Jump to content

Recommended Posts

Some thoughts to your script:

  • You know that you can specify the attributes to be returned by _AD_GetObjectProperties? In your case:
$object_properties = _AD_GetObjectProperties($initials,"givenName,sn,displayName,company,department,physicalDeliveryOfficeName,lastLogon,pwdLastSet,accountExpires")

  • lastLogon doesn't return the "true" last logon date as this is not propagated to all DCs. Use _AD_GetLastLoginDate instead
Edited by water

My UDFs and Tutorials:

Spoiler

UDFs:
Active Directory (NEW 2021-11-10 - Version 1.6.0.0) - Download - General Help & Support - Example Scripts - Wiki
ExcelChart (2017-07-21 - Version 0.4.0.1) - Download - General Help & Support - Example Scripts
OutlookEX (NEW 2021-11-16 - Version 1.7.0.0) - Download - General Help & Support - Example Scripts - Wiki
OutlookEX_GUI (2021-04-13 - Version 1.4.0.0) - Download
Outlook Tools (2019-07-22 - Version 0.6.0.0) - Download - General Help & Support - Wiki
PowerPoint (NEW 2021-08-31 - Version 1.5.0.0) - Download - General Help & Support - Example Scripts - Wiki
Task Scheduler (2019-12-03 - Version 1.5.1.0) - Download - General Help & Support - Wiki

Standard UDFs:
Excel - Example Scripts - Wiki
Word - Wiki

Tutorials:
ADO - Wiki
WebDriver - Wiki

 

Link to post
Share on other sites
  • Replies 1.5k
  • Created
  • Last Reply

Top Posters In This Topic

Top Posters In This Topic

Popular Posts

I have converted and extended the adfunctions.au3 written by Jonathan Clelland to a full AutoIt UDF including help file, examples, ScITE integration etc. The example scripts should run fine without

I have added a link to MSDN in the wiki.

Hi @Lazegalli, It just so happens I created some functions for my script that you may find helpful. It gets the Local Admin Password and checks the expiration time. Everything outputs to the cons

Posted Images

Function _AD_DisablePasswordExpire doesn't work :mellow: Can Somebody fix it ???

Moved your question to the "General Help and Support Thread"

My UDFs and Tutorials:

Spoiler

UDFs:
Active Directory (NEW 2021-11-10 - Version 1.6.0.0) - Download - General Help & Support - Example Scripts - Wiki
ExcelChart (2017-07-21 - Version 0.4.0.1) - Download - General Help & Support - Example Scripts
OutlookEX (NEW 2021-11-16 - Version 1.7.0.0) - Download - General Help & Support - Example Scripts - Wiki
OutlookEX_GUI (2021-04-13 - Version 1.4.0.0) - Download
Outlook Tools (2019-07-22 - Version 0.6.0.0) - Download - General Help & Support - Wiki
PowerPoint (NEW 2021-08-31 - Version 1.5.0.0) - Download - General Help & Support - Example Scripts - Wiki
Task Scheduler (2019-12-03 - Version 1.5.1.0) - Download - General Help & Support - Wiki

Standard UDFs:
Excel - Example Scripts - Wiki
Word - Wiki

Tutorials:
ADO - Wiki
WebDriver - Wiki

 

Link to post
Share on other sites

Here is another script which I have converted from Jonathan Clelland's AD UDF, v3.3.

It is working perfectly.

It is, admittedly, lacking error checking.

; #Function#====================================================================================================================
; Name...........: _AD_MailEnableUser
; Description ...: Enables Mail for a User
; Syntax.........: _AD_MailEnableUser($sAD_User, $mdbstore, $store, $server, $admingroup, $domain, $emaildomain)
; Parameters ....: $sAD_User - Username, $mdbstore - Mailbox Store Name, $store - Information Store
;                : $server - Email Server, $admingroup - Admin Group in Exchange, $domain - Domain Name
;                : $emaildomain - Exchange Server Group Name
; Return values .: 1 (Worked)
; Author ........: Jonathan Clelland
; Modified.......: Ethan Turk
; Remarks .......:
; Related .......:
; Link ..........:
; Example .......:
; ===============================================================================================================================

Func _AD_MailEnableUser($sAD_User, $mdbstore, $store, $server, $admingroup, $domain, $emaildomain)

    If _AD_ObjectExists($sAD_User) = 0 Then Return 0
    $sAD_Query = "<LDAP://" & $sAD_HostServer & "/" & $sAD_DNSDomain & ">;(sAMAccountName=" & $sAD_User & ");ADsPath;subtree"
    Local $oAD_RecordSet = $oAD_Connection.Execute($sAD_Query) ; Retrieve the FQDN for the object
    $sAD_LDAPEntry = $oAD_RecordSet.fields(0).value
    Local $oAD_Object = _AD_ObjGet($sAD_LDAPEntry) ; Retrieve the COM Object for the object

    ;If $oAD_Object.HomeMDB <> "" Then Return 0

    $mailboxpath = "LDAP://CN="
    $mailboxpath = $mailboxpath & $mdbstore
    $mailboxpath = $mailboxpath & ",CN="
    $mailboxpath = $mailboxpath & $store
    $mailboxpath = $mailboxpath & ",CN=InformationStore"
    $mailboxpath = $mailboxpath & ",CN="
    $mailboxpath = $mailboxpath & $server
    $mailboxpath = $mailboxpath & ",CN=Servers,CN="
    $mailboxpath = $mailboxpath & $admingroup
    $mailboxpath = $mailboxpath & ",CN=Administrative Groups,CN=" & $emaildomain & ",CN=Microsoft Exchange,CN=Services,CN=Configuration,"
    $mailboxpath = $mailboxpath & $domain

    $oAD_Object.MailNickName = $sAD_User

    $oAD_Object.CreateMailbox($mailboxpath)
    $oAD_Object.SetInfo

    $oAD_Object = 0

    Return 1

EndFunc
Link to post
Share on other sites

Hi,

I tested a lot of functions and fixed the following bugs (Win2003Server Domain):

1.

In the new version AD 0.37 the Func _AD_GetObjectsInOU returns an empty array because of $aAD_DataToRetrieve.

Original:

Line 1133:

$aAD_Objects[$iCount2] = $oAD_RecordSet.Fields($aAD_DataToRetrieve).Value

Fixed (like previous versions):

Line 1133:

$aAD_Objects[$iCount2] = $oAD_RecordSet.Fields($sAD_DataToRetrieve).Value

2.

Also in the Func _AD_GetObjectsInOU the "Searchscope property" doesn't work. The last argument ";subtree" is used for this.

Line 1098:

$oAD_Command.CommandText = "<LDAP://" & $sAD_HostServer & "/" & $sAD_OU & ">;" & $sAD_Filter & ";" & $sAD_DataToRetrieve & ";subtree"

Possible arguments:

";base"

";onelevel"

";subtree"

3.

The Func _AD_FQDNToSamAccountName can't handle OrganizationalUnits with a slash in the name (for example: "Accounts/Controlling").

This is a known Active Directory bug so I declared wrong given slashs "/" from AD as special character "\/" (normaly it's job of Active Directory for example the special character: comma).

Func _AD_FQDNToDisplayname($sAD_FQDN)

                ;AD BUG: Declare wrong given slashs "/" from AD as special character "\/"
                $sAD_FQDN = StringReplace($sAD_FQDN, "/", "\/")

                Local $oAD_Item = _AD_ObjGet("LDAP://" & $sAD_HostServer & "/" & $sAD_FQDN)
                If IsObj($oAD_Item) Then
                               Local $sAD_Name = $oAD_Item.name
                               $sAD_Name = StringTrimLeft($sAD_Name, 3)
                               $sAD_Name = StringReplace($sAD_Name, "\,", ",")
                               Return $sAD_Name
                Else
                               Return SetError(1, 0, "")
                EndIf

EndFunc   ;==>_AD_FQDNToDisplayname

greetings

Edited by Joe2010
Link to post
Share on other sites

Water,

I am using your AD.au3 UDF hoping it'd solve my problems, but unfortunately I cannot get it to work at all. I am trying to use the _AD_IsMemberOf function, but I keep receiving this error when I try to compile the script.

