Sign in to follow this  
Followers 0

Active Directory UDF - Help & Support

782 posts in this topic

#1 ·  Posted (edited)

This is the "General Help and Support" thread for the Active Directory UDF.

The UDF itself can be downloaded here.

So if you have any questions, suggestions or errors please post here.

Edited by water

My UDFs and Tutorials:

UDFs:
Active Directory (2014-07-21 - Version 1.4.1.1) - Download - General Help & Support - Example Scripts - Wiki
OutlookEX (2014-07-27 - Version 1.0.0.0) - Download - General Help & Support - Example Scripts - Wiki
ExcelChart (NEW 2015-04-01 - Version 0.4.0.0) - Download - General Help & Support - Example Scripts
Excel - Example Scripts - Wiki
Word - Wiki
Tutorials:
ADO - Wiki

Share this post


Link to post
Share on other sites



#2 ·  Posted (edited)

Version 0.34 has been released.

For download please see signature.

Edited by water

My UDFs and Tutorials:

UDFs:
Active Directory (2014-07-21 - Version 1.4.1.1) - Download - General Help & Support - Example Scripts - Wiki
OutlookEX (2014-07-27 - Version 1.0.0.0) - Download - General Help & Support - Example Scripts - Wiki
ExcelChart (NEW 2015-04-01 - Version 0.4.0.0) - Download - General Help & Support - Example Scripts
Excel - Example Scripts - Wiki
Word - Wiki
Tutorials:
ADO - Wiki

Share this post


Link to post
Share on other sites

#3 ·  Posted

Hi Water,

currently I am investigating the error;

in an other sample script it works pretty well... :D

Thank you for the the enhanced version of _AD_GetObjectProperties();

it should be part of the next upcoming release... :huggles:

When I see more clearly I will inform you...

Greets,

-supersonic.

Share this post


Link to post
Share on other sites

#4 ·  Posted

it should be part of the next upcoming release...

It will be part of version 0.35 :D

For now you can replace the function I attached in the AD UDF.


My UDFs and Tutorials:

UDFs:
Active Directory (2014-07-21 - Version 1.4.1.1) - Download - General Help & Support - Example Scripts - Wiki
OutlookEX (2014-07-27 - Version 1.0.0.0) - Download - General Help & Support - Example Scripts - Wiki
ExcelChart (NEW 2015-04-01 - Version 0.4.0.0) - Download - General Help & Support - Example Scripts
Excel - Example Scripts - Wiki
Word - Wiki
Tutorials:
ADO - Wiki

Share this post


Link to post
Share on other sites

#5 ·  Posted

Hi Water,

I can't believe it:

It's not a problem of any functions within AD.au3... it's a problem of GUICtrlCreateListViewItem()!!!

When adding 15+ items to a ListView with GUICtrlCreateListViewItem() the script stops somewhere.

Greets,

-supersonic.

Share this post


Link to post
Share on other sites

#6 ·  Posted (edited)

Hi supersonic,

to add a lot of items to a ListView you could:

_GUICtrlListView_BeginUpdate()
_GUICtrlListView_AddArray()
_GUICtrlListView_EndUpdate()
Edited by water

My UDFs and Tutorials:

UDFs:
Active Directory (2014-07-21 - Version 1.4.1.1) - Download - General Help & Support - Example Scripts - Wiki
OutlookEX (2014-07-27 - Version 1.0.0.0) - Download - General Help & Support - Example Scripts - Wiki
ExcelChart (NEW 2015-04-01 - Version 0.4.0.0) - Download - General Help & Support - Example Scripts
Excel - Example Scripts - Wiki
Word - Wiki
Tutorials:
ADO - Wiki

Share this post


Link to post
Share on other sites

#7 ·  Posted (edited)

Is there a way to use $GUI_BKCOLOR_LV_ALTERNATE with _GUICtrlListView_AddArray()???

--- I startet a new thread: http://www.autoitscript.com/forum/index.php?showtopic=109326

Edited by supersonic

Share this post


Link to post
Share on other sites

#8 ·  Posted (edited)

Version 0.35 has been released. Contains some script breaking changes so I wanted to release it rather quick.

