Jump to content

LDAP vbs to au3


Recommended Posts

Hi,

I have a vbs script which when run will ask for username and password, and will then check that against a server, if it is correct and you are in the right group specified it will do a few functions. i have tried using the vbs to au3 converter but it just doesn't like running afterwards.

if anyone is able to give me a hand converting it i would be eternally grateful. my aim is to have it as an au3 script, and then have the ability to minimise it to the tray so that it can be disconnected later. the vbs code works exactly as i want, so it really just is a case of converting it.

i've attached the code below, if anyone could help, thank you :mellow:

sDNS="dc=mydomain,dc=com"
sDomain = "MYDOMAIN"
sDC="SERVER01"

strUserNameMessage = "Please enter your username"
strPasswordMessage = "Please enter your password"
strTitle = "Domain Connect"

sUser = InputBox(strUserNameMessage,strTitle,"",1600,1600)
sPassword = InputBox(strPasswordMessage,strTitle,"",1600,1600)
sGroup1= "Group1"
sGroup2= "Group2"


const ADS_SECURE_AUTHENTICATION = 1
const ADS_SERVER_BIND= 512


'find the distinguished name of this user
'will return N/A for either no user or wrong password
sDN=getdn(sUser,sPassword,sDomain)
if sDN="N/A" then
  wscript.echo "Can't find user"
  wscript.quit
end if


'username and password are valid; is the user in the group
'bind to user object
set oLDAP=getobject("LDAP:")
set oUser=oLDAP.opendsobject("LDAP://"  & sDC & "/" & sDN,sDomain & "\" & sUser,sPassword,  ADS_SECURE_AUTHENTICATION + ADS_SERVER_BIND)
'assume user is not in group
bInGroup=false
for each oGroup in oUser.groups
  'check for each group - make lcase just to avoid problems with case
  if lcase(oGroup.samaccountname)=lcase(sGroup1) or lcase(oGroup.samaccountname)=lcase(sGroup2) then
    bInGroup=True
    exit for
  end if
next

'process appropriately for in/out of group
if bInGroup then
  wscript.echo "In group, mapping drives"
else
  wscript.echo "Not in group " & sGroup
  wscript.quit
end if



function getDN(sNTName,sPassword,sDomain)
  'kludgy but saves unwanted errors
'  on error resume next
  sResult="N/A"
  sBase="<LDAP://" &  sDC & "/" & sDNS & ">"
  'set up connection to Active Direcotry
  set oCommand=createobject("adodb.command")
  sAttributes = "distinguishedName"
  Set oConn = CreateObject("ADODB.Connection")
  oConn.Provider = "ADsDSOObject"
  oConn.Properties("User ID") =  sDomain & "\" & sUser
  oConn.Properties("Password") = sPassword
  oConn.Open
  oCommand.ActiveConnection = oConn
  set oRS=createobject("adodb.recordset")
  sFilter = "(samaccountname=" & sNTName & ")"
  'query built here has domain name; filter based on username; only attribute needed is distinguished name and subtree means search whole directory
  sQuery = sBase & ";" & sFilter & ";" & sAttributes & ";subtree"
  oCommand.CommandText = sQuery
 Set oRS = oCommand.Execute
  'will be EOF if not found
  if ors.eof then
        sresult="N/A"
    else
        sResult=ors("distinguishedname")
    end if
    ors.close
  'return either N/A for not found or error (eg bad password) and distinguished name otherwise
    getDN=sResult
  on error goto 0
end function

thanks

Mike

Link to comment
Share on other sites

There is a UDF available for Active Directory (for download please see my signature). It has a lot of functions that help you cope with AD.