>"C:\Program Files\AutoIt3\SciTE\AutoIt3Wrapper\AutoIt3Wrapper.exe" /run /prod /ErrorStdOut /in "C:\Users\carrollje\Desktop\MasterLog Test1.au3" /autoit3dir "C:\Program Files\AutoIt3" /UserParams

+>16:01:10 Starting AutoIt3Wrapper v.2.0.1.24 Environment(Language:0409 Keyboard:00000409 OS:WIN_7/ CPU:X64 OS:X86)

>Running AU3Check (1.54.19.0) from:C:\Program Files\AutoIt3

+>16:01:11 AU3Check ended.rc:0

>Running:(3.3.2.0):C:\Program Files\AutoIt3\autoit3.exe "C:\Users\carrollje\Desktop\MasterLog Test1.au3"

C:\Program Files\AutoIt3\Include\AD.au3 (482) : ==> Variable must be of type "Object".:

Local $oAD_RecordSet = $oAD_Connection.Execute($sAD_Query)

Local $oAD_RecordSet = $oAD_Connection^ ERROR

->16:01:11 AutoIT3.exe ended.rc:1

>Exit code: 1 Time: 2.251

The script I am running is this, and it is supposed to exporta users login details into a specific CSV file depending on their security group membership.

#include <WindowsConstants.au3>
#include <AD.au3>

$TITLE = ("Username, Computer Name, IP Address, Time, Date")
$Login = (@UserName & "," & @ComputerName & "," & @IPAddress1 & "," & @HOUR & ":" & @MIN & ":" & @SEC & "," & @MON & "/" & @MDAY & "/" & @YEAR)
$DA = True ;==> Domain Admins
$T = True ;==> Teachers
$S = True ;==> Students
$O = True ;==> Office
$CSHT = True ; ==> CSH Teachers
$CSHS = True ;==> CSH Students
$CSHO = True ;==> CSH Office
$EMST = True ; ==> EMS Teachers
$EMSS = True ;==> EMS Students
$EMSO = True ;==> EMS Office
$TCHST = True ; ==> TCHS Teachers
$TCHSS = True ;==> TCHS Students
$TCHSO = True ;==> TCHS Office
$WMST = True ; ==> WMS Teachers
$WMSS = True ;==> WMS Students
$WMSO = True ;==> WMS Office
$WSHT = True ;==> WSH Teachers
$WSHS = True ;==> WSH Students
$WSHO = True ;==> WSH Office

;==> These functions will do the part of adding a record to the log in the CSV file.
;==> The records are added to the particular log depending on the security group.
;==> Each function is named by the security group.

Func DomainAdmins()
    If FileReadLine("\\app2\logs$\Domain Admins Log.csv", 1) = $TITLE Then
        FileWriteLine("\\app2\logs$\Domain Admins Log.csv", $Login)
    Else
        FileWriteLine("\\app2\logs$\Domain Admins Log.csv", $TITLE)
        FileWriteLine("\\app2\logs$\Domain Admins Log.csv", $Login)
    EndIf
EndFunc   ;==>DomainAdmins

Func Teachers()
    If FileReadLine("\\app2\logs$\WSH - Teachers Log.csv", 1) = $TITLE Then
        FileWriteLine("\\app2\logs$\WSH - Teachers Log.csv", $Login)
    Else
        FileWriteLine("\\app2\logs$\WSH - Teachers Log.csv", $TITLE)
        FileWriteLine("\\app2\logs$\WSH - Teachers Log.csv", $Login)
    EndIf
EndFunc   ;==>Teachers

Func Students()
    If FileReadLine("\\app2\logs$\WSH - Students Log.csv", 1) = $TITLE Then
        FileWriteLine("\\app2\logs$\WSH - Students Log.csv", $Login)
    Else
        FileWriteLine("\\app2\logs$\WSH - Students Log.csv", $TITLE)
        FileWriteLine("\\app2\logs$\WSH - Students Log.csv", $Login)
    EndIf
EndFunc   ;==>Students

Func Office()
    If FileReadLine("\\app2\logs$\WSH - Office Log.csv", 1) = $TITLE Then
        FileWriteLine("\\app2\logs$\WSH - Office Log.csv", $Login)
    Else
        FileWriteLine("\\app2\logs$\WSH - Office Log.csv", $TITLE)
        FileWriteLine("\\app2\logs$\WSH - Office Log.csv", $Login)
    EndIf
EndFunc   ;==>Office

Func CSH_Teachers()
    If FileReadLine("\\app2\logs$\CSH - Teachers Log.csv", 1) = $TITLE Then
        FileWriteLine("\\app2\logs$\CSH - Teachers Log.csv", $Login)
    Else
        FileWriteLine("\\app2\logs$\CSH - Teachers Log.csv", $TITLE)
        FileWriteLine("\\app2\logs$\CSH - Teachers Log.csv", $Login)
    EndIf
EndFunc   ;==>CSH_Teachers

Func CSH_Students()
    If FileReadLine("\\app2\logs$\CSH - Students Log.csv", 1) = $TITLE Then
        FileWriteLine("\\app2\logs$\CSH - Students Log.csv", $Login)
    Else
        FileWriteLine("\\app2\logs$\CSH - Students Log.csv", $TITLE)
        FileWriteLine("\\app2\logs$\CSH - Students Log.csv", $Login)
    EndIf
EndFunc   ;==>CSH_Students

Func CSH_Office()
    If FileReadLine("\\app2\logs$\CSH - Office Log.csv", 1) = $TITLE Then
        FileWriteLine("\\app2\logs$\CSH - Office Log.csv", $Login)
    Else
        FileWriteLine("\\app2\logs$\CSH - Office Log.csv", $TITLE)
        FileWriteLine("\\app2\logs$\CSH - Office Log.csv", $Login)
    EndIf
EndFunc   ;==>CSH_Office

Func EMS_Teachers()
    If FileReadLine("\\app2\logs$\EMS - Teachers Log.csv", 1) = $TITLE Then
        FileWriteLine("\\app2\logs$\EMS - Teachers Log.csv", $Login)
    Else
        FileWriteLine("\\app2\logs$\EMS - Teachers Log.csv", $TITLE)
        FileWriteLine("\\app2\logs$\EMS - Teachers Log.csv", $Login)
    EndIf
EndFunc   ;==>EMS_Teachers

Func EMS_Students()
    If FileReadLine("\\app2\logs$\EMS - Students Log.csv", 1) = $TITLE Then
        FileWriteLine("\\app2\logs$\EMS - Students Log.csv", $Login)
    Else
        FileWriteLine("\\app2\logs$\EMS - Students Log.csv", $TITLE)
        FileWriteLine("\\app2\logs$\EMS - Students Log.csv", $Login)
    EndIf
EndFunc   ;==>EMS_Students

Func EMS_Office()
    If FileReadLine("\\app2\logs$\EMS - Office Log.csv", 1) = $TITLE Then
        FileWriteLine("\\app2\logs$\EMS - Office Log.csv", $Login)
    Else
        FileWriteLine("\\app2\logs$\EMS - Office Log.csv", $TITLE)
        FileWriteLine("\\app2\logs$\EMS - Office Log.csv", $Login)
    EndIf
EndFunc   ;==>EMS_Office

Func TCHS_Teachers()
    If FileReadLine("\\app2\logs$\TCHS - Teachers Log.csv", 1) = $TITLE Then
        FileWriteLine("\\app2\logs$\TCHS - Teachers Log.csv", $Login)
    Else
        FileWriteLine("\\app2\logs$\TCHS - Teachers Log.csv", $TITLE)
        FileWriteLine("\\app2\logs$\TCHS - Teachers Log.csv", $Login)
    EndIf
EndFunc   ;==>TCHS_Teachers

Func TCHS_Students()
    If FileReadLine("\\app2\logs$\TCHS - Students Log.csv", 1) = $TITLE Then
        FileWriteLine("\\app2\logs$\TCHS - Students Log.csv", $Login)
    Else
        FileWriteLine("\\app2\logs$\TCHS - Students Log.csv", $TITLE)
        FileWriteLine("\\app2\logs$\TCHS - Students Log.csv", $Login)
    EndIf
EndFunc   ;==>TCHS_Students

Func TCHS_Office()
    If FileReadLine("\\app2\logs$\TCHS - Office Log.csv", 1) = $TITLE Then
        FileWriteLine("\\app2\logs$\TCHS - Office Log.csv", $Login)
    Else
        FileWriteLine("\\app2\logs$\TCHS - Office Log.csv", $TITLE)
        FileWriteLine("\\app2\logs$\TCHS - Office Log.csv", $Login)
    EndIf
EndFunc   ;==>TCHS_Office

