card Posted March 8, 2010 Share Posted March 8, 2010 I would like to register myself from a computer place, out of range of my AD-DOMAIN on LDAP with user name and keyword. Therefore I need extended feedback, for example: 525 - user not found 52e - invalid credentials 530 - not permitted to logon at this time 532 - password expired 533 - account disabled 701 - account expired 773 - user must reset password To get access to LDAP-CONNECT, I have 3 solutions to offer: 1. via ADSDSOObject – disadvantage: I don`t get feedback in case of failure2. via $SobjiDSO.OpenDSObject – but: there is any feedback concerning RETURN missing3. via DLLCALL on WLAPD32.DLL.For this I have tried with the following source code:expandcollapse popup#include <array.au3> #include <WinAPIError.au3> #include <WINAPI.au3> $oMyError = ObjEvent("AutoIt.Error", "ComError") Global $objDSO = ObjGet ("LDAP:") Global $Host = "xxx.xxx.xxx.xxx xxx.xxx.xxx.xxx" Global $Port = "389" Global $fkt Const $ADS_SECURE_AUTHENTICATION = 1 Const $ADS_USE_SEALING = 64 ;'0x40 Const $ADS_USE_SIGNING = 128 ;'0x80 Const $ADS_SERVER_BIND= 512 ;0x200 Const $LDAP_OPT_ERROR_NUMBER = 0x31 Const $LDAP_OPT_ERROR_STRING = 0x32 Const $LDAP_OPT_SERVER_ERROR = 0x33 Const $LDAP_OPT_SERVER_EXT_ERROR = 0x34 Const $LDAP_OPT_PROTOCOL_VERSION = 0x11 Const $LDAP_AUTH_NEGOTIATE = 0x0400 Const $LDAP_AUTH_DIGEST = 0x4000 Const $LDAP_AUTH_OTHERKIND = 0x86 Const $LDAP_AUTH_SIMPLE = 0x80 Const $LDAP_AUTH_NTLM = 0x01000 Const $SEC_WINNT_AUTH_IDENTITY_UNICODE = 0x2 Const $SEC_WINNT_AUTH_IDENTITY_ANSI = 0x1 Global $username = "username" Global $Passwort = "secret" Global $domain = "DOMAIN" Global $ldapldll = DllOpen("WLDAP32.DLL") $ldapinit = ldapinit() ;errorpruefung($ldapinit, $fkt) $ldapsetOption = ldap_set_option() ;errorpruefung($ldapsetOption, $fkt) $ldapcon = ldap_simple_bind_s() errorpruefung($ldapcon, $fkt) $ldapgetoption = ldap_get_option() errorpruefung($ldapcon, $fkt) ldap_unbind() DllClose("WLDAP32.DLL") ConsoleWrite(@CRLF) exit Func ldapinit() $Hostptr = DllStructCreate("char[" & (StringLen($Host) + 1) & "]") DllStructSetData($Hostptr,1,$Host) $fkt = "ldap_open" Return DllCall($ldapldll, "ptr", $fkt, "ptr",DllStructGetPtr($Hostptr), "ULONG", "") EndFunc Func ldap_simple_bind_s() $fkt = "ldap_simple_bind_s" $dn = DllStructCreate("char[" & (StringLen($domain & "\" & $username) + 1) & "]") DllStructSetData($dn,1, $domain & "\" & $username) $passwd = DllStructCreate("char[" & (StringLen($Passwort) + 1) & "]") DllStructSetData($passwd,1, $Passwort) Return DllCall($ldapldll, "ULONG", $fkt, "ptr", $ldapinit[0], "ptr",DllStructGetPtr($dn), "ptr",DllStructGetPtr($passwd), "ULONG", $LDAP_AUTH_SIMPLE) ;_WinAPI_ShowError(Hex(_WinAPI_GetLastError()) & ": " & _WinAPI_GetLastErrorMessage()) ;Return $ldapcon EndFunc Func ldap_get_option() ;If $ldapcon[0] <> 0 Then $ldaperr = DllStructCreate("char[255]") DllStructSetData($ldaperr,1, 0) $fkt = "ldap_get_option" $ergebnis = DllCall($ldapldll, "ULONG", $fkt, "ptr", $ldapinit[0], "int", $LDAP_OPT_SERVER_ERROR, "ptr", DllStructGetPtr($ldaperr)) ;$fkt = "LdapGetLastError" ;$lasterror = DllCall($ldapldll, "ULONG", $fkt) ;errorpruefung($lasterror, $fkt) ;ConsoleWrite(Hex(_WinAPI_GetLastError()) & ": " & _WinAPI_GetLastErrorMessage()) $b = DllStructCreate("DWORD",DllStructGetPtr($ldaperr,1)) errorpruefung($ldaperr, $fkt) errorpruefung($b, $fkt) Return $ergebnis ;_ArrayDisplay($ergebnis) ;EndIf EndFunc Func ldap_set_option() ;If $ldapcon[0] <> 0 Then $ldaperr = DllStructCreate("ULONG") DllStructSetData($ldaperr,1, 3) $fkt = "ldap_set_option" ;$ldaperr = 0 $ergebnis = DllCall($ldapldll, "ULONG", $fkt, "ptr", $ldapinit[0], "int", $LDAP_OPT_PROTOCOL_VERSION, "ptr", DllStructGetPtr($ldaperr)) If @error <> 0 Then