Jump to content
Sign in to follow this  
jazzyjeff

_AD_GetPasswordInfo problems

Recommended Posts

jazzyjeff

I am trying to read the information of a user account specified in a GUI. The GUI is reading the name right as I have this working in various other parts and the code is the same.

I think I must be using the function wrong.

So I am using Water's AD UDF, and the function _AD_GetPasswordInfo. When I run this in a function it doesn't return any values. Does anyone have any idea what could be wrong here?

This is my code:

Func _PasswordInfo()
Global $pwInfo = _AD_GetPasswordInfo($vUsername4)
MsgBox(0, "Password Information", "Password Last Changed: " & $pwInfo[8] & @CRLF & "Password Expires on: " & $pwInfo[9] & @CRLF)
EndFunc   ;==>_PasswordInfo

I do have the _AD_Open and _AD_Close functions in. Other parts of the script are running fine with this setup i.e. Reset password, unlock account, check group membership. Just this part is not working.

Any help is appreciated.

Thanks,

Jeff

Share this post


Link to post
Share on other sites
water

Could you please use a MsgBox to display the value of @error after _AD_GetPasswordInfo?

I just re-read your code. Your function doesn't return anything because you don't return anything (you define a global variable in a function - but this is not a good coding style).

In addition I would suggest to pass the username ($vUsername4) as a parameter to the function.

Another thought: Why do you create another function (_PasswordInfo) which only calls another function? Couldn't you call function _AD_GetPasswordInfo directly?

Edited by water

My UDFs and Tutorials:

Spoiler

UDFs:
Active Directory (NEW 2018-12-03 - Version 1.4.11.0) - Download - General Help & Support - Example Scripts - Wiki
OutlookEX (2018-10-31 - Version 1.3.4.1) - Download - General Help & Support - Example Scripts - Wiki
ExcelChart (2017-07-21 - Version 0.4.0.1) - Download - General Help & Support - Example Scripts
PowerPoint (2017-06-06 - Version 0.0.5.0) - Download - General Help & Support
Excel - Example Scripts - Wiki
Word - Wiki
 
Tutorials:

ADO - Wiki

 

Share this post


Link to post
Share on other sites
jazzyjeff

I'm such an idiot! Sorry mate. Error 2... password is set to not expire. Non admin account works fine. Need to test more! Thanks.

Share this post


Link to post
Share on other sites
jazzyjeff

Thanks for the tips Water as always! I have added the code to my script below. It's not like it's a secret or nothing that you guys couldn't do better!

I am curious though. Is running the code through a function slower? I find the way I do it pretty clean to look at, but maybe it's not really the right way. I did change the variables from Global to Local in the functions, as I understand that a Global function is not necessary. Does one consume more memory than the other?