Func WMS_Teachers()
    If FileReadLine("\\app2\logs$\WMS - Teachers Log.csv", 1) = $TITLE Then
        FileWriteLine("\\app2\logs$\WMS - Teachers Log.csv", $Login)
    Else
        FileWriteLine("\\app2\logs$\WMS - Teachers Log.csv", $TITLE)
        FileWriteLine("\\app2\logs$\WMS - Teachers Log.csv", $Login)
    EndIf
EndFunc   ;==>WMS_Teachers

Func WMS_Students()
    If FileReadLine("\\app2\logs$\WMS - Students Log.csv", 1) = $TITLE Then
        FileWriteLine("\\app2\logs$\WMS - Students Log.csv", $Login)
    Else
        FileWriteLine("\\app2\logs$\WMS - Students Log.csv", $TITLE)
        FileWriteLine("\\app2\logs$\WMS - Students Log.csv", $Login)
    EndIf
EndFunc   ;==>WMS_Students

Func WMS_Office()
    If FileReadLine("\\app2\logs$\WMS - Office Log.csv", 1) = $TITLE Then
        FileWriteLine("\\app2\logs$\WMS - Office Log.csv", $Login)
    Else
        FileWriteLine("\\app2\logs$\WMS - Office Log.csv", $TITLE)
        FileWriteLine("\\app2\logs$\WMS - Office Log.csv", $Login)
    EndIf
EndFunc   ;==>WMS_Office

Func WSH_Teachers()
    If FileReadLine("\\app2\logs$\WSH - Teachers Log.csv", 1) = $TITLE Then
        FileWriteLine("\\app2\logs$\WSH - Teachers Log.csv", $Login)
    Else
        FileWriteLine("\\app2\logs$\WSH - Teachers Log.csv", $TITLE)
        FileWriteLine("\\app2\logs$\WSH - Teachers Log.csv", $Login)
    EndIf
EndFunc   ;==>WSH_Teachers

Func WSH_Students()
    If FileReadLine("\\app2\logs$\WSH - Students Log.csv", 1) = $TITLE Then
        FileWriteLine("\\app2\logs$\WSH - Students Log.csv", $Login)
    Else
        FileWriteLine("\\app2\logs$\WSH - Students Log.csv", $TITLE)
        FileWriteLine("\\app2\logs$\WSH - Students Log.csv", $Login)
    EndIf
EndFunc   ;==>WSH_Students

Func WSH_Office()
    If FileReadLine("\\app2\logs$\WSH - Office Log.csv", 1) = $TITLE Then
        FileWriteLine("\\app2\logs$\WSH - Office Log.csv", $Login)
    Else
        FileWriteLine("\\app2\logs$\WSH - Office Log.csv", $TITLE)
        FileWriteLine("\\app2\logs$\WSH - Office Log.csv", $Login)
    EndIf
EndFunc   ;==>WSH_Office

;==>
Select
    Case $DA
If _AD_IsMemberOf("Domain Admins","") Then DomainAdmins()
    ContinueCase

    Case $T
If _AD_IsMemberOf("Teachers","") Then Teachers()
    ContinueCase

    Case $S
If _AD_IsMemberOf("Students","") Then Students()
    ContinueCase

    Case $O
If _AD_IsMemberOf("Office","") Then Office()
    ContinueCase

    Case $CSHT
If _AD_IsMemberOf("CSH_Teachers","") Then CSH_Teachers()
    ContinueCase

    Case $CSHS
If _AD_IsMemberOf("CSH_Students","") Then CSH_Students()
    ContinueCase

    Case $CSHO
If _AD_IsMemberOf("CSH_Office","") Then CSH_Office()
    ContinueCase

    Case $EMST
If _AD_IsMemberOf("EMS_Teachers","") Then EMS_Teachers()
    ContinueCase

    Case $EMSS
If _AD_IsMemberOf("EMS_Students","") Then EMS_Students()
    ContinueCase

    Case $EMSO
If _AD_IsMemberOf("EMS_Office","") Then EMS_Office()
    ContinueCase

    Case $TCHST
If _AD_IsMemberOf("TCHS_Teachers","") Then TCHS_Teachers()
    ContinueCase

    Case $TCHSS
If _AD_IsMemberOf("TCHS_Students","") Then TCHS_Students()
    ContinueCase

    Case $TCHSO
If _AD_IsMemberOf("TCHS_Office","") Then TCHS_Office()
    ContinueCase

    Case $WMST
If _AD_IsMemberOf("WMS_Teachers","") Then WMS_Teachers()
    ContinueCase

    Case $WMSS
If _AD_IsMemberOf("WMS_Students","") Then WMS_Students()
    ContinueCase

    Case $WMSO
If _AD_IsMemberOf("WMS_Office","") Then WMS_Office()
    ContinueCase

    Case $WSHT
If _AD_IsMemberOf("WSH_Teachers","") Then WSH_Teachers()
    ContinueCase

    Case $WSHS
If _AD_IsMemberOf("WSH_Students","") Then WSH_Students()
    ContinueCase

    Case $WSHO
If _AD_IsMemberOf("WSH_Office","") Then WSH_Office()
    ContinueCase
EndSelect
Link to post
Share on other sites

Hi jazzyjeff,

it's not a bug of AD.au3! -> "General Help and Support Thread"

Please use the _AD_Open/_AD_Close - Functions to get access to the Active Directory.

Have a look:

Case $DA
    _AD_Open()
    If _AD_IsMemberOf("domain admins") Then DomainAdmins()
    _AD_Close()

greetings

Link to post
Share on other sites

Hi Water,

please add the option "User must change password at next logon" to Func _AD_SetPassword.

Func _AD_SetPassword($sAD_User, $sAD_Password = "", $iChangePW = 0) ; changed by Joe2010

    If Not _AD_ObjectExists($sAD_User) Then Return SetError(1, 0, 0)
    If StringMid($sAD_User, 3, 1) <> "=" Then $sAD_User = _AD_SamAccountNameToFQDN($sAD_User) ; sAMACccountName provided
    Local $oAD_User = _AD_ObjGet("LDAP://" & $sAD_HostServer & "/" & $sAD_User)
    $oAD_User.SetPassword($sAD_Password)
    
    ; added by Joe2010
    $oAD_User.Put("pwdLastSet", $iChangePW) ; $iChangePW: (0 = User must change password at next logon / 1 = User must not change password at next logon)
    ;==> added by Joe2010
    
    $oAD_User.SetInfo()
    If @error <> 0 Then Return SetError(@error, 0, 0)
    Return 1

EndFunc   ;==>_AD_SetPassword
Edited by Joe2010
Link to post
Share on other sites

Sorry...the value for "user must not change password at next logon" is -1 :(

Func _AD_SetPassword($sAD_User, $sAD_Password = "", $iChangePW = 0) ; changed by Joe2010

    If Not _AD_ObjectExists($sAD_User) Then Return SetError(1, 0, 0)
    If StringMid($sAD_User, 3, 1) <> "=" Then $sAD_User = _AD_SamAccountNameToFQDN($sAD_User) ; sAMACccountName provided
    Local $oAD_User = _AD_ObjGet("LDAP://" & $sAD_HostServer & "/" & $sAD_User)
    $oAD_User.SetPassword($sAD_Password)
    
    ; added by Joe2010
    $oAD_User.Put("pwdLastSet", $iChangePW) ; $iChangePW: (0 = User must change password at next logon / -1 = User must not change password at next logon)
    ;==> added by Joe2010
    
    $oAD_User.SetInfo()
    If @error <> 0 Then Return SetError(@error, 0, 0)
    Return 1

EndFunc   ;==>_AD_SetPassword
Link to post
Share on other sites

Am I misunderstanding the return value from _AD_Open? I just downloaded 0.37 and wanted to make my script error out during _AD_Open. I use all five parameters, and the first 2 are populated from InputBox. The other 3 are static. I use my username and my correct password and it returns 1. I then use my username and an incorrect password and it still returns 1. Seems to me like it shouldn't be able to connect.

Any help is appreciated.

Sidenote, might be a good idea to add this (untested) to the top of _AD_Open to enforce adding all three of the last parameters

If $sAD_DNSDomainParam <> "" Then
  If $sAD_HostServerParam = "" OR $sAD_ConfigurationParam == "" Then Return SetError(SOME ERROR INFO)
EndIf
Link to post
Share on other sites

@Joe2010

Thanks a lot for testing. All problems will be fixed in version 0.38.