For download please see signature.

Edited by water

My UDFs and Tutorials:

UDFs:
Active Directory (2014-07-21 - Version 1.4.1.1) - Download - General Help & Support - Example Scripts - Wiki
OutlookEX (2014-07-27 - Version 1.0.0.0) - Download - General Help & Support - Example Scripts - Wiki
ExcelChart (NEW 2015-04-01 - Version 0.4.0.0) - Download - General Help & Support - Example Scripts
Excel - Example Scripts - Wiki
Word - Wiki
Tutorials:
ADO - Wiki

Share this post


Link to post
Share on other sites

#9 ·  Posted (edited)

Hi Water,

I have some problems using _AD_IsMemberOf().

In our script some actions will only happen when an user is member of a dedicated group.

Therefore _AD_IsMemberOf() works fine. But some actions apply to all users of the domain

so I use "Domain Users" (= "Domänen-Benutzer") to check for. This is also the primary domain

group for all users.

When I change the primary domain group then _AD_IsMemberOf() works well with "Domain Users",

e. g. _AD_IsMemberOf("Domänen-Benutzer", @Username). When I re-set "Domain Users" as primary

domain group _AD_IsMemberOf() return 0.

Some days ago I described the same behaviour using the function _AD_GetUserGroups().

It is possible - and does it make sense to you (I hope so :huggles: ) - to enhance these

functions also to take notice of the primary domain group the user belongs to?

Sure, I could use _AD_GetUserPrimaryGroup() as a work around. But often this isn't

very practical...

Maybe you can help me out... :D

Greets,

-supersonic.

As the function _AD_GetUserGroups has a flag to include the Primary Group in the result I think a similar flag for _AD_IsMemberOf makes sense.

What do you think?

Edited by water

My UDFs and Tutorials:

UDFs:
Active Directory (2014-07-21 - Version 1.4.1.1) - Download - General Help & Support - Example Scripts - Wiki
OutlookEX (2014-07-27 - Version 1.0.0.0) - Download - General Help & Support - Example Scripts - Wiki
ExcelChart (NEW 2015-04-01 - Version 0.4.0.0) - Download - General Help & Support - Example Scripts
Excel - Example Scripts - Wiki
Word - Wiki
Tutorials:
ADO - Wiki

Share this post


Link to post
Share on other sites

#10 ·  Posted

This would be fine... :D

Share this post


Link to post
Share on other sites

#11 ·  Posted

Is it possible to add such flag to _AD_GetGroupMembers() in order to list all members of primary domain groups?

Share this post


Link to post
Share on other sites

#12 ·  Posted (edited)

Could you replace the _AD_IsMemberOf function in the AD.au3 with this code:

; #FUNCTION# ====================================================================================================================
; Name...........: _AD_IsMemberOf
; Description ...: Returns 1 if the user is a member of the group.
; Syntax.........: _AD_IsMemberOf($sAD_Group[, $sAD_User = @Username[, $fAD_IncludePrimaryGroup = 0]])
; Parameters ....: $sAD_Group - Group to be checked for membership. Can be specified as sAMAccountName or Fully Qualified Domain Name (FQDN)
;   $sAD_User - Optional: User to be checked for membership in group $sAD_Group. Can be specified as sAMAccountName or Fully Qualified Domain Name (FQDN) (default = @UserName)
;   $fAD_IncludePrimaryGroup - Optional: check the primary group too if the user is no member of the specified group (default = 0)
; Return values .: Success - 1, Specified user is a member of the specified group
;   Failure - 0, @error set
;   |0 - $sAD_User is not a member of $sAD_Group
;   |1 - $sAD_Group does not exist
;   |2 - $sAD_User does not exist
; Author ........: Jonathan Clelland
; Modified.......: Thomas Rupp
; Remarks .......:
; Related .......: _AD_GetUserGroups, _AD_GetUserPrimaryGroup, _AD_RecursiveGetMemberOf
; Link ..........:
; Example .......: Yes
; ===============================================================================================================================
Func _AD_IsMemberOf($sAD_Group, $sAD_User = @UserName, $fAD_IncludePrimaryGroup = False)