In your case you need _AD_SamAccountNameToFQDN, _AD_IsMemberOf

My UDFs and Tutorials:

Spoiler

UDFs:
Active Directory (NEW 2022-02-19 - Version 1.6.1.0) - Download - General Help & Support - Example Scripts - Wiki
ExcelChart (2017-07-21 - Version 0.4.0.1) - Download - General Help & Support - Example Scripts
OutlookEX (2021-11-16 - Version 1.7.0.0) - Download - General Help & Support - Example Scripts - Wiki
OutlookEX_GUI (2021-04-13 - Version 1.4.0.0) - Download
Outlook Tools (2019-07-22 - Version 0.6.0.0) - Download - General Help & Support - Wiki
PowerPoint (2021-08-31 - Version 1.5.0.0) - Download - General Help & Support - Example Scripts - Wiki
Task Scheduler (NEW 2022-07-28 - Version 1.6.0.1) - Download - General Help & Support - Wiki

Standard UDFs:
Excel - Example Scripts - Wiki
Word - Wiki

Tutorials:
ADO - Wiki
WebDriver - Wiki

 

Link to comment
Share on other sites

the other thing i forgot to mention is this is run on a machine not joined to the domain, but joined to a workgroup connected to a domain network via wireless. so its the whole making it work with authentication bit.

thanks water, i'll have a read through, see if i can make some sense of it. it's been a while since i tried au3 stuff :mellow:

Link to comment
Share on other sites

the other thing i forgot to mention is this is run on a machine not joined to the domain, but joined to a workgroup connected to a domain network via wireless. so its the whole making it work with authentication bit.

thanks water, i'll have a read through, see if i can make some sense of it. it's been a while since i tried au3 stuff :mellow:

If you supply the necessary information to _AD_Open you can connect to a domain from a workgroup as well.

My UDFs and Tutorials:

Spoiler

UDFs:
Active Directory (NEW 2022-02-19 - Version 1.6.1.0) - Download - General Help & Support - Example Scripts - Wiki
ExcelChart (2017-07-21 - Version 0.4.0.1) - Download - General Help & Support - Example Scripts
OutlookEX (2021-11-16 - Version 1.7.0.0) - Download - General Help & Support - Example Scripts - Wiki
OutlookEX_GUI (2021-04-13 - Version 1.4.0.0) - Download
Outlook Tools (2019-07-22 - Version 0.6.0.0) - Download - General Help & Support - Wiki
PowerPoint (2021-08-31 - Version 1.5.0.0) - Download - General Help & Support - Example Scripts - Wiki
Task Scheduler (NEW 2022-07-28 - Version 1.6.0.1) - Download - General Help & Support - Wiki

Standard UDFs:
Excel - Example Scripts - Wiki
Word - Wiki

Tutorials:
ADO - Wiki
WebDriver - Wiki

 

Link to comment
Share on other sites

OK I've had a quick look at the functions, but it's been about 3 years since I last tried doing AutoIT :mellow:

How wrong is the code below? Sorry if it seems stupidly simple.

Func Connect()
Global $sAD_DNSDomainParam = "dc=mydomain,dc=com"
Global $sAD_HostServerParam = "server01.mydomain.dom"
Global $sAD_ConfigurationParam = "cn=Configuration,dc=mydomain,dc=com"
Global $sAD_Group1 = "group2"
Global $sAD_Group2 = "group1"
Global $sAD_UserIdParam = $suser
Global $sAD_PasswordParam = $spassword
_AD_Open($sAD_UserIdParam, $sAD_PasswordParam, $sAD_DNSDomainParam, $sAD_HostServerParam, $sAD_ConfigurationParam)

;;convert sam name into fqdn using username in gui
$sDN = _AD_SamAccountNameToFQDN($sAD_UserIdParam)
if $sDN = 0 Then
    MsgBox(0,"Error","No such user")
    Exit
EndIf
;;convert to fqdn end

;;check user is member of groups
$ismember = _AD_IsMemberOf($sAD_Group1 or $sAD_Group2, $sDN)
If $ismember = 1 then 
    MsgBox(0,"Success","Mapping drives")
Else
    MsgBox(0,"Failure","Not in groups")
EndIf
;;close ad connection
_AD_Close()
;;close ad connection end
EndFunc
Link to comment
Share on other sites

Only some minor changes:

Func Connect()
Global $sAD_DNSDomainParam = "dc=mydomain,dc=com"
Global $sAD_HostServerParam = "server01.mydomain.dom"
Global $sAD_ConfigurationParam = "cn=Configuration,dc=mydomain,dc=com"
Global $sAD_Group1 = "group2"
Global $sAD_Group2 = "group1"
Global $sAD_UserIdParam = $suser
Global $sAD_PasswordParam = $spassword
_AD_Open($sAD_UserIdParam, $sAD_PasswordParam, $sAD_DNSDomainParam, $sAD_HostServerParam, $sAD_ConfigurationParam)