My UDFs and Tutorials:

Spoiler

UDFs:
Active Directory (NEW 2021-11-10 - Version 1.6.0.0) - Download - General Help & Support - Example Scripts - Wiki
ExcelChart (2017-07-21 - Version 0.4.0.1) - Download - General Help & Support - Example Scripts
OutlookEX (NEW 2021-11-16 - Version 1.7.0.0) - Download - General Help & Support - Example Scripts - Wiki
OutlookEX_GUI (2021-04-13 - Version 1.4.0.0) - Download
Outlook Tools (2019-07-22 - Version 0.6.0.0) - Download - General Help & Support - Wiki
PowerPoint (NEW 2021-08-31 - Version 1.5.0.0) - Download - General Help & Support - Example Scripts - Wiki
Task Scheduler (2019-12-03 - Version 1.5.1.0) - Download - General Help & Support - Wiki

Standard UDFs:
Excel - Example Scripts - Wiki
Word - Wiki

Tutorials:
ADO - Wiki
WebDriver - Wiki

 

Link to post
Share on other sites

please add the option "User must change password at next logon" to Func _AD_SetPassword.

The function _AD_SetPasswordExpired already sets "pwdLastSet" to 0. I could extend the function to let you set it to -1.

What do you think? Does this make more sense?

My UDFs and Tutorials:

Spoiler

UDFs:
Active Directory (NEW 2021-11-10 - Version 1.6.0.0) - Download - General Help & Support - Example Scripts - Wiki
ExcelChart (2017-07-21 - Version 0.4.0.1) - Download - General Help & Support - Example Scripts
OutlookEX (NEW 2021-11-16 - Version 1.7.0.0) - Download - General Help & Support - Example Scripts - Wiki
OutlookEX_GUI (2021-04-13 - Version 1.4.0.0) - Download
Outlook Tools (2019-07-22 - Version 0.6.0.0) - Download - General Help & Support - Wiki
PowerPoint (NEW 2021-08-31 - Version 1.5.0.0) - Download - General Help & Support - Example Scripts - Wiki
Task Scheduler (2019-12-03 - Version 1.5.1.0) - Download - General Help & Support - Wiki

Standard UDFs:
Excel - Example Scripts - Wiki
Word - Wiki

Tutorials:
ADO - Wiki
WebDriver - Wiki

 

Link to post
Share on other sites

how can you create a user in AD to lets say... groups\division1\ so the OU is groups, which has another folder in it named division1

You have to specify the OU in the form "OU=groups,OU=division1,DC=microsoft,DC=com"

My UDFs and Tutorials:

Spoiler

UDFs:
Active Directory (NEW 2021-11-10 - Version 1.6.0.0) - Download - General Help & Support - Example Scripts - Wiki
ExcelChart (2017-07-21 - Version 0.4.0.1) - Download - General Help & Support - Example Scripts
OutlookEX (NEW 2021-11-16 - Version 1.7.0.0) - Download - General Help & Support - Example Scripts - Wiki
OutlookEX_GUI (2021-04-13 - Version 1.4.0.0) - Download
Outlook Tools (2019-07-22 - Version 0.6.0.0) - Download - General Help & Support - Wiki
PowerPoint (NEW 2021-08-31 - Version 1.5.0.0) - Download - General Help & Support - Example Scripts - Wiki
Task Scheduler (2019-12-03 - Version 1.5.1.0) - Download - General Help & Support - Wiki

Standard UDFs:
Excel - Example Scripts - Wiki
Word - Wiki

Tutorials:
ADO - Wiki
WebDriver - Wiki

 

Link to post
Share on other sites

Am I misunderstanding the return value from _AD_Open?

Yes and No :(

I tried to put as much error checking into _AD_Open as possible. Unfortunately a check for correct user credentials is not possible as this information is not returned at the time the conncection is opened. The function returns 1 even when you specifiy an incorrect password but will crash as soon as you call another _AD-function.

We already opened a ticket.

Error checking will be enhanced in version 0.38.

Edited by water

My UDFs and Tutorials:

Spoiler

UDFs:
Active Directory (NEW 2021-11-10 - Version 1.6.0.0) - Download - General Help & Support - Example Scripts - Wiki
ExcelChart (2017-07-21 - Version 0.4.0.1) - Download - General Help & Support - Example Scripts
OutlookEX (NEW 2021-11-16 - Version 1.7.0.0) - Download - General Help & Support - Example Scripts - Wiki
OutlookEX_GUI (2021-04-13 - Version 1.4.0.0) - Download
Outlook Tools (2019-07-22 - Version 0.6.0.0) - Download - General Help & Support - Wiki
PowerPoint (NEW 2021-08-31 - Version 1.5.0.0) - Download - General Help & Support - Example Scripts - Wiki
Task Scheduler (2019-12-03 - Version 1.5.1.0) - Download - General Help & Support - Wiki

Standard UDFs:
Excel - Example Scripts - Wiki
Word - Wiki

Tutorials:
ADO - Wiki
WebDriver - Wiki

 

Link to post
Share on other sites

The function _AD_SetPasswordExpired already sets "pwdLastSet" to 0. I could extend the function to let you set it to -1.

What do you think? Does this make more sense?

Hi Water,

i can't find the function _AD_SetPasswordExpired. There is only _AD_DisablePasswordExpire in AD 0.37. I think an opposite function would be great.

But the "pwdLastSet" = 0 - param in the Func _AD_SetPassword makes a lot of sense. For example if an user forget his password and i set it to "1234", the user must promptly change his password at next logon.

Link to post
Share on other sites

I can't find the function _AD_SetPasswordExpired.

Your are right. It's still in the pipeline for version 0.38.

I'll think about it and hope to come up with a good solution.

My UDFs and Tutorials:

Spoiler

UDFs:
Active Directory (NEW 2021-11-10 - Version 1.6.0.0) - Download - General Help & Support - Example Scripts - Wiki
ExcelChart (2017-07-21 - Version 0.4.0.1) - Download - General Help & Support - Example Scripts
OutlookEX (NEW 2021-11-16 - Version 1.7.0.0) - Download - General Help & Support - Example Scripts - Wiki
OutlookEX_GUI (2021-04-13 - Version 1.4.0.0) - Download
Outlook Tools (2019-07-22 - Version 0.6.0.0) - Download - General Help & Support - Wiki
PowerPoint (NEW 2021-08-31 - Version 1.5.0.0) - Download - General Help & Support - Example Scripts - Wiki
Task Scheduler (2019-12-03 - Version 1.5.1.0) - Download - General Help & Support - Wiki

Standard UDFs:
Excel - Example Scripts - Wiki
Word - Wiki

Tutorials:
ADO - Wiki
WebDriver - Wiki

 

Link to post
Share on other sites

Hi Water,

on the subject of >>can't handle OrganizationalUnits with a slash in the name (for example: "Accounts/Controlling")<<, I found some other affected functions.

Additionally I added the code lines below in case the bug would be fixed @Server2008 for example (it should be :().

Func _AD_FQDNToSamAccountName($sAD_FQDN)

    ; added by Joe2010
    ;AD BUG: In case the bug is fixed declare right given slashs "wrong"
    $sAD_FQDN = StringReplace($sAD_FQDN, "\/", "/")
    ;AD BUG: Declare wrong given slashs "/" from AD as special character "\/" (normaly it's job of Active Directory for example the special character: comma)
    $sAD_FQDN = StringReplace($sAD_FQDN, "/", "\/")
    ; added by Joe2010

    Local $oAD_Object = _AD_ObjGet("LDAP://" & $sAD_HostServer & "/" & $sAD_FQDN)
    If $oAD_Object = 0 Then Return SetError(1, 0, "")
    Local $sAD_Result = $oAD_Object.sAMAccountName
    Return $sAD_Result

EndFunc   ;==>_AD_FQDNToSamAccountName

Func _AD_FQDNToDisplayname($sAD_FQDN)

    ; added by Joe2010
    ;AD BUG: In case the bug is fixed declare right given slashs "wrong"
    $sAD_FQDN = StringReplace($sAD_FQDN, "\/", "/")
    ;AD BUG: Declare wrong given slashs "/" from AD as special character "\/" (normaly it's job of Active Directory for example the special character: comma)
    $sAD_FQDN = StringReplace($sAD_FQDN, "/", "\/")
    ; added by Joe2010

    Local $oAD_Item = _AD_ObjGet("LDAP://" & $sAD_HostServer & "/" & $sAD_FQDN)
    If IsObj($oAD_Item) Then
        Local $sAD_Name = $oAD_Item.name
        $sAD_Name = StringTrimLeft($sAD_Name, 3)
        $sAD_Name = StringReplace($sAD_Name, "\,", ",")
        Return $sAD_Name
    Else
        Return SetError(1, 0, "")
    EndIf