    If _AD_ObjectExists($sAD_Group) = 0 Then Return SetError(1, 0, 0)
    If _AD_ObjectExists($sAD_User) = 0 Then Return SetError(2, 0, 0)
    If StringMid($sAD_User, 3, 1) <> "=" Then $sAD_User = _AD_SamAccountNameToFQDN($sAD_User) ; sAMAccountName provided
    If StringMid($sAD_Group, 3, 1) <> "=" Then $sAD_Group = _AD_SamAccountNameToFQDN($sAD_Group) ; sAMAccountName provided
    Local $oAD_Group = _AD_ObjGet("LDAP://" & $sAD_HostServer & "/" & $sAD_Group)
    Local $iAD_Result = $oAD_Group.IsMember("LDAP://" & $sAD_HostServer & "/" & $sAD_User)
    ; Check Primary Group if user isn't a member of the specified group and the flag is set
    If $iAD_Result = 0 And $fAD_IncludePrimaryGroup Then $iAD_Result = (_AD_GetUserPrimaryGroup($sAD_User) = $sAD_Group)
    ; Abs is necessary to make it work for AutoIt versions < 3.3.2.0 with bug #1068
    Return Abs($iAD_Result)

EndFunc ;==>_AD_IsMemberOf

And then change your code to:

$IResult = _AD_IsMemberOf("your group", "your user", 1)

This should check the primary group when the user is no member of the specified group.

Edited by water

My UDFs and Tutorials:

UDFs:
Active Directory (2014-07-21 - Version 1.4.1.1) - Download - General Help & Support - Example Scripts - Wiki
OutlookEX (2014-07-27 - Version 1.0.0.0) - Download - General Help & Support - Example Scripts - Wiki
ExcelChart (NEW 2015-04-01 - Version 0.4.0.0) - Download - General Help & Support - Example Scripts
Excel - Example Scripts - Wiki
Word - Wiki
Tutorials:
ADO - Wiki

Share this post


Link to post
Share on other sites

#13 ·  Posted

Is it possible to add such flag to _AD_GetGroupMembers() in order to list all members of primary domain groups?

I don't think so.

I'm not aware of any query to get a list of all primary groups used in the domain. And if you query some of the groups you even get an empty list as with "Domain Users".

The only safe way (i know at the moment of) to query the primary domain groups is to query every user and generate a list yourself.


My UDFs and Tutorials:

UDFs:
Active Directory (2014-07-21 - Version 1.4.1.1) - Download - General Help & Support - Example Scripts - Wiki
OutlookEX (2014-07-27 - Version 1.0.0.0) - Download - General Help & Support - Example Scripts - Wiki
ExcelChart (NEW 2015-04-01 - Version 0.4.0.0) - Download - General Help & Support - Example Scripts
Excel - Example Scripts - Wiki
Word - Wiki
Tutorials:
ADO - Wiki

Share this post


Link to post
Share on other sites

#14 ·  Posted

A bit of searching the internet showed that the primary group "Domain Users" has the primaryGroupID 513.

So if you search for all other users you then can query the primary group of each of this users.

$aObjects = _AD_GetObjectsInOU("", "(&(objectCategory=person)(objectClass=user)(!primaryGroupID=513))", 2, "sAMAccountName,primaryGroupID")

Returns a list of all users (SAMAccountName and primaryGroupID) which don't have the default primary group "Domain Users".


My UDFs and Tutorials:

UDFs:
Active Directory (2014-07-21 - Version 1.4.1.1) - Download - General Help & Support - Example Scripts - Wiki
OutlookEX (2014-07-27 - Version 1.0.0.0) - Download - General Help & Support - Example Scripts - Wiki
ExcelChart (NEW 2015-04-01 - Version 0.4.0.0) - Download - General Help & Support - Example Scripts
Excel - Example Scripts - Wiki
Word - Wiki
Tutorials:
ADO - Wiki

Share this post


Link to post
Share on other sites

#15 ·  Posted (edited)

Thank you for the quick update... :D

You added:

If $iAD_Result = 0 And $fAD_IncludePrimaryGroup Then $iAD_Result = (_AD_GetUserPrimaryGroup($sAD_User) = $sAD_Group)

As described in the docs _AD_GetUserPrimaryGroup() returns the FQDN.

