Sign in to follow this  
Followers 0
water

Active Directory UDF - Help & Support

782 posts in this topic

CN=LastName, FirstName X - TestUser,OU=Setup,DC=Work,DC=net

i could just use the SAM and get the same results

Share this post


Link to post
Share on other sites



Hi water,

the functions _AD_ObjectExists() returns 0 although the ad group exists!

$oAD_RecordSet.RecordCount = 0.

Br,

UEZ


Please don't send me any personal message and ask for support! I will not reply!

Selection of finest graphical examples at Codepen.io

The own fart smells best!
Her 'sikim hıyar' diyene bir avuç tuz alıp koşma!
¯\_(ツ)_/¯

Share this post


Link to post
Share on other sites

Forget it. The mistake is in the Group name (pre-Windows 2000)“ name which is different!

Br,

UEZ


Please don't send me any personal message and ask for support! I will not reply!

Selection of finest graphical examples at Codepen.io

The own fart smells best!
Her 'sikim hıyar' diyene bir avuç tuz alıp koşma!
¯\_(ツ)_/¯

Share this post


Link to post
Share on other sites

Hi UEZ,

is there anything I could add to the UDF to handle such a case? Return an error code or something?


My UDFs and Tutorials:

Spoiler

UDFs:
Active Directory (NEW 2016-06-02 - Version 1.4.5.0) - Download - General Help & Support - Example Scripts - Wiki
OutlookEX (NEW 2016-05-09 - Version 1.2.0.0) - Download - General Help & Support - Example Scripts - Wiki
ExcelChart (2015-04-01 - Version 0.4.0.0) - Download - General Help & Support - Example Scripts
Excel - Example Scripts - Wiki
Word - Wiki
Tutorials:
ADO - Wiki

Share this post


Link to post
Share on other sites

Water,

I have a script that checks the users AD group membership, and based on that membership they receive a GUI that removes or adds extra options. The script appears to operate fine, and when I log in as a domain admin account I receive no errors. If I log in with any other user that has a different group membership, I receive 3 AD error messages before the GUI opens.

I am running the latest AutoIT 3.3.8.1 with AD UDF 1.2.0. I have even tried downloading the 1.2.0 udf again. I have also tried the latest beta 3.3.9.4 and used your latest udf 1.2.1, but that also doesn't make a difference. In fact I actually get 5 error windows appear instead of 3.

Here is my script:

_AD_Open()
If _AD_IsMemberOf("Domain Admins", @UserName, 1) Then
_MainAdmin()
Else
_MainUser()
EndIf
_AD_Close()

Here are screenshots of the error messages I receive in order below:

post-54196-0-85667900-1335532322_thumb.j

post-54196-0-44991000-1335532337_thumb.j

post-54196-0-39899000-1335532357_thumb.j

Thanks for any help you can provide me with.

Jeff

Share this post


Link to post
Share on other sites

#486 ·  Posted (edited)

Hi UEZ,

is there anything I could add to the UDF to handle such a case? Return an error code or something?

Yes please because the problem was hard to find! If there is a change to compare the name entered in "Group name (pre-Windows 2000)" and the display name?

Because when I used the string entered in Group name (pre-Windows 2000) it worked - the displayed name which is different doesn't work.

Maybe you can modify the function _AD_ObjectExists()

Thanks,

UEZ

Edited by UEZ

Please don't send me any personal message and ask for support! I will not reply!

Selection of finest graphical examples at Codepen.io

The own fart smells best!
Her 'sikim hıyar' diyene bir avuç tuz alıp koşma!
¯\_(ツ)_/¯

Share this post


Link to post
Share on other sites

Can you run the script from SciTe so we can see the line numbers?