EndFunc   ;==>_AD_FQDNToDisplayname

Func _AD_GetPasswordInfo($sAD_Object = @UserName)

    If _AD_ObjectExists($sAD_Object) = 0 Then Return SetError(1, 0, "")

    ; changed by Joe2010
    If StringMid($sAD_Object, 3, 1) <> "=" Then
        $sAD_Object = _AD_SamAccountNameToFQDN($sAD_Object) ; sAMAccountName provided
    Else
        ; added by Joe2010
        ;AD BUG: In case the bug is fixed declare right given slashs "wrong"
        $sAD_Object = StringReplace($sAD_Object, "\/", "/")
        ;AD BUG: Declare wrong given slashs "/" from AD as special character "\/" (normaly it's job of Active Directory for example the special character: comma)
        $sAD_Object = StringReplace($sAD_Object, "/", "\/")
        ; added by Joe2010
    EndIf
    ; by Joe2010

    Local $sAD_PwdLastChanged
    Local $iAD_Error = 0
    Local $aAD_PwdInfo[10] = [9]
    Local $oAD_Object = ObjGet("LDAP://" & $sAD_DNSDomain)
    $aAD_PwdInfo[1] = Int(_AD_Int8ToSec($oAD_Object.Get("maxPwdAge"))) / 86400 ; Convert to Days
    $aAD_PwdInfo[2] = _AD_Int8ToSec($oAD_Object.Get("minPwdAge")) / 86400 ; Convert to Days
    $aAD_PwdInfo[3] = $oAD_Object.Get("pwdHistoryLength")
    $aAD_PwdInfo[4] = $oAD_Object.Get("minPwdLength")
    $aAD_PwdInfo[5] = _AD_Int8ToSec($oAD_Object.Get("lockoutDuration")) / 60 ; Convert to Minutes
    $aAD_PwdInfo[6] = $oAD_Object.Get("lockoutThreshold")
    $aAD_PwdInfo[7] = _AD_Int8ToSec($oAD_Object.Get("lockoutObservationWindow")) / 60 ; Convert to Minutes

    Local $oAD_User = _AD_ObjGet("LDAP://" & $sAD_HostServer & "/" & $sAD_Object)
    ; Is user account password set to expire
    Local $iAD_UAC = $oAD_User.userAccountControl
    If BitAND($iAD_UAC, $ADS_UF_DONT_EXPIRE_PASSWD) = $ADS_UF_DONT_EXPIRE_PASSWD Then
        $aAD_PwdInfo[9] = "Password does not expire"
        $iAD_Error = 2
    Else
        ; Has user account password been changed before
        $sAD_PwdLastChanged = $oAD_User.PasswordLastChanged
        If $iAD_COMError = 3 Then
            $aAD_PwdInfo[8] = "Password has never been set"
            $iAD_Error = 3
        Else
            $aAD_PwdInfo[8] = StringLeft($sAD_PwdLastChanged, 4) & "/" & StringMid($sAD_PwdLastChanged, 5, 2) & "/" & StringMid($sAD_PwdLastChanged, 7, 2) & _
                    " " & StringMid($sAD_PwdLastChanged, 9, 2) & ":" & StringMid($sAD_PwdLastChanged, 11, 2) & ":" & StringMid($sAD_PwdLastChanged, 13, 2)
            $aAD_PwdInfo[9] = _DateAdd("d", $aAD_PwdInfo[1], $aAD_PwdInfo[8])
        EndIf
    EndIf
    Return SetError($iAD_Error, 0, $aAD_PwdInfo)

EndFunc   ;==>_AD_GetPasswordInfo

Greetings and

thanks a lot for your nice work!

Link to post
Share on other sites

on the subject of >>can't handle OrganizationalUnits with a slash in the name (for example: "Accounts/Controlling")<<, I found some other affected functions.

Thanks a lot for the info.

I will incorporate the changes in the next version. The original UDF by John Clelland already has a function _AD_FixSpecialChars to insert or remove special characters. So I will use this in version 0.38.

BTW: Do you think your code will work? I didn't test it but I think it will change "\/" to "/" and in the next statement back to "\/" again.

; added by Joe2010
;AD BUG: In case the bug is fixed declare right given slashs "wrong"
$sAD_FQDN = StringReplace($sAD_FQDN, "\/", "/")
;AD BUG: Declare wrong given slashs "/" from AD as special character "\/"
$sAD_FQDN = StringReplace($sAD_FQDN, "/", "\/")
; added by Joe2010
Edited by water

My UDFs and Tutorials:

Spoiler

UDFs:
Active Directory (NEW 2021-11-10 - Version 1.6.0.0) - Download - General Help & Support - Example Scripts - Wiki
ExcelChart (2017-07-21 - Version 0.4.0.1) - Download - General Help & Support - Example Scripts
OutlookEX (NEW 2021-11-16 - Version 1.7.0.0) - Download - General Help & Support - Example Scripts - Wiki
OutlookEX_GUI (2021-04-13 - Version 1.4.0.0) - Download
Outlook Tools (2019-07-22 - Version 0.6.0.0) - Download - General Help & Support - Wiki
PowerPoint (NEW 2021-08-31 - Version 1.5.0.0) - Download - General Help & Support - Example Scripts - Wiki
Task Scheduler (2019-12-03 - Version 1.5.1.0) - Download - General Help & Support - Wiki

Standard UDFs:
Excel - Example Scripts - Wiki
Word - Wiki

Tutorials:
ADO - Wiki
WebDriver - Wiki

 

Link to post
Share on other sites
Guest
This topic is now closed to further replies.
  • Recently Browsing   0 members

    No registered users viewing this page.

  • Similar Content

    • By water
      Extensive library to control and manipulate Microsoft Active Directory.

      Threads: Development - General Help & Support - Example Scripts - Wiki
      Previous downloads: 30467
       
