Sign in to follow this  
Followers 0
malcolmsearle

Possible error with _Security__GetAccountSid?

8 posts in this topic

#1 ·  Posted (edited)

I wonder if I may have found an error with Security.au3.

I make a call to _Security__GetAccountSid like this:

$bSid = _Security__GetAccountSid($strDomainName & "\" & $strSamid, $strLogonServer)

9 times out of 10 I get back a struct but occasionally my script bottoms out saying:

C:\Program Files (x86)\AutoIt3\Include\Security.au3 (85) : ==> Subscript used with non-Array variable.:  
Return _Security__StringSidToSid($aAcct[0])  
Return _Security__StringSidToSid($aAcct^ ERROR  
->11:34:57 AutoIT3.exe ended.rc:1  
>Exit code: 1    Time: 174.220

On the lines after the call to _Security__GetAccountSid I check @error before calling IsDllStruct but these lines never get parsed if my script bottoms out as mentioned above.

Any ideas as to a workaround or should I make a bug report?

Thanks in advance for any pointers.

Malcolm

Edited by malcolmsearle

Share this post


Link to post
Share on other sites



One workaround involves skipping Security.au3 and calling AdFind from a command prompt like this:

While $strSid = ""

    ; Grab the user's DN from Active Directory
    $strDn = _GetUserAttribute($strSamid, "distinguishedName")                          ; _GetUserAttribute, my own function to get a single user attribute
    $strOutput = ""
    $strTemp = ""

    ; Use adFind to grab the user's SID from Active Directory
    $hDOS = Run(@ComSpec & ' /k ' & 'AdFind.exe -b "' & $strDn & '" objectsid', @SystemDir,  @SW_HIDE, $STDERR_CHILD + $STDOUT_CHILD)
    ProcessWaitClose($hDOS)
    While 1
        $strTemp = StdoutRead($hDos)
        If @error Then ExitLoop
        $strOutput = $strOutput & $strTemp
    Wend
    $arrTemp = StringSplit($strOutput, @CRLF)                                           ; Convert the AdFind output to an array
    $intI = _ArraySearch($arrTemp, ">objectSid:", 0, 0, 0, 1)                           ; Locate the substring ">objectSid:" in this array; here we'll find the SID
    If Not @error Then $strSid = StringReplace($arrTemp[$intI], ">objectSid: ", "")     ; Store the SID in the string $strSid

    If Not StringLeft($strSid, 3) = "S-1" Then $strSid = ""                             ; Does $strSid start with "S-1"? If not, blank it to loop once more

Wend

This works quite nicely. However in testing I noticed that this is around a second slower than an equivalent call to _Security__GetAccountSid. But as I said before, sometimes _Security__GetAccountSid fails so a slightly slower script is to be preferred!

Share this post


Link to post
Share on other sites

Your workaround is all that shouldn't be done with AutoIt.

Bug is with _Security__LookupAccountName() function. One little tiny overlook, but how expensive. To be learned from.


♡♡♡

.

eMyvnE

Share this post


Link to post
Share on other sites

Your workaround is all that shouldn't be done with AutoIt.

Bug is with _Security__LookupAccountName() function. One little tiny overlook, but how expensive. To be learned from.

Ok. Would you be kind enough to give an example? So I could learn from it.

Share this post


Link to post
Share on other sites

Ok. Would you be kind enough to give an example? So I could learn from it.

Sure. After you report the bug.

♡♡♡

.

eMyvnE

Share this post


Link to post
Share on other sites

Sure. After you report the bug.

Which you could have said to start with. It was my initial question.

This bug is similar to closed ticket 1393.

I have made a new bug report, number 1920.

Share this post


Link to post
Share on other sites

#7 ·  Posted (edited)

Which you could have said to start with. It was my initial question.

This bug is similar to closed ticket 1393.

I have made a new bug report, number 1920.

Excellent.

Then you know what to do to avoid unwanted termination of the script and errors. Rewrite your _Security__GetAccountSid() to check return value of _Security__LookupAccountName() function and not error value.

Edited by trancexx

♡♡♡

.

eMyvnE

Share this post


Link to post
Share on other sites

#8 ·  Posted (edited)

Excellent.

Then you know what to do to avoid unwanted termination of the script and errors. Rewrite your _Security__GetAccountSid() to check return value of _Security__LookupAccountName() function and not error value.

So that line 85 which was:

Return _Security__StringSidToSid($aAcct[0])

is replaced by :

If IsArray($aAcct) Then Return _Security__StringSidToSid($aAcct[0])
Return ''

I have added this info to the ticket.

Edited by malcolmsearle

Share this post


Link to post
Share on other sites

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!


Register a new account

Sign in

Already have an account? Sign in here.


Sign In Now
Sign in to follow this  
Followers 0