My UDFs and Tutorials:

Spoiler

UDFs:
Active Directory (NEW 2016-06-02 - Version 1.4.5.0) - Download - General Help & Support - Example Scripts - Wiki
OutlookEX (NEW 2016-05-09 - Version 1.2.0.0) - Download - General Help & Support - Example Scripts - Wiki
ExcelChart (2015-04-01 - Version 0.4.0.0) - Download - General Help & Support - Example Scripts
Excel - Example Scripts - Wiki
Word - Wiki
Tutorials:
ADO - Wiki

Share this post


Link to post
Share on other sites

I'm sorry. I ran it Scite as a different user and not issues. I compiled it, and not issues! Sorry I feel a bit of a time waster. Thanks for getting back to me.

Share this post


Link to post
Share on other sites

Maybe the problem is caused by user dependant data. The first error message you got is usually caused by an invalid FQDN passed as LDAP query.


My UDFs and Tutorials:

Spoiler

UDFs:
Active Directory (NEW 2016-06-02 - Version 1.4.5.0) - Download - General Help & Support - Example Scripts - Wiki
OutlookEX (NEW 2016-05-09 - Version 1.2.0.0) - Download - General Help & Support - Example Scripts - Wiki
ExcelChart (2015-04-01 - Version 0.4.0.0) - Download - General Help & Support - Example Scripts
Excel - Example Scripts - Wiki
Word - Wiki
Tutorials:
ADO - Wiki

Share this post


Link to post
Share on other sites

Yes please because the problem was hard to find! If there is a change to compare the name entered in "Group name (pre-Windows 2000)" and the display name?

Because when I used the string entered in Group name (pre-Windows 2000) it worked - the displayed name which is different doesn't work.

Maybe you can modify the function _AD_ObjectExists()

Thanks,

UEZ

Hi UEZ,

most of the functions in the AD UDF accept either SamAccountname or a Fully Qualified Domain Name (FQDN). If the function finds a "=" at position 3 it assumes a FQDN, else a SamAccountName. If you specify the DisplayName it is interpreted as SamAccountName. If the DisplayName does not equal the SamAccountName then you get a "not forund" error.

You will have to check the displayname - SamAccountName yourself because passing the DisplayName is not supported and the functions can't distinguish between DisplayName and SamAccountName.


My UDFs and Tutorials:

Spoiler

UDFs:
Active Directory (NEW 2016-06-02 - Version 1.4.5.0) - Download - General Help & Support - Example Scripts - Wiki
OutlookEX (NEW 2016-05-09 - Version 1.2.0.0) - Download - General Help & Support - Example Scripts - Wiki
ExcelChart (2015-04-01 - Version 0.4.0.0) - Download - General Help & Support - Example Scripts
Excel - Example Scripts - Wiki
Word - Wiki
Tutorials:
ADO - Wiki

Share this post


Link to post
Share on other sites

is the format for path correct for the target OU ?

$sTargetOU = "OU=Users,OU=Blah,DC=Work,DC=net"

$sObject = "TESTUSER"

Global $iValue = _AD_MoveObject($sTargetOU, $sObject)

Share this post


Link to post
Share on other sites

Doesn't look bad. The first example was with an escaped comma in the name (FQDN) but now you have a SamAccountName. What's the Fully Qualified Domain name (FQDN) for "TESTUSER" - is there a special character in it too?


My UDFs and Tutorials:

Spoiler

UDFs:
Active Directory (NEW 2016-06-02 - Version 1.4.5.0) - Download - General Help & Support - Example Scripts - Wiki
OutlookEX (NEW 2016-05-09 - Version 1.2.0.0) - Download - General Help & Support - Example Scripts - Wiki
ExcelChart (2015-04-01 - Version 0.4.0.0) - Download - General Help & Support - Example Scripts
Excel - Example Scripts - Wiki
Word - Wiki
Tutorials:
ADO - Wiki

Share this post


Link to post
Share on other sites

I searched google and checked the code: Maybe there is a problem with the cn - common name - property.