      Known Bugs: (last changed: 2020-10-05)
      None Things to come: (last changed: 2020-07-21)
      None
      BTW: If you like this UDF please click the "I like this" button. This tells me where to next put my development effort
    • By AdamUL
      Below are some functions that I created when I needed to get some Group Policy information via script.  The quickest way I found to get this information was using the Group Policy Module for PowerShell.  This is not a full UDF for the Group Policy Module.  There are a lot more options available with the cmdlets, and this only touches on a few.  To use the functions below, for a Windows client, you will need to install Remote Server Administration Tools (RSAT).  For Windows Server 2012 or later, you will need to install the Group Policy Management Console.  
      Remote Server Administration Tools (RSAT)
      Installing the Group Policy Management Console via PowerShell for Windows Server 2012 or later.  Run in an Admin PowerShell prompt.
      Install-WindowsFeature –Name GPMC PowerShell Group Policy Module Documentation
      For the example below, the AD UDF is only required to query GPO names, but is not required to use the functions.  
      #include <AD.au3> #include <WinAPIFiles.au3> Global $sLDAPFilter = "(name=*)" Global $sExcludeFilter = "" Global $sIncludeFilter = "" Global $sBaseDN = "DC=ad,DC=university,DC=edu" Global $sDataToRetrieve = "sAMAccountName" $sIncludeFilter = "(&(displayName=LIBS-*))" ;GPO Names. $sLDAPFilter = "(&(objectClass=groupPolicyContainer)" & $sExcludeFilter & $sIncludeFilter & ")" $sDataToRetrieve = "displayName,name" _AD_Open() Global $aGPONames = _AD_GetObjectsInOU($sBaseDN, $sLDAPFilter, 2, $sDataToRetrieve) If @error Then MsgBox(64, "Active Directory Functions", "No objects found") Exit _AD_Close() EndIf _AD_Close() ;Add column headers to the output array. Global $aDataToRetrieve = StringSplit($sDataToRetrieve, ",", 2) For $i = 0 To UBound($aGPONames, 2) - 1 Step 1 $aGPONames[0][$i] = $aDataToRetrieve[$i] Next _ArraySort($aGPONames) _ArrayDisplay($aGPONames, "LIBS GPOs") ;For Testing. Global $aGPOPermissions = _AD_GetGPOPermissionsPS($aGPONames[1][0]) If @error Then Exit 1 _ArrayDisplay($aGPOPermissions, $aGPONames[1][0]) Global $sOU = "OU=libs,OU=active,DC=ad,DC=university,DC=edu" Global $aGPOLinks = _AD_GetGPOLinksPS($sOU) If @error Then Exit 2 _ArrayDisplay($aGPOLinks, $sOU) Global $aGPOInheritedLinks = _AD_GetGPOInheritedLinksPS($sOU) If @error Then Exit 2 _ArrayDisplay($aGPOInheritedLinks, $sOU) Global $aGPOs = _AD_GetAllGPOsPS() If @error Then Exit 3 _ArraySort($aGPOs) _ArrayDisplay($aGPOs, "GPOs") Global $aGPOName = _AD_GetGPOByNamePS($aGPONames[1][0]) If @error Then Exit 4 _ArrayDisplay($aGPOName, $aGPONames[1][0]) Global $aGPOGuid = _AD_GetGPOByGuidPS($aGPONames[1][1]) If @error Then Exit 5 _ArrayDisplay($aGPOGuid, $aGPONames[1][1]) Global $sReportName = "C:\Users\adamul\Desktop\Group Policy Object (GPO) PowerShell\Reports\" & $aGPONames[1][0] & ".html" _AD_GetGPOReportByNamePS($aGPONames[1][0], $sReportName) If @error Then Exit 6 Global $sReportGUID = "C:\Users\adamul\Desktop\Group Policy Object (GPO) PowerShell\Reports\" & $aGPONames[1][1] & ".html" _AD_GetGPOReportByGuidPS($aGPONames[1][1], $sReportGUID) If @error Then Exit 6 Func _AD_GetGPOPermissionsPS($sGPOName) ;An array of permission level for one or more security principals on a specified GPO. Local $sGPOCmd = 'powershell "Import-Module GroupPolicy; Get-GPPermissions -Name ''' & $sGPOName & ''' -All"' ConsoleWrite($sGPOCmd & @CRLF) ;Turn off redirection for a 32-bit script on 64-bit system. If @OSArch = "X64" And Not @AutoItX64 Then _WinAPI_Wow64EnableWow64FsRedirection(False) Local $iPIDGPOCmd = Run($sGPOCmd, @SystemDir, @SW_HIDE, $STDERR_MERGED) ProcessWaitClose($iPIDGPOCmd) ;Turn on redirection for a 32-bit script on 64-bit system. If @OSArch = "X64" And Not @AutoItX64 Then _WinAPI_Wow64EnableWow64FsRedirection(True) Local $sGPOCmdOutput = StringStripWS(StdoutRead($iPIDGPOCmd), 3) ;~ ConsoleWrite($sGPOCmdOutput & @CRLF & @CRLF) ;For testing. Local $iGPOCmdOutputSS = StringInStr($sGPOCmdOutput, @CRLF & @CRLF) If $iGPOCmdOutputSS = 0 Then Return SetError(1, 0, 0) Local $sGPOCmdOutputSS = StringMid($sGPOCmdOutput, 1, $iGPOCmdOutputSS) ;~ ConsoleWrite(@CRLF & @CRLF & $sGPOCmdOutputSS & @CRLF) Local $sRegEx = "([^:\r\n]*):.*" Local $aProperties = StringRegExp($sGPOCmdOutputSS, $sRegEx, 3) ;~ _ArrayDisplay($aProperties) ;For testing. If StringInStr($sGPOCmdOutput, "ArgumentException") Then Return SetError(2, 0, 0) ;Get data on multiple lines to a single line. $sGPOCmdOutput = StringRegExpReplace($sGPOCmdOutput, "(\r\n\h{2,})", "") Local $aGPOCmdOutput = StringSplit($sGPOCmdOutput, @CRLF & @CRLF, 1) ;~ _ArrayDisplay($aGPOCmdOutput) ;For testing. ;Convert from a list output to a 2D array. Local $aGPOCmdOutput2D[$aGPOCmdOutput[0]][UBound($aProperties)] Local $aTemp For $i = 1 To $aGPOCmdOutput[0] Step 1 $aTemp = StringSplit($aGPOCmdOutput[$i], @CRLF, 1) For $j = 1 To $aTemp[0] Step 1 For $k = 0 To UBound($aProperties) - 1 Step 1 If StringInStr($aTemp[$j], $aProperties[$k]) Then $aGPOCmdOutput2D[$i - 1][$k] = StringStripWS(StringReplace($aTemp[$j], $aProperties[$k] & ":", ""), 3) EndIf Next Next Next ;~ _ArrayDisplay($aGPOCmdOutput2D) ;For testing. For $i = 0 To UBound($aProperties) - 1 Step 1 $aProperties[$i] = StringStripWS($aProperties[$i], 3) Next _ArrayTranspose($aProperties) _ArrayConcatenate($aProperties, $aGPOCmdOutput2D) Return $aProperties EndFunc ;==>_AD_GetGPOPermissionsPS Func _AD_GetGPOLinksPS($sOUName) ;An array of GPOs that are linked directly to the location. Local $sGPOCmd = 'powershell "Import-Module GroupPolicy; (Get-GPInheritance -Target ''' & $sOUName & "').GpoLinks" ConsoleWrite($sGPOCmd & @CRLF) ;Turn off redirection for a 32-bit script on 64-bit system. If @OSArch = "X64" And Not @AutoItX64 Then _WinAPI_Wow64EnableWow64FsRedirection(False) Local $iPIDGPOCmd = Run($sGPOCmd, @SystemDir, @SW_HIDE, $STDERR_MERGED) ProcessWaitClose($iPIDGPOCmd) ;Turn on redirection for a 32-bit script on 64-bit system. If @OSArch = "X64" And Not @AutoItX64 Then _WinAPI_Wow64EnableWow64FsRedirection(True) Local $sGPOCmdOutput = StringStripWS(StdoutRead($iPIDGPOCmd), 3) ;~ ConsoleWrite($sGPOCmdOutput & @CRLF & @CRLF) ;For testing. Local $iGPOCmdOutputSS = StringInStr($sGPOCmdOutput, @CRLF & @CRLF) If $iGPOCmdOutputSS = 0 Then Return SetError(1, 0, 0) Local $sGPOCmdOutputSS = StringMid($sGPOCmdOutput, 1, $iGPOCmdOutputSS) ;~ ConsoleWrite(@CRLF & @CRLF & $sGPOCmdOutputSS & @CRLF) ;For testing. Local $sRegEx = "([^:\r\n]*):.