darkleton Posted March 5, 2010 Share Posted March 5, 2010 Hi, I have a vbs script which when run will ask for username and password, and will then check that against a server, if it is correct and you are in the right group specified it will do a few functions. i have tried using the vbs to au3 converter but it just doesn't like running afterwards. if anyone is able to give me a hand converting it i would be eternally grateful. my aim is to have it as an au3 script, and then have the ability to minimise it to the tray so that it can be disconnected later. the vbs code works exactly as i want, so it really just is a case of converting it. i've attached the code below, if anyone could help, thank you expandcollapse popupsDNS="dc=mydomain,dc=com" sDomain = "MYDOMAIN" sDC="SERVER01" strUserNameMessage = "Please enter your username" strPasswordMessage = "Please enter your password" strTitle = "Domain Connect" sUser = InputBox(strUserNameMessage,strTitle,"",1600,1600) sPassword = InputBox(strPasswordMessage,strTitle,"",1600,1600) sGroup1= "Group1" sGroup2= "Group2" const ADS_SECURE_AUTHENTICATION = 1 const ADS_SERVER_BIND= 512 'find the distinguished name of this user 'will return N/A for either no user or wrong password sDN=getdn(sUser,sPassword,sDomain) if sDN="N/A" then wscript.echo "Can't find user" wscript.quit end if 'username and password are valid; is the user in the group 'bind to user object set oLDAP=getobject("LDAP:") set oUser=oLDAP.opendsobject("LDAP://" & sDC & "/" & sDN,sDomain & "\" & sUser,sPassword, ADS_SECURE_AUTHENTICATION + ADS_SERVER_BIND) 'assume user is not in group bInGroup=false for each oGroup in oUser.groups 'check for each group - make lcase just to avoid problems with case if lcase(oGroup.samaccountname)=lcase(sGroup1) or lcase(oGroup.samaccountname)=lcase(sGroup2) then bInGroup=True exit for end if next 'process appropriately for in/out of group if bInGroup then wscript.echo "In group, mapping drives" else wscript.echo "Not in group " & sGroup wscript.quit end if function getDN(sNTName,sPassword,sDomain) 'kludgy but saves unwanted errors ' on error resume next sResult="N/A" sBase="<LDAP://" & sDC & "/" & sDNS & ">" 'set up connection to Active Direcotry set oCommand=createobject("adodb.command") sAttributes = "distinguishedName" Set oConn = CreateObject("ADODB.Connection") oConn.Provider = "ADsDSOObject" oConn.Properties("User ID") = sDomain & "\" & sUser oConn.Properties("Password") = sPassword oConn.Open oCommand.ActiveConnection = oConn set oRS=createobject("adodb.recordset") sFilter = "(samaccountname=" & sNTName & ")" 'query built here has domain name; filter based on username; only attribute needed is distinguished name and subtree means search whole directory sQuery = sBase & ";" & sFilter & ";" & sAttributes & ";subtree" oCommand.CommandText = sQuery Set oRS = oCommand.Execute 'will be EOF if not found if ors.eof then sresult="N/A" else sResult=ors("distinguishedname") end if ors.close 'return either N/A for not found or error (eg bad password) and distinguished name otherwise getDN=sResult on error goto 0 end function thanks Mike Link to comment Share on other sites More sharing options...
water Posted March 5, 2010 Share Posted March 5, 2010 There is a UDF available for Active Directory (for download please see my signature). It has a lot of functions that help you cope with AD. In your case you need _AD_SamAccountNameToFQDN, _AD_IsMemberOf My UDFs and Tutorials: Spoiler UDFs:Active Directory (NEW 2022-02-19 - Version 1.6.1.0) - Download - General Help & Support - Example Scripts - WikiExcelChart (2017-07-21 - Version 0.4.0.1) - Download - General Help & Support - Example ScriptsOutlookEX (2021-11-16 - Version 1.7.0.0) - Download - General Help & Support - Example Scripts - WikiOutlookEX_GUI (2021-04-13 - Version 1.4.0.0) - DownloadOutlook Tools (2019-07-22 - Version 0.6.0.0) - Download - General Help & Support - WikiPowerPoint (2021-08-31 - Version 1.5.0.0) - Download - General Help & Support - Example Scripts - WikiTask Scheduler (NEW 2022-07-28 - Version 1.6.0.1) - Download - General Help & Support - Wiki Standard UDFs:Excel - Example Scripts - WikiWord - Wiki Tutorials:ADO - WikiWebDriver - Wiki Link to comment Share on other sites More sharing options...
