au3>
$tLocal = _Date_Time_GetLocalTime()
$tUTC = _Date_Time_TzSpecificLocalTimeToSystemTime(DllStructGetPtr($tLocal))
$tUTCStr = _Date_Time_SystemTimeToDateTimeStr($tUTC)
ConsoleWrite($tUTCStr & @CRLF)
to convert local time to UTC.

I have to change _AD_IsAccountExpired once again because the comparison to the local time is wrong.

I will post the new code on Monday or Tuesday.

I ran a test and _AD_SetAccountExpire seems to be working with local time. I set it to expire at 3 pm local time and I was able to login a 2:55 pm but not 3:05 pm. Unless _AD_IsAccountExpired variables are global maybe time offset does not matter. I am happy that everything is working.

Thanks,

Tom

Link to comment
Share on other sites
water Universalist

water

Posted
  • Author
Posted (edited)

I ran a test and _AD_SetAccountExpire seems to be working with local time. I set it to expire at 3 pm local time and I was able to login a 2:55 pm but not 3:05 pm. Unless _AD_IsAccountExpired variables are global maybe time offset does not matter. I am happy that everything is working.

Thanks,

Tom

Hi Tom,

you are right! That makes it a lot easier. I found this site that confirms the behavior.

Now I only have to adapt _AD_IsAccountExpired. I will post the results here as soon as possible.

BTW: Do you think it's of any use to not only compare the expiration date/time to now but to any date/time you like? So you could get a list of accounts that expire next friday and do some actions in advance.

Thomas

Edited by water

My UDFs and Tutorials:

Spoiler

UDFs:
Active Directory (NEW 2022-02-19 - Version 1.6.1.0) - Download - General Help & Support - Example Scripts - Wiki
ExcelChart (2017-07-21 - Version 0.4.0.1) - Download - General Help & Support - Example Scripts
OutlookEX (2021-11-16 - Version 1.7.0.0) - Download - General Help & Support - Example Scripts - Wiki
OutlookEX_GUI (2021-04-13 - Version 1.4.0.0) - Download
Outlook Tools (2019-07-22 - Version 0.6.0.0) - Download - General Help & Support - Wiki
PowerPoint (2021-08-31 - Version 1.5.0.0) - Download - General Help & Support - Example Scripts - Wiki
Task Scheduler (NEW 2022-07-28 - Version 1.6.0.1) - Download - General Help & Support - Wiki

Standard UDFs:
Excel - Example Scripts - Wiki
Word - Wiki

Tutorials:
ADO - Wiki
WebDriver - Wiki

 

Link to comment
Share on other sites
tom95521 Seeker

tom95521

Posted
Posted (edited)

Hi Thomas,

Having a function _AD_GetAccountsExpired with a date + time? option would be very nice feature. An additional plus would be if it could filter $sUser so we could use smith* to select all accounts that start with smith.

Thanks,

Tom

Edited by tom95521
Link to comment
Share on other sites
EndFunc Universalist

EndFunc

Posted
Posted

@Water, great job with the UDF so far.

I had a question for anyone that might know. I've been using parts of the original AD functions. I have it so I can look up usernames and and perform certain actions.

Any suggestions on how to get it to search by partial username? Example, search for Wat would bring results back for any username with "Wat" in so that you can choose if you don't know the exact spelling.

thanks for the help.

EndFuncAutoIt is the shiznit. I love it.
Link to comment
Share on other sites
IgneusJotunn Seeker

IgneusJotunn

Posted
Posted

Any suggestions on how to get it to search by partial username? Example, search for Wat would bring results back for any username with "Wat" in so that you can choose if you don't know the exact spelling.

This isn't exactly using the ad UDF, but what I did to solve that problem was to search all usernames and then throw them all through a regular expression. For example, once you've got your usernames in a string (and there are a few ways of doing that- _GetObjectsInOU is a good one) you'd do something like this...

StringRegExp($sUsernames, '.*?(Wat).*?', 1, $Offset)

I'll try to find the full code I used, but basically I just got an array of usernames, turned it into a string, used the regular expression on the string, and listed all the names that passed the regular expression. That's worked so far.

Link to comment
Share on other sites
water Universalist

water

Posted
  • Author
Posted

You could use ANR. More info tomorrow.

My UDFs and Tutorials:

Spoiler

UDFs:
Active Directory (NEW 2022-02-19 - Version 1.6.1.0) - Download - General Help & Support - Example Scripts - Wiki
ExcelChart (2017-07-21 - Version 0.4.0.1) - Download - General Help & Support - Example Scripts
OutlookEX (2021-11-16 - Version 1.7.0.0) - Download - General Help & Support - Example Scripts - Wiki
OutlookEX_GUI (2021-04-13 - Version 1.4.0.0) - Download
Outlook Tools (2019-07-22 - Version 0.6.0.0) - Download - General Help & Support - Wiki
PowerPoint (2021-08-31 - Version 1.5.0.0) - Download - General Help & Support - Example Scripts - Wiki
Task Scheduler (NEW 2022-07-28 - Version 1.6.0.1) - Download - General Help & Support - Wiki

Standard UDFs:
Excel - Example Scripts - Wiki
Word - Wiki

Tutorials:
ADO - Wiki
WebDriver - Wiki

 

Link to comment
Share on other sites
water Universalist

water

Posted
  • Author
Posted

@Water, great job with the UDF so far.

I had a question for anyone that might know. I've been using parts of the original AD functions. I have it so I can look up usernames and and perform certain actions.

Any suggestions on how to get it to search by partial username? Example, search for Wat would bring results back for any username with "Wat" in so that you can choose if you don't know the exact spelling.

thanks for the help.

Anything you can do with the original adfunctions.au3 (written by John Clelland) can be done by the new AD.au3 too.

If you have a working example that runs with adfunctions it should be easy to make it run with the AD UDF.

To search for all kind of data use the swiss army knife of this udf: _AD_GetObjectsInOU.

Parameter 2 is an LDAP filter. This is a very powerful yet a bit complicated tool.

You can use wildcards. So "(&(objectclass=user)(Wat=*))" brings all users with a username starting with "Wat".

You can get a good LDAP overview here.

ANR (Ambiguous Name Resulution) is an efficient search algorithm that searches displayName, givenName etc. in one go.

"(anr=Smith*)" will return all users that start with "Smith" in any of the searched attributes.

For details please see this site.

My UDFs and Tutorials:

Spoiler

UDFs:
Active Directory (NEW 2022-02-19 - Version 1.6.1.0) - Download - General Help & Support - Example Scripts - Wiki
ExcelChart (2017-07-21 - Version 0.4.0.1) - Download - General Help & Support - Example Scripts
OutlookEX (2021-11-16 - Version 1.7.0.0) - Download - General Help & Support - Example Scripts - Wiki
OutlookEX_GUI (2021-04-13 - Version 1.4.0.0) - Download
Outlook Tools (2019-07-22 - Version 0.6.0.0) - Download - General Help & Support - Wiki
PowerPoint (2021-08-31 - Version 1.5.0.0) - Download - General Help & Support - Example Scripts - Wiki
Task Scheduler (NEW 2022-07-28 - Version 1.6.0.1) - Download - General Help & Support - Wiki

Standard UDFs:
Excel - Example Scripts - Wiki
Word - Wiki

Tutorials:
ADO - Wiki
WebDriver - Wiki

 

Link to comment
Share on other sites
Guest
This topic is now closed to further replies.
 Share
Go to topic listing
×
×
  • Create New...