*" Local $aProperties = StringRegExp($sGPOCmdOutputSS, $sRegEx, 3) ;~ _ArrayDisplay($aProperties) ;For testing. If StringInStr($sGPOCmdOutput, "ArgumentException") Then Return SetError(1, 0, 0) ;Get data on multiple lines to a single line. $sGPOCmdOutput = StringRegExpReplace($sGPOCmdOutput, "(\r\n\h{2,})", "") Local $aGPOCmdOutput = StringSplit($sGPOCmdOutput, @CRLF & @CRLF, 1) ;~ _ArrayDisplay($aGPOCmdOutput) ;For testing. ;Convert from a list output to a 2D array. Local $aGPOCmdOutput2D[$aGPOCmdOutput[0]][UBound($aProperties)] Local $aTemp For $i = 1 To $aGPOCmdOutput[0] Step 1 $aTemp = StringSplit($aGPOCmdOutput[$i], @CRLF, 1) For $j = 1 To $aTemp[0] Step 1 For $k = 0 To UBound($aProperties) - 1 Step 1 If StringInStr($aTemp[$j], $aProperties[$k]) Then $aGPOCmdOutput2D[$i - 1][$k] = StringStripWS(StringReplace($aTemp[$j], $aProperties[$k] & ":", ""), 3) EndIf Next Next Next ;~ _ArrayDisplay($aGPOCmdOutput2D) ;For testing. For $i = 0 To UBound($aProperties) - 1 Step 1 $aProperties[$i] = StringStripWS($aProperties[$i], 3) Next _ArrayTranspose($aProperties) _ArrayConcatenate($aProperties, $aGPOCmdOutput2D) Return $aProperties EndFunc ;==>_AD_GetGPOLinksPS Func _AD_GetGPOInheritedLinksPS($sOUName) ;An array of GPOs that are applied to the location when Group Policy is processed on a client. Local $sGPOCmd = 'powershell "Import-Module GroupPolicy; (Get-GPInheritance -Target ''' & $sOUName & "').InheritedGpoLinks" ConsoleWrite($sGPOCmd & @CRLF) ;Turn off redirection for a 32-bit script on 64-bit system. If @OSArch = "X64" And Not @AutoItX64 Then _WinAPI_Wow64EnableWow64FsRedirection(False) Local $iPIDGPOCmd = Run($sGPOCmd, @SystemDir, @SW_HIDE, $STDERR_MERGED) ProcessWaitClose($iPIDGPOCmd) ;Turn on redirection for a 32-bit script on 64-bit system. If @OSArch = "X64" And Not @AutoItX64 Then _WinAPI_Wow64EnableWow64FsRedirection(True) Local $sGPOCmdOutput = StringStripWS(StdoutRead($iPIDGPOCmd), 3) ;~ ConsoleWrite($sGPOCmdOutput & @CRLF & @CRLF) ;For testing. Local $iGPOCmdOutputSS = StringInStr($sGPOCmdOutput, @CRLF & @CRLF) If $iGPOCmdOutputSS = 0 Then Return SetError(1, 0, 0) Local $sGPOCmdOutputSS = StringMid($sGPOCmdOutput, 1, $iGPOCmdOutputSS) ;~ ConsoleWrite(@CRLF & @CRLF & $sGPOCmdOutputSS & @CRLF) ;For testing. Local $sRegEx = "([^:\r\n]*):.*" Local $aProperties = StringRegExp($sGPOCmdOutputSS, $sRegEx, 3) ;~ _ArrayDisplay($aProperties) ;For testing. If StringInStr($sGPOCmdOutput, "ArgumentException") Then Return SetError(1, 0, 0) ;Get data on multiple lines to a single line. $sGPOCmdOutput = StringRegExpReplace($sGPOCmdOutput, "(\r\n\h{2,})", "") Local $aGPOCmdOutput = StringSplit($sGPOCmdOutput, @CRLF & @CRLF, 1) ;~ _ArrayDisplay($aGPOCmdOutput) ;For testing. ;Convert from a list output to a 2D array. Local $aGPOCmdOutput2D[$aGPOCmdOutput[0]][UBound($aProperties)] Local $aTemp For $i = 1 To $aGPOCmdOutput[0] Step 1 $aTemp = StringSplit($aGPOCmdOutput[$i], @CRLF, 1) For $j = 1 To $aTemp[0] Step 1 For $k = 0 To UBound($aProperties) - 1 Step 1 If StringInStr($aTemp[$j], $aProperties[$k]) Then $aGPOCmdOutput2D[$i - 1][$k] = StringStripWS(StringReplace($aTemp[$j], $aProperties[$k] & ":", ""), 3) EndIf Next Next Next ;~ _ArrayDisplay($aGPOCmdOutput2D) ;For testing. For $i = 0 To UBound($aProperties) - 1 Step 1 $aProperties[$i] = StringStripWS($aProperties[$i], 3) Next _ArrayTranspose($aProperties) _ArrayConcatenate($aProperties, $aGPOCmdOutput2D) Return $aProperties EndFunc ;==>_AD_GetGPOInheritedLinksPS Func _AD_GetAllGPOsPS() ;An array of information on all the GPOs in a domain. Local $sGPOCmd = 'powershell "Import-Module GroupPolicy; Get-GPO -All"' ConsoleWrite($sGPOCmd & @CRLF) ;Turn off redirection for a 32-bit script on 64-bit system. If @OSArch = "X64" And Not @AutoItX64 Then _WinAPI_Wow64EnableWow64FsRedirection(False) Local $iPIDGPOCmd = Run($sGPOCmd, @SystemDir, @SW_HIDE, $STDERR_MERGED) ProcessWaitClose($iPIDGPOCmd) ;Turn on redirection for a 32-bit script on 64-bit system. If @OSArch = "X64" And Not @AutoItX64 Then _WinAPI_Wow64EnableWow64FsRedirection(True) Local $sGPOCmdOutput = StringStripWS(StdoutRead($iPIDGPOCmd), 3) ;~ ConsoleWrite($sGPOCmdOutput & @CRLF & @CRLF) ;For testing. Local $iGPOCmdOutputSS = StringInStr($sGPOCmdOutput, @CRLF & @CRLF) If $iGPOCmdOutputSS = 0 Then Return SetError(1, 0, 0) Local $sGPOCmdOutputSS = StringMid($sGPOCmdOutput, 1, $iGPOCmdOutputSS) ;~ ConsoleWrite(@CRLF & @CRLF & $sGPOCmdOutputSS & @CRLF) ;For testing. Local $sRegEx = "([^:\r\n]*):.*" Local $aProperties = StringRegExp($sGPOCmdOutputSS, $sRegEx, 3) ;~ _ArrayDisplay($aProperties) If StringInStr($sGPOCmdOutput, "ArgumentException") Then Return SetError(1, 0, 0) ;Get data on multiple lines to a single line. $sGPOCmdOutput = StringRegExpReplace($sGPOCmdOutput, "(\r\n\h{2,})", "") Local $aGPOCmdOutput = StringSplit($sGPOCmdOutput, @CRLF & @CRLF, 1) ;~ _ArrayDisplay($aGPOCmdOutput) ;For testing. ;Convert from a list output to a 2D array. Local $aGPOCmdOutput2D[$aGPOCmdOutput[0]][UBound($aProperties)] Local $aTemp For $i = 1 To $aGPOCmdOutput[0] Step 1 $aTemp = StringSplit($aGPOCmdOutput[$i], @CRLF, 1) For $j = 1 To $aTemp[0] Step 1 For $k = 0 To UBound($aProperties) - 1 Step 1 If StringInStr($aTemp[$j], $aProperties[$k]) Then $aGPOCmdOutput2D[$i - 1][$k] = StringStripWS(StringReplace($aTemp[$j], $aProperties[$k] & ":", ""), 3) EndIf Next Next Next ;~ _ArrayDisplay($aGPOCmdOutput2D) ;For testing. For $i = 0 To UBound($aProperties) - 1 Step 1 $aProperties[$i] = StringStripWS($aProperties[$i], 3) Next _ArrayTranspose($aProperties) _ArrayConcatenate($aProperties, $aGPOCmdOutput2D) Return $aProperties EndFunc ;==>_AD_GetAllGPOsPS Func _AD_GetGPOByNamePS($sGPOName) ;An array of information on one Group Policy Object (GPO) in a domain by Display Name. Local $sGPOCmd = 'powershell "Import-Module GroupPolicy; Get-GPO -Name ''' & $sGPOName & '''"' ConsoleWrite($sGPOCmd & @CRLF) ;Turn off redirection for a 32-bit script on 64-bit system. If @OSArch = "X64" And Not @AutoItX64 Then _WinAPI_Wow64EnableWow64FsRedirection(False) Local $iPIDGPOCmd = Run($sGPOCmd, @SystemDir, @SW_HIDE, $STDERR_MERGED) ProcessWaitClose($iPIDGPOCmd) ;Turn on redirection for a 32-bit script on 64-bit system. If @OSArch = "X64" And Not @AutoItX64 Then _WinAPI_Wow64EnableWow64FsRedirection(True) Local $sGPOCmdOutput = StringStripWS(StdoutRead($iPIDGPOCmd), 3) ;~ ConsoleWrite($sGPOCmdOutput & @CRLF & @CRLF) ;For testing. ;Add end of line characters for single return group to be processed. $sGPOCmdOutput = $sGPOCmdOutput & @CRLF & @CRLF Local $iGPOCmdOutputSS = StringInStr($sGPOCmdOutput, @CRLF & @CRLF) If $iGPOCmdOutputSS = 0 Then Return SetError(1, 0, 0) Local $sGPOCmdOutputSS = StringMid($sGPOCmdOutput, 1, $iGPOCmdOutputSS) ConsoleWrite(@CRLF & @CRLF & $sGPOCmdOutputSS & @CRLF) Local $sRegEx = "([^:\r\n]*):.