darkleton Posted March 5, 2010 Author Share Posted March 5, 2010 the other thing i forgot to mention is this is run on a machine not joined to the domain, but joined to a workgroup connected to a domain network via wireless. so its the whole making it work with authentication bit. thanks water, i'll have a read through, see if i can make some sense of it. it's been a while since i tried au3 stuff Link to comment Share on other sites More sharing options...
water Posted March 5, 2010 Share Posted March 5, 2010 the other thing i forgot to mention is this is run on a machine not joined to the domain, but joined to a workgroup connected to a domain network via wireless. so its the whole making it work with authentication bit.thanks water, i'll have a read through, see if i can make some sense of it. it's been a while since i tried au3 stuff If you supply the necessary information to _AD_Open you can connect to a domain from a workgroup as well. My UDFs and Tutorials: Spoiler UDFs:Active Directory (NEW 2022-02-19 - Version 1.6.1.0) - Download - General Help & Support - Example Scripts - WikiExcelChart (2017-07-21 - Version 0.4.0.1) - Download - General Help & Support - Example ScriptsOutlookEX (2021-11-16 - Version 1.7.0.0) - Download - General Help & Support - Example Scripts - WikiOutlookEX_GUI (2021-04-13 - Version 1.4.0.0) - DownloadOutlook Tools (2019-07-22 - Version 0.6.0.0) - Download - General Help & Support - WikiPowerPoint (2021-08-31 - Version 1.5.0.0) - Download - General Help & Support - Example Scripts - WikiTask Scheduler (NEW 2022-07-28 - Version 1.6.0.1) - Download - General Help & Support - Wiki Standard UDFs:Excel - Example Scripts - WikiWord - Wiki Tutorials:ADO - WikiWebDriver - Wiki Link to comment Share on other sites More sharing options...
darkleton Posted March 5, 2010 Author Share Posted March 5, 2010 OK I've had a quick look at the functions, but it's been about 3 years since I last tried doing AutoIT How wrong is the code below? Sorry if it seems stupidly simple. Func Connect() Global $sAD_DNSDomainParam = "dc=mydomain,dc=com" Global $sAD_HostServerParam = "server01.mydomain.dom" Global $sAD_ConfigurationParam = "cn=Configuration,dc=mydomain,dc=com" Global $sAD_Group1 = "group2" Global $sAD_Group2 = "group1" Global $sAD_UserIdParam = $suser Global $sAD_PasswordParam = $spassword _AD_Open($sAD_UserIdParam, $sAD_PasswordParam, $sAD_DNSDomainParam, $sAD_HostServerParam, $sAD_ConfigurationParam) ;;convert sam name into fqdn using username in gui $sDN = _AD_SamAccountNameToFQDN($sAD_UserIdParam) if $sDN = 0 Then MsgBox(0,"Error","No such user") Exit EndIf ;;convert to fqdn end ;;check user is member of groups $ismember = _AD_IsMemberOf($sAD_Group1 or $sAD_Group2, $sDN) If $ismember = 1 then MsgBox(0,"Success","Mapping drives") Else MsgBox(0,"Failure","Not in groups") EndIf ;;close ad connection _AD_Close() ;;close ad connection end EndFunc Link to comment Share on other sites More sharing options...