Can you please post the result of

#include <AD.au3>
$aResult = _AD_GetObjectAttribute("TESTUSER", "cn")
ConsoleWrite($aResult & @CRLF)

My UDFs and Tutorials:

Spoiler

UDFs:
Active Directory (NEW 2016-06-02 - Version 1.4.5.0) - Download - General Help & Support - Example Scripts - Wiki
OutlookEX (NEW 2016-05-09 - Version 1.2.0.0) - Download - General Help & Support - Example Scripts - Wiki
ExcelChart (2015-04-01 - Version 0.4.0.0) - Download - General Help & Support - Example Scripts
Excel - Example Scripts - Wiki
Word - Wiki
Tutorials:
ADO - Wiki

Share this post


Link to post
Share on other sites

i will do it Monday. i believe he result will be "CN=LastName, FirstName X - TestUser,OU=Setup,DC=Work,DC=net"

the CN and SAM get combined like that on some users.

Share this post


Link to post
Share on other sites

I solved my problem using RunWait(@COMSPEC & $moveString)

i knew i could move the object at the command line so tried this a nd it works fine.

_AD_Open()

$sTargetOU = "OU=Users,OU=Blah,DC=Work,DC=net"

$sObject = _AD_SamAccountNameToFQDN("TESTUSER")

_AD_Close()

$moveString =" /c dsmove """ & $sObject & """ -newparent " & $sTargetOU RunWait(@COMSPEC & $moveString)

-or something like that

it too bad the MoveObject function would not work for me. all the other functions worked great.

any way thats for trying to help

Share this post


Link to post
Share on other sites

_AD_MoveObject has worked fine for many users. I think the problem is caused by the escaped comma.

Can you please post the result of _AD_SamAccountNameToFQDN("TESTUSER")?

So I can check the function and - hopefully - remove the bug?


My UDFs and Tutorials:

Spoiler

UDFs:
Active Directory (NEW 2016-06-02 - Version 1.4.5.0) - Download - General Help & Support - Example Scripts - Wiki
OutlookEX (NEW 2016-05-09 - Version 1.2.0.0) - Download - General Help & Support - Example Scripts - Wiki
ExcelChart (2015-04-01 - Version 0.4.0.0) - Download - General Help & Support - Example Scripts
Excel - Example Scripts - Wiki
Word - Wiki
Tutorials:
ADO - Wiki

Share this post


Link to post
Share on other sites

#497 ·  Posted

here ya go

CN=Last, First X - TESTUSER,OU=Blah,DC=Work,DC=net

moving user to

OU=Users,OU=Office,DC=Work,DC=net

Share this post


Link to post
Share on other sites

#498 ·  Posted

Thanks for the info.

I'm going to test as soon as I'm in my office again.


My UDFs and Tutorials:

Spoiler

UDFs:
Active Directory (NEW 2016-06-02 - Version 1.4.5.0) - Download - General Help & Support - Example Scripts - Wiki
OutlookEX (NEW 2016-05-09 - Version 1.2.0.0) - Download - General Help & Support - Example Scripts - Wiki
ExcelChart (2015-04-01 - Version 0.4.0.0) - Download - General Help & Support - Example Scripts
Excel - Example Scripts - Wiki
Word - Wiki
Tutorials:
ADO - Wiki

Share this post


Link to post
Share on other sites

#499 ·  Posted

is it just me or is _AD_SetAccountExpire off by one day?

if i set a user to expire on 7/31/2012 , when i check the user in ADUC his expiration date is 7/30/2012.

i can just add a day the the date before i send it to the function i guess.

weird

Share this post


Link to post
Share on other sites

#500 ·  Posted

You can find an explanation what's going on here.


My UDFs and Tutorials:

Spoiler

UDFs:
Active Directory (NEW 2016-06-02 - Version 1.4.5.0) - Download - General Help & Support - Example Scripts - Wiki
OutlookEX (NEW 2016-05-09 - Version 1.2.0.0) - Download - General Help & Support - Example Scripts - Wiki
ExcelChart (2015-04-01 - Version 0.4.0.0) - Download - General Help & Support - Example Scripts
Excel - Example Scripts - Wiki
Word - Wiki
Tutorials:
ADO - Wiki

Share this post


Link to post
Share on other sites
Guest
This topic is now closed to further replies.
Sign in to follow this  
Followers 0