#include <ButtonConstants.au3>
#include <EditConstants.au3>
#include <GUIConstantsEx.au3>
#include <StaticConstants.au3>
#include <WindowsConstants.au3>
#include <AD.au3>
#include <TabConstants.au3>
Opt("TrayIconHide", 1)
Global $username, $password, $chkPWChange, $pwValue, $lblLockoutStatus
_AD_Open()
;Check to make sure the user running the script has permissions to reset passwords.
If _AD_IsMemberOf("TI", @UserName) Then
MsgBox(0, "Password Reset Utility", @UserName & ", you have the appropriate security group access to use this utility.", 4)
ElseIf _AD_IsMemberOf("Domain Admins", @UserName) Then
MsgBox(0, "Password Reset Utility", @UserName & ", you have the appropriate security group access to use this utility.", 4)
Else
MsgBox(0, "Access Denied", "You do not have permission to use this utility.")
Exit
EndIf
$mainForm = GUICreate("Active Directory Utility", 460, 125, -1, -1)
GUISetIcon("C:\Icons\logo.ico")
GUISetFont(10, 400, 0, "MS Sans Serif")
GUISetBkColor(0xE3E3E3)
$tabWindow = GUICtrlCreateTab(8, 8, 445, 110)
GUICtrlSetFont(-1, 10, 400, 0, "Arial")
GUICtrlSetResizing(-1, $GUI_DOCKWIDTH + $GUI_DOCKHEIGHT)
$tabPassword = GUICtrlCreateTabItem("Password")
$username1 = GUICtrlCreateInput("", 88, 48, 121, 24)
GUICtrlSetFont(-1, 10, 400, 0, "Arial")
$password = GUICtrlCreateInput("", 88, 80, 121, 24, BitOR($ES_PASSWORD, $ES_AUTOHSCROLL), $WS_EX_CLIENTEDGE)
GUICtrlSetFont(-1, 10, 400, 0, "Arial")
$chkPWChange = GUICtrlCreateCheckbox("Prompt user to change password", 220, 47, 217, 17, BitOR($BS_CHECKBOX, $BS_AUTOCHECKBOX, $BS_RIGHTBUTTON, $WS_TABSTOP))
GUICtrlSetFont(-1, 10, 400, 0, "Arial")
$btnPWReset = GUICtrlCreateButton("Reset user password", 220, 79, 219, 25, $WS_GROUP)
GUICtrlSetFont(-1, 10, 800, 0, "MS Sans Serif")
$lblUsername = GUICtrlCreateLabel("Username", 12, 48, 67, 20, $WS_TABSTOP)
$lblPassword = GUICtrlCreateLabel("Password", 12, 80, 64, 20, $WS_TABSTOP)
$tabUnlock = GUICtrlCreateTabItem("Unlock")
;GUICtrlSetState(-1,$GUI_SHOW)
$username2 = GUICtrlCreateInput("", 88, 48, 121, 24)
GUICtrlSetFont(-1, 10, 400, 0, "Arial")
$lblUsername = GUICtrlCreateLabel("Username", 12, 48, 67, 20, $WS_TABSTOP)
$lblLockStatus = GUICtrlCreateLabel("Lockout Status", 12, 85, 100, 20, $WS_TABSTOP)
GUICtrlSetFont(-1, 10, 400, 0, "Arial")
$btnCheck = GUICtrlCreateButton("Check status", 220, 79, 100, 25, $WS_GROUP)
GUICtrlSetFont(-1, 10, 800, 0, "MS Sans Serif")
$btnUnlock = GUICtrlCreateButton("Unlock Account", 328, 79, 118, 25, $WS_GROUP)
GUICtrlSetFont(-1, 10, 800, 0, "MS Sans Serif")
$tabGroups = GUICtrlCreateTabItem("Groups")
;GUICtrlSetState(-1,$GUI_SHOW)
$username3 = GUICtrlCreateInput("", 88, 48, 121, 24)
GUICtrlSetFont(-1, 10, 400, 0, "Arial")
$lblUsername = GUICtrlCreateLabel("Username", 12, 48, 67, 20, $WS_TABSTOP)
$btnCheckgrp = GUICtrlCreateButton("Group Membership", 300, 79, 140, 25, $WS_GROUP)
GUICtrlSetFont(-1, 10, 800, 0, "MS Sans Serif")
$tabPasswordInfo = GUICtrlCreateTabItem("Password Info")
;GUICtrlSetState(-1,$GUI_SHOW)
$username4 = GUICtrlCreateInput("", 88, 48, 121, 24)
GUICtrlSetFont(-1, 10, 400, 0, "Arial")
$lblUsername = GUICtrlCreateLabel("Username", 12, 48, 67, 20, $WS_TABSTOP)
$btnCheckPWInfo = GUICtrlCreateButton("Check Password", 300, 79, 140, 25, $WS_GROUP)
GUICtrlSetFont(-1, 10, 800, 0, "MS Sans Serif")
GUICtrlCreateTabItem("")
GUISetState(@SW_SHOW)
While 1
$nMsg = GUIGetMsg()
Switch $nMsg
  Case $GUI_EVENT_CLOSE
   Exit
  Case $btnPWReset
   ;Read data that has been inputted from the user and then executes the function if a student is selected for a password reset
   $vUsername1 = GUICtrlRead($username1)
   $vPassword = GUICtrlRead($password)
   If _AD_IsMemberOf("Domain Admins", $vUsername1) Then
    MsgBox(16, "Error", "You do not have permissions to reset this account.")
    Exit
   EndIf
   _pwChange()
   _pwReset()
   $pwValue = 0
   GUICtrlDelete($vUsername1)
   GUICtrlDelete($vPassword)
   GUICtrlSetData($username1, "")
   GUICtrlSetData($password, "")
   ControlCommand("", "", $chkPWChange, "UnCheck", "")
  Case $btnCheck
   ;Read data that has been inputted from the user
   $vUsername2 = GUICtrlRead($username2)
   _LockOutStatus()
  Case $btnUnlock
   _UnlockAcct()
  Case $btnCheckgrp
   $vUsername3 = GUICtrlRead($username3)
   GUISetState(@SW_DISABLE, $mainForm)
   _GroupMembership()
   GUISetState(@SW_ENABLE, $mainForm)
   WinActivate($mainForm)
   GUICtrlDelete($vUsername3)
   GUICtrlSetData($username3, "")
  Case $btnCheckPWInfo
   $vUsername4 = GUICtrlRead($username4)
   _PasswordInfo()
   GUICtrlDelete($vUsername4)
   GUICtrlSetData($username4, "")
EndSwitch
WEnd
;Performs the function to read the check box that determines if the user is prompted for a password change
Func _pwChange()
If BitAND(GUICtrlRead($chkPWChange), $GUI_CHECKED) = $GUI_CHECKED Then
  $pwValue = 1
Else
  $pwValue = 0
EndIf
EndFunc   ;==>_pwChange
;Performs the function that resets the user password
Func _pwReset()
$passwordReset = _AD_SetPassword($vUsername1, $vPassword, $pwValue)
If $passwordReset = 1 Then
  MsgBox(0, "Successful", "The password change for " & $vUsername1 & " has been successful.")
ElseIf @error = 1 Then
  MsgBox(0, "Error", "The user, " & $vUsername1 & ", does not exist.")
Else
  MsgBox(64, "Active Directory Error", "Return code '" & @error & "' from Active Directory")
EndIf
EndFunc   ;==>_pwReset
Func _LockOutStatus()
Local $LockoutStatus = _AD_IsObjectLocked($vUsername2)
If $LockoutStatus = 1 Then
  $lblLockoutStatus = GUICtrlCreateLabel("Locked", 120, 85, 81, 20)
  GUICtrlSetFont(-1, 10, 800, 0, "Arial")
  GUICtrlSetColor(-1, 0xff0000)
  GUICtrlSetBkColor(-1, 0xffffff)
Else
  $lblLockoutStatus = GUICtrlCreateLabel("Unlocked", 120, 85, 81, 20)
  GUICtrlSetFont(-1, 10, 800, 0, "Arial")
  GUICtrlSetColor(-1, 0x33cc00)
  GUICtrlSetBkColor(-1, 0xffffff)
EndIf
EndFunc   ;==>_LockOutStatus
Func _UnlockAcct()
Local $lockout = _AD_UnlockObject($vUsername2)
If $lockout = 1 Then
  MsgBox(0, "Successful", "The user account for " & $vUsername2 & " has been successfully unlocked.")
ElseIf @error = 1 Then
  MsgBox(0, "Error", "The user, " & $vUsername2 & ", does not exist.")
Else
  MsgBox(64, "Active Directory Error", "Return code '" & @error & "' from Active Directory")
EndIf
EndFunc   ;==>_UnlockAcct
Func _GroupMembership()
Local $groupMembership = _AD_GetUserGroups($vUsername3)
$frmList = GUICreate("Group Membership", 356, 294, 192, 124)
$listGroups = GUICtrlCreateList("", 8, 8, 337, 279)
GUISetState(@SW_SHOW)
#endregion ### END Koda GUI section ###
For $i = 1 To $groupMembership[0]
  GUICtrlSetData($listGroups, $groupMembership[$i])
Next
While 2
  $nMsg = GUIGetMsg()
  Switch $nMsg
   Case $GUI_EVENT_CLOSE
    GUIDelete($frmList)
    ExitLoop
  EndSwitch
WEnd
EndFunc   ;==>_GroupMembership
Func _PasswordInfo()
Local $pwInfo = _AD_GetPasswordInfo($vUsername4)
MsgBox(0, "Password Information", "Password Last Changed: " & $pwInfo[8] & @CRLF & "Password Expires on: " & $pwInfo[9] & @CRLF)
EndFunc   ;==>_PasswordInfo
_AD_Close()