water Posted March 5, 2010 Share Posted March 5, 2010 (edited) Only some minor changes: Func Connect() Global $sAD_DNSDomainParam = "dc=mydomain,dc=com" Global $sAD_HostServerParam = "server01.mydomain.dom" Global $sAD_ConfigurationParam = "cn=Configuration,dc=mydomain,dc=com" Global $sAD_Group1 = "group2" Global $sAD_Group2 = "group1" Global $sAD_UserIdParam = $suser Global $sAD_PasswordParam = $spassword _AD_Open($sAD_UserIdParam, $sAD_PasswordParam, $sAD_DNSDomainParam, $sAD_HostServerParam, $sAD_ConfigurationParam) ;;convert sam name into fqdn using username in gui $sDN = _AD_SamAccountNameToFQDN($sAD_UserIdParam) if @error <> 0 Then MsgBox(0,"Error","No such user") Exit EndIf ;;convert to fqdn end ;;check user is member of groups $ismember = _AD_IsMemberOf($sAD_Group1, $sDN) + _AD_IsMemberOf($sAD_Group1, $sDN) If $ismember > 0 then MsgBox(0,"Success","Mapping drives") Else MsgBox(0,"Failure","Not in groups") EndIf ;;close ad connection _AD_Close() ;;close ad connection end EndFunc I will soon release version 0.37 of the UDF. _AD_Open then sets @error if the connection was not successful. Edited March 5, 2010 by water My UDFs and Tutorials: Spoiler UDFs:Active Directory (NEW 2022-02-19 - Version 1.6.1.0) - Download - General Help & Support - Example Scripts - WikiExcelChart (2017-07-21 - Version 0.4.0.1) - Download - General Help & Support - Example ScriptsOutlookEX (2021-11-16 - Version 1.7.0.0) - Download - General Help & Support - Example Scripts - WikiOutlookEX_GUI (2021-04-13 - Version 1.4.0.0) - DownloadOutlook Tools (2019-07-22 - Version 0.6.0.0) - Download - General Help & Support - WikiPowerPoint (2021-08-31 - Version 1.5.0.0) - Download - General Help & Support - Example Scripts - WikiTask Scheduler (NEW 2022-07-28 - Version 1.6.0.1) - Download - General Help & Support - Wiki Standard UDFs:Excel - Example Scripts - WikiWord - Wiki Tutorials:ADO - WikiWebDriver - Wiki Link to comment Share on other sites More sharing options...
darkleton Posted March 5, 2010 Author Share Posted March 5, 2010 When I run it (after entering user/pass in the gui)I get: COM error encountered Scriptline = 373 NumberHex = 000000A9 Number = 169 WinDescription = Variable must be of type "Object" Description = Permission denied Source = Provider HelpContext = 1240640 Link to comment Share on other sites More sharing options...
water Posted March 5, 2010 Share Posted March 5, 2010 (edited) Either the connection to the AD was not successful or the specified user is not allowed to read the AD. I attach the beta of version 0.37. Could you please check @error after _AD_Open. Edited March 5, 2010 by water My UDFs and Tutorials: Spoiler UDFs:Active Directory (NEW 2022-02-19 - Version 1.6.1.0) - Download - General Help & Support - Example Scripts - WikiExcelChart (2017-07-21 - Version 0.4.0.1) - Download - General Help & Support - Example ScriptsOutlookEX (2021-11-16 - Version 1.7.0.0) - Download - General Help & Support - Example Scripts - WikiOutlookEX_GUI (2021-04-13 - Version 1.4.0.0) - DownloadOutlook Tools (2019-07-22 - Version 0.6.0.0) - Download - General Help & Support - WikiPowerPoint (2021-08-31 - Version 1.5.0.0) - Download - General Help & Support - Example Scripts - WikiTask Scheduler (NEW 2022-07-28 - Version 1.6.0.1) - Download - General Help & Support - Wiki Standard UDFs:Excel - Example Scripts - WikiWord - Wiki Tutorials:ADO - WikiWebDriver - Wiki Link to comment Share on other sites More sharing options...
darkleton Posted March 5, 2010 Author Share Posted March 5, 2010 (edited) I have just tested using the domain admin password and after this: _AD_Open($sAD_UserIdParam, $sAD_PasswordParam, $sAD_DNSDomainParam, $sAD_HostServerParam, $sAD_ConfigurationParam) MsgBox(1,"",@error) I get the message box with 0 so I am assuming it is failing to connect? run on another machine and the description of the com error changes to unknown username or bad password, source active directory. yet i know im using the right username (its my own!!) Edited March 5, 2010 by darkleton Link to comment Share on other sites More sharing options...
darkleton Posted March 5, 2010 Author Share Posted March 5, 2010 ah, it was me using the $sAD_Usernameparam = $suser....it was outputting as "3" instead of what i typed in. changed it to = guictrlread($suser) and it outputted right. i can test a bit further now. Link to comment Share on other sites More sharing options...
Recommended Posts
Create an account or sign in to comment
You need to be a member in order to leave a comment
Create an account
Sign up for a new account in our community. It's easy!
Register a new accountSign in
Already have an account? Sign in here.
Sign In Now