;;convert sam name into fqdn using username in gui
$sDN = _AD_SamAccountNameToFQDN($sAD_UserIdParam)
if @error <> 0 Then
    MsgBox(0,"Error","No such user")
    Exit
EndIf
;;convert to fqdn end

;;check user is member of groups
$ismember = _AD_IsMemberOf($sAD_Group1, $sDN) + _AD_IsMemberOf($sAD_Group1, $sDN)
If $ismember > 0 then 
    MsgBox(0,"Success","Mapping drives")
Else
    MsgBox(0,"Failure","Not in groups")
EndIf
;;close ad connection
_AD_Close()
;;close ad connection end
EndFunc

I will soon release version 0.37 of the UDF. _AD_Open then sets @error if the connection was not successful.

Edited by water

My UDFs and Tutorials:

Spoiler

UDFs:
Active Directory (NEW 2022-02-19 - Version 1.6.1.0) - Download - General Help & Support - Example Scripts - Wiki
ExcelChart (2017-07-21 - Version 0.4.0.1) - Download - General Help & Support - Example Scripts
OutlookEX (2021-11-16 - Version 1.7.0.0) - Download - General Help & Support - Example Scripts - Wiki
OutlookEX_GUI (2021-04-13 - Version 1.4.0.0) - Download
Outlook Tools (2019-07-22 - Version 0.6.0.0) - Download - General Help & Support - Wiki
PowerPoint (2021-08-31 - Version 1.5.0.0) - Download - General Help & Support - Example Scripts - Wiki
Task Scheduler (NEW 2022-07-28 - Version 1.6.0.1) - Download - General Help & Support - Wiki

Standard UDFs:
Excel - Example Scripts - Wiki
Word - Wiki

Tutorials:
ADO - Wiki
WebDriver - Wiki

 

Link to comment
Share on other sites

When I run it (after entering user/pass in the gui)I get:

COM error encountered

Scriptline = 373

NumberHex = 000000A9

Number = 169

WinDescription = Variable must be of type "Object"

Description = Permission denied

Source = Provider

HelpContext = 1240640

Link to comment
Share on other sites

Either the connection to the AD was not successful or the specified user is not allowed to read the AD.

I attach the beta of version 0.37. Could you please check @error after _AD_Open.

Edited by water

My UDFs and Tutorials:

Spoiler

UDFs:
Active Directory (NEW 2022-02-19 - Version 1.6.1.0) - Download - General Help & Support - Example Scripts - Wiki
ExcelChart (2017-07-21 - Version 0.4.0.1) - Download - General Help & Support - Example Scripts
OutlookEX (2021-11-16 - Version 1.7.0.0) - Download - General Help & Support - Example Scripts - Wiki
OutlookEX_GUI (2021-04-13 - Version 1.4.0.0) - Download
Outlook Tools (2019-07-22 - Version 0.6.0.0) - Download - General Help & Support - Wiki
PowerPoint (2021-08-31 - Version 1.5.0.0) - Download - General Help & Support - Example Scripts - Wiki
Task Scheduler (NEW 2022-07-28 - Version 1.6.0.1) - Download - General Help & Support - Wiki

Standard UDFs:
Excel - Example Scripts - Wiki
Word - Wiki

Tutorials:
ADO - Wiki
WebDriver - Wiki

 

Link to comment
Share on other sites

I have just tested using the domain admin password and after this:

_AD_Open($sAD_UserIdParam, $sAD_PasswordParam, $sAD_DNSDomainParam, $sAD_HostServerParam, $sAD_ConfigurationParam)

MsgBox(1,"",@error)

I get the message box with 0 so I am assuming it is failing to connect?

run on another machine and the description of the com error changes to unknown username or bad password, source active directory. yet i know im using the right username (its my own!!)

Edited by darkleton
Link to comment
Share on other sites

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!

Register a new account

Sign in

Already have an account? Sign in here.

Sign In Now
 Share

  • Recently Browsing   0 members

    • No registered users viewing this page.
×
×
  • Create New...