Share this post


Link to post
Share on other sites
water

I had a quick glance at your code. Some improvements I would suggest.

;Check to make sure the user running the script has permissions to reset passwords.
If _AD_IsMemberOf("TI", @UserName) Then
MsgBox(0, "Password Reset Utility", @UserName & ", you have the appropriate security group access to use this utility.", 4)
ElseIf _AD_IsMemberOf("Domain Admins", @UserName) Then
MsgBox(0, "Password Reset Utility", @UserName & ", you have the appropriate security group access to use this utility.", 4)
Else
MsgBox(0, "Access Denied", "You do not have permission to use this utility.")
Exit
can be shortened to

;Check to make sure the user running the script has permissions to reset passwords.
If _AD_IsMemberOf("TI", @UserName) Or _AD_IsMemberOf("Domain Admins", @UserName) Then
MsgBox(0, "Password Reset Utility", @UserName & ", you have the appropriate security group access to use this utility.", 4)
Else
MsgBox(0, "Access Denied", "You do not have permission to use this utility.")
Exit
EndIf

You don't need to use GUICtrlDelete for variables that are not used in a GUI.

GUICtrlDelete($vPassword)

change it to

$vPassword = ""

My UDFs and Tutorials:

Spoiler

UDFs:
Active Directory (NEW 2018-12-03 - Version 1.4.11.0) - Download - General Help & Support - Example Scripts - Wiki
OutlookEX (2018-10-31 - Version 1.3.4.1) - Download - General Help & Support - Example Scripts - Wiki
ExcelChart (2017-07-21 - Version 0.4.0.1) - Download - General Help & Support - Example Scripts
PowerPoint (2017-06-06 - Version 0.0.5.0) - Download - General Help & Support
Excel - Example Scripts - Wiki
Word - Wiki
 
Tutorials:

ADO - Wiki

 

Share this post


Link to post
Share on other sites

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!

Register a new account

Sign in

Already have an account? Sign in here.

Sign In Now
Sign in to follow this  

×