But $sAD_Group is (or will be converted to) a samAccountName...

It seems that a FDQN will be compared with an samAccountName!?

Am I wrong?

Greets,

-supersonic.

Edited by supersonic

Share this post


Link to post
Share on other sites

#16 ·  Posted

Am I wrong?

Yes :D

In _AD_IsMemberOf the two parameters have to be in FQDN format or - if specified in SAMAccountName format - are converted to FQDN. So the specified line compares FQDN with FQDN.

I've tested it in my environemnt and it works just fine.


My UDFs and Tutorials:

UDFs:
Active Directory (2014-07-21 - Version 1.4.1.1) - Download - General Help & Support - Example Scripts - Wiki
OutlookEX (2014-07-27 - Version 1.0.0.0) - Download - General Help & Support - Example Scripts - Wiki
ExcelChart (NEW 2015-04-01 - Version 0.4.0.0) - Download - General Help & Support - Example Scripts
Excel - Example Scripts - Wiki
Word - Wiki
Tutorials:
ADO - Wiki

Share this post


Link to post
Share on other sites

#17 ·  Posted

Hi Water,

yes, I was wrong! :mellow:

Will be the modifications part of the next version?

Share this post


Link to post
Share on other sites

#18 ·  Posted

Will be the modifications part of the next version?

Yes.

If I find some spare time I might release the new version this weekend.


My UDFs and Tutorials:

UDFs:
Active Directory (2014-07-21 - Version 1.4.1.1) - Download - General Help & Support - Example Scripts - Wiki
OutlookEX (2014-07-27 - Version 1.0.0.0) - Download - General Help & Support - Example Scripts - Wiki
ExcelChart (NEW 2015-04-01 - Version 0.4.0.0) - Download - General Help & Support - Example Scripts
Excel - Example Scripts - Wiki
Word - Wiki
Tutorials:
ADO - Wiki

Share this post


Link to post
Share on other sites

#19 ·  Posted

Version 0.36 has been released.

For download please see signature.


My UDFs and Tutorials:

UDFs:
Active Directory (2014-07-21 - Version 1.4.1.1) - Download - General Help & Support - Example Scripts - Wiki
OutlookEX (2014-07-27 - Version 1.0.0.0) - Download - General Help & Support - Example Scripts - Wiki
ExcelChart (NEW 2015-04-01 - Version 0.4.0.0) - Download - General Help & Support - Example Scripts
Excel - Example Scripts - Wiki
Word - Wiki
Tutorials:
ADO - Wiki

Share this post


Link to post
Share on other sites

#20 ·  Posted (edited)

Hello All,

does anyone has some issue with the function "_AD_IsObjectLocked()" because this function always return 0 for me?

Thx

Works fine for me on locked objects.

Did you try the example script for _AD_IsObjectLocked? It first gets a list of locked objects and then uses _AD_IsObjectLocked on the first found object.

Or run _AD_GetObjectsLocked.au3 to get a list of all locked objects and check if your object is included.

Did you test the @error returned by _AD_IsObjectLocked in your script?

; Return values .: Success - 1, Specified object is locked
;   Failure - 0, sets @error to:
;   |0 - $sAD_Object is not locked
;   |1 - $sAD_Object could not be found

If you check a computer remember to append a "$" to the samaccountname - see the remarks in the helpfile for _AD_IsObjectLocked.

Edited by water

My UDFs and Tutorials:

UDFs:
Active Directory (2014-07-21 - Version 1.4.1.1) - Download - General Help & Support - Example Scripts - Wiki
OutlookEX (2014-07-27 - Version 1.0.0.0) - Download - General Help & Support - Example Scripts - Wiki
ExcelChart (NEW 2015-04-01 - Version 0.4.0.0) - Download - General Help & Support - Example Scripts
Excel - Example Scripts - Wiki
Word - Wiki
Tutorials:
ADO - Wiki

Share this post


Link to post
Share on other sites
This topic is now closed to further replies.
Sign in to follow this  
Followers 0