ConsoleWrite(Hex(_WinAPI_GetLastError()) & ": " & _WinAPI_GetLastErrorMessage()) errorpruefung($ldaperr, $fkt) Return $ergebnis ;_ArrayDisplay($ergebnis) ;EndIf EndFunc Func ldap_unbind() $fkt = "ldap_unbind" $ldapunbind = DllCall($ldapldll, "ULONG", $fkt, "ptr", $ldapinit[0]) EndFunc ;$ldapfree = DllStructCreate("char[" & (StringLen($LDAP_OPT_SERVER_ERROR) + 1) & "]") ;DllStructSetData($ldapfree,1, $LDAP_OPT_SERVER_ERROR) ;$fkt = "ldap_memfree" ;DllCall($ldapldll, "ptr", $fkt, "ptr", DllStructGetPtr($ldapfree)) ;$fkt = "LdapGetLastError" ;$lasterror = DllCall($ldapldll, "ULONG", $fkt) ;errorpruefung($lasterror, $fkt) Func errorpruefung($ID, $Name = "") If IsArray($ID) THEN ConsoleWrite(@CRLF & $Name & " ") For $I = 0 To UBound($ID)-1 ConsoleWrite(@CRLF & $I & ": " & $ID[$I] & " - " & hex($ID[$I],8) & " - " & dec(hex($ID[$I],8)) & " " & DllStructGetData($ID, $I)) Next ConsoleWrite(@CRLF) ;_ArrayDisplay($ID) Else ConsoleWrite(@CRLF & $Name & " " & DllStructGetData($ID, 1) & " - " & hex(DllStructGetData($ID, 1),8) & " " & DllStructGetData($ID, 2) & " - " & hex(DllStructGetData($ID, 2),8) & @CRLF) EndIf EndFunc Func ComError() if IsObj($oMyError) then $Fehlertext = ("Name: " & @TAB & $oMyError.description & @CRLF & _ "Beschreibung: " & @TAB & $oMyError.windescription & @CRLF & _ "Fehlernummer: " & @TAB & hex($oMyError.number,8) & @CRLF & _ "Fehlernummer1: " & @TAB & $oMyError.number & @CRLF & _ "Letzter Fehler: " & @TAB & $oMyError.lastdllerror & @CRLF & _ "Zeile: " & @TAB & $oMyError.scriptline & @CRLF & _ "Quelle: " & @TAB & $oMyError.source & @CRLF & _ "err.helpfile is: " & @TAB & $oMyError.helpfile & @CRLF & _ "err.helpcontext is: " & @TAB & $oMyError.helpcontext ) SetError($Fehlertext) ConsoleWrite(@CRLF & $Fehlertext & @CRLF) ;SetError(Hex($oError.Number)) else SetError(1) endif EndFunc- during input of the right username and keyword, I get back the text “ERROR 0x0” – this means everything is fine.- in case of a wrong input of username and keyword, I get back the text “ERROR 0x31” – LDAP_INVALID_CREDENTIALS – which means everything is fine.If I type in the question for LDAP_OPT_SERVER_ERROR, unfortunately, I didn’t get any good answer to follow – last 4 HEX-values are always 1828 ending, no matter, if: 1. the user is not existent or a wrong keyword is typed in 2. or the user profile is deactivated and so on…. I have no chance to get back any string, only a HEX-value. My question for you is: How do I reach an extended return string, which looks for example at Java or PHP as follows:javax.naming.AuthenticationException: [LDAP: error code 49 - 80090308: LdapErr: DSID-0C09030B, comment: AcceptSecurityContext error, data 525, v893At right is error data 525 - in this case: User not foundMicrosoftreferences at ldap_get_option and LDAP_OPT_SERVER_ERRORFor your understanding: I don’t have to work with the programme DLL-CALL, the only thing I need is an extended return string in AUTOIT. Could you please inform me about alternative methods of getting access with AUTOIT on LDAP? Thank you very much in advance for your help. Please find my source code for DLL-CALL Link to comment Share on other sites More sharing options...
card Posted March 8, 2010 Author Share Posted March 8, 2010 with network-sniffer i get the message ErrorMessage: 80090308: LdapErr: DSID-0C090334, comment: AcceptSecurityContext error, data 52e, vece how i get the message in autoit? Link to comment Share on other sites More sharing options...
Recommended Posts
Create an account or sign in to comment
You need to be a member in order to leave a comment
Create an account
Sign up for a new account in our community. It's easy!
Register a new accountSign in
Already have an account? Sign in here.
Sign In Now