*" Local $aProperties = StringRegExp($sGPOCmdOutputSS, $sRegEx, 3) ;~ _ArrayDisplay($aProperties) ;For testing. If StringInStr($sGPOCmdOutput, "ArgumentException") Then Return SetError(1, 0, 0) ;Get data on multiple lines to a single line. $sGPOCmdOutput = StringRegExpReplace($sGPOCmdOutput, "(\r\n\h{2,})", "") ;Remove last @CRLF to prevent blank row in return array. $sGPOCmdOutput = StringTrimRight($sGPOCmdOutput, 2) Local $aGPOCmdOutput = StringSplit($sGPOCmdOutput, @CRLF & @CRLF, 1) ;~ _ArrayDisplay($aGPOCmdOutput) ;For testing. ;Convert from a list output to a 2D array. Local $aGPOCmdOutput2D[$aGPOCmdOutput[0]][UBound($aProperties)] ;~ _ArrayDisplay($aGPOCmdOutput2D) ;For testing. Local $aTemp For $i = 1 To $aGPOCmdOutput[0] Step 1 $aTemp = StringSplit($aGPOCmdOutput[$i], @CRLF, 1) For $j = 1 To $aTemp[0] Step 1 For $k = 0 To UBound($aProperties) - 1 Step 1 If StringInStr($aTemp[$j], $aProperties[$k]) Then $aGPOCmdOutput2D[$i - 1][$k] = StringStripWS(StringReplace($aTemp[$j], $aProperties[$k] & ":", ""), 3) EndIf Next Next Next ;~ _ArrayDisplay($aGPOCmdOutput2D) ;For testing. For $i = 0 To UBound($aProperties) - 1 Step 1 $aProperties[$i] = StringStripWS($aProperties[$i], 3) Next _ArrayTranspose($aProperties) _ArrayConcatenate($aProperties, $aGPOCmdOutput2D) Return $aProperties EndFunc ;==>_AD_GetGPOByNamePS Func _AD_GetGPOByGuidPS($sGPOGuid) ;An array of information on one Group Policy Object (GPO) in a domain by GUID. Local $sGPOCmd = 'powershell "Import-Module GroupPolicy; Get-GPO -Guid ''' & $sGPOGuid & '''"' ConsoleWrite($sGPOCmd & @CRLF) ;Turn off redirection for a 32-bit script on 64-bit system. If @OSArch = "X64" And Not @AutoItX64 Then _WinAPI_Wow64EnableWow64FsRedirection(False) Local $iPIDGPOCmd = Run($sGPOCmd, @SystemDir, @SW_HIDE, $STDERR_MERGED) ProcessWaitClose($iPIDGPOCmd) ;Turn on redirection for a 32-bit script on 64-bit system. If @OSArch = "X64" And Not @AutoItX64 Then _WinAPI_Wow64EnableWow64FsRedirection(True) Local $sGPOCmdOutput = StringStripWS(StdoutRead($iPIDGPOCmd), 3) ;~ ConsoleWrite($sGPOCmdOutput & @CRLF & @CRLF) ;For testing. ;Add end of line characters for single return group to be processed. $sGPOCmdOutput = $sGPOCmdOutput & @CRLF & @CRLF Local $iGPOCmdOutputSS = StringInStr($sGPOCmdOutput, @CRLF & @CRLF) If $iGPOCmdOutputSS = 0 Then Return SetError(1, 0, 0) Local $sGPOCmdOutputSS = StringMid($sGPOCmdOutput, 1, $iGPOCmdOutputSS) ;~ ConsoleWrite(@CRLF & @CRLF & $sGPOCmdOutputSS & @CRLF) ;For testing. Local $sRegEx = "([^:\r\n]*):.*" Local $aProperties = StringRegExp($sGPOCmdOutputSS, $sRegEx, 3) ;~ _ArrayDisplay($aProperties) ;For testing. If StringInStr($sGPOCmdOutput, "ArgumentException") Then Return SetError(1, 0, 0) ;Get data on multiple lines to a single line. $sGPOCmdOutput = StringRegExpReplace($sGPOCmdOutput, "(\r\n\h{2,})", "") ;Remove last @CRLF to prevent blank row in return array. $sGPOCmdOutput = StringTrimRight($sGPOCmdOutput, 2) Local $aGPOCmdOutput = StringSplit($sGPOCmdOutput, @CRLF & @CRLF, 1) ;~ _ArrayDisplay($aGPOCmdOutput) ;For testing. ;Convert from a list output to a 2D array. Local $aGPOCmdOutput2D[$aGPOCmdOutput[0]][UBound($aProperties)] ;~ _ArrayDisplay($aGPOCmdOutput2D) Local $aTemp For $i = 1 To $aGPOCmdOutput[0] Step 1 $aTemp = StringSplit($aGPOCmdOutput[$i], @CRLF, 1) For $j = 1 To $aTemp[0] Step 1 For $k = 0 To UBound($aProperties) - 1 Step 1 If StringInStr($aTemp[$j], $aProperties[$k]) Then $aGPOCmdOutput2D[$i - 1][$k] = StringStripWS(StringReplace($aTemp[$j], $aProperties[$k] & ":", ""), 3) EndIf Next Next Next ;~ _ArrayDisplay($aGPOCmdOutput2D) ;For testing. For $i = 0 To UBound($aProperties) - 1 Step 1 $aProperties[$i] = StringStripWS($aProperties[$i], 3) Next _ArrayTranspose($aProperties) _ArrayConcatenate($aProperties, $aGPOCmdOutput2D) Return $aProperties EndFunc ;==>_AD_GetGPOByGuidPS Func _AD_GetGPOReportByNamePS($sGPOName, $sReportFullPath, $sReportType = "HTML") ;Generates a report either in XML or HTML format for a specified GPO by name in a domain. Switch $sReportType Case "HTML", "XML" Case Else Return SetError(1, 0, False) EndSwitch Local $sPath = StringRegExpReplace($sReportFullPath, "(^.*\\)(.*)", "$1") ;~ ConsoleWrite($sPath & @CRLF) ;For testing. ;~ If Not FileExists($sPath) Then Return SetError(2, 0, False) Local $sGPOCmd = 'powershell "Get-GPOReport -Name ''' & $sGPOName & ''' -ReportType ' & $sReportType & ' -Path ''' & $sReportFullPath & '''"' ConsoleWrite($sGPOCmd & @CRLF) ;Turn off redirection for a 32-bit script on 64-bit system. If @OSArch = "X64" And Not @AutoItX64 Then _WinAPI_Wow64EnableWow64FsRedirection(False) Local $iPIDGPOCmd = Run($sGPOCmd, @SystemDir, @SW_HIDE, $STDERR_MERGED) ProcessWaitClose($iPIDGPOCmd) ;Turn on redirection for a 32-bit script on 64-bit system. If @OSArch = "X64" And Not @AutoItX64 Then _WinAPI_Wow64EnableWow64FsRedirection(True) Local $sGPOCmdOutput = StringStripWS(StdoutRead($iPIDGPOCmd), 3) ;~ ConsoleWrite($sGPOCmdOutput & @CRLF & @CRLF) ;For testing. If $sGPOCmdOutput <> "" Then SetError(3, 0, False) Return True EndFunc ;==>_AD_GetGPOReportByNamePS Func _AD_GetGPOReportByGuidPS($sGPOGuid, $sReportFullPath, $sReportType = "HTML") ;Generates a report either in XML or HTML format for a specified GPO by GUID in a domain. Switch $sReportType Case "HTML", "XML" Case Else Return SetError(1, 0, False) EndSwitch Local $sPath = StringRegExpReplace($sReportFullPath, "(^.*\\)(.*)", "$1") ;~ ConsoleWrite($sPath & @CRLF) ;For testing. ;~ If Not FileExists($sPath) Then Return SetError(2, 0, False) Local $sGPOCmd = 'powershell "Get-GPOReport -GUID ''' & $sGPOGuid & ''' -ReportType ' & $sReportType & ' -Path ''' & $sReportFullPath & '''"' ConsoleWrite($sGPOCmd & @CRLF) ;Turn off redirection for a 32-bit script on 64-bit system. If @OSArch = "X64" And Not @AutoItX64 Then _WinAPI_Wow64EnableWow64FsRedirection(False) Local $iPIDGPOCmd = Run($sGPOCmd, @SystemDir, @SW_HIDE, $STDERR_MERGED) ProcessWaitClose($iPIDGPOCmd) ;Turn on redirection for a 32-bit script on 64-bit system. If @OSArch = "X64" And Not @AutoItX64 Then _WinAPI_Wow64EnableWow64FsRedirection(True) Local $sGPOCmdOutput = StringStripWS(StdoutRead($iPIDGPOCmd), 3) ;~ ConsoleWrite($sGPOCmdOutput & @CRLF & @CRLF) ;For testing. If $sGPOCmdOutput <> "" Then SetError(3, 0, False) Return True EndFunc ;==>_AD_GetGPOReportByGuidPS  
      Adam
       
    • By Chimp
      Is there an AD way to search if and where (the hostname) an userid is (or on what host was last time) logged?
      Thanks
    • By antmar904
      I'm trying to read all cells used in column "C" in excel to an array but not sure how.
       
      Local $NameArray = _Excel_RangeRead($oWorkbook, $oWorkbook.Activesheet, $oWorkbook.Range["C"].End)  
    • By Blois
      Hey Guys,
      Good?
      I'm ned help to consult in other domain. My three domain contains any domains.
      How do I get this query done?
       
      Tks for the Help!
       
×
×
  • Create New...