Sign in to follow this  
Followers 0
THERUNZ

Unable to update Terminal Services in 2008 R2

16 posts in this topic

Hello all,

I have been working with the AD.au3 plugin and have no problems setting any schema attribute using _AD_ModifyAttribute.

But it seems that with the realease of 2008 R2 the schema objects for Terminal Services have changed. While looking through ADSIEdit I found the attributes msTSProfilePath, msTSHomeDirectory, and msTSHomeDrive. I updated these values but when looking in Active Directory users and computers in the Remote Desktop Services Profile tab of the user I am working with nothing has been updated, and it is not working.

With much research I have found that the Terminal Services information is stored in the userParameters schema attribute as a BLOB. (http://daduke.org/linux/userparameters.html)

The site listed above provides a format to convert the values into a usable form to be placed into the userParameters field, but going about it this way seems to be more work than its worth.

I have found code that has been written to pull these values using the IADsTSUserEx Interface so that they can be easily updated but I am unfamiliar with how the below VB translates over to Autoit. Could someone please help me out?

Imports System.DirectoryServices

Imports TSUSEREXLib

Dim rootLDAPpath As String = "LDAP://OU=...,DC=com"

Dim root As DirectoryEntry = New DirectoryEntry(rootLDAPpath)

Dim searcher As New DirectorySearcher(root)

Dim adUser As SearchResult

searcher.Filter() = "(&(objectCategory=user)(samAccountName=*******))"

adUser = searcher.FindOne

Dim myUser = New DirectoryEntry(adUser.Path)

' Get the properties

Dim tsUser = CType(myUser.NativeObject, IADsTSUserEx)

MsgBox(tsUser.TerminalServicesProfilePath)

MsgBox(tsUser.TerminalServicesHomeDrive)

MsgBox(tsUser.TerminalServicesHomeDirectory)

' Set the properties

tsUser.TerminalServicesHomeDirectory = ...

...

myUser.CommitChanges()

Site reference (http://webactivedirectory.wordpress.com/2011/10/05/active-directory-attributes-for-remote-desktop-services/)

Share this post


Link to post
Share on other sites



I will have a look as soon as I return from vacation (next week)


My UDFs and Tutorials:

Spoiler

UDFs:
Active Directory (NEW 2017-04-18 - Version 1.4.8.0) - Download - General Help & Support - Example Scripts - Wiki
OutlookEX (NEW 2017-02-27 - Version 1.3.1.0) - Download - General Help & Support - Example Scripts - Wiki
ExcelChart (2015-04-01 - Version 0.4.0.0) - Download - General Help & Support - Example Scripts
Excel - Example Scripts - Wiki
Word - Wiki
PowerPoint (2015-06-06 - Version 0.0.5.0) - Download - General Help & Support

Tutorials:
ADO - Wiki

 

Share this post


Link to post
Share on other sites

Thank you water! Your help is much appreciated. Have a good vacation :bye:

Share this post


Link to post
Share on other sites

We were talking about Terminal Services and AD Maybe this helps?


My UDFs and Tutorials:

Spoiler

UDFs:
Active Directory (NEW 2017-04-18 - Version 1.4.8.0) - Download - General Help & Support - Example Scripts - Wiki
OutlookEX (NEW 2017-02-27 - Version 1.3.1.0) - Download - General Help & Support - Example Scripts - Wiki
ExcelChart (2015-04-01 - Version 0.4.0.0) - Download - General Help & Support - Example Scripts
Excel - Example Scripts - Wiki
Word - Wiki
PowerPoint (2015-06-06 - Version 0.0.5.0) - Download - General Help & Support

Tutorials:
ADO - Wiki

 

Share this post


Link to post
Share on other sites

Thanks so much for your help water! Got everything up and going.

Share this post


Link to post
Share on other sites
:D

My UDFs and Tutorials:

Spoiler

UDFs:
Active Directory (NEW 2017-04-18 - Version 1.4.8.0) - Download - General Help & Support - Example Scripts - Wiki
OutlookEX (NEW 2017-02-27 - Version 1.3.1.0) - Download - General Help & Support - Example Scripts - Wiki
ExcelChart (2015-04-01 - Version 0.4.0.0) - Download - General Help & Support - Example Scripts
Excel - Example Scripts - Wiki
Word - Wiki
PowerPoint (2015-06-06 - Version 0.0.5.0) - Download - General Help & Support

Tutorials:
ADO - Wiki

 

Share this post


Link to post
Share on other sites

Thank you water! Your help is much appreciated. Have a good vacation :bye:

Could you please post that autoit script here ?

Share this post


Link to post
Share on other sites

The subject has been discussed Looks like you need Windows Server 2008.

Can you run _AD_ListRootDSEAttributes.au3 to check the mode of your domain/forest.


My UDFs and Tutorials:

Spoiler

UDFs:
Active Directory (NEW 2017-04-18 - Version 1.4.8.0) - Download - General Help & Support - Example Scripts - Wiki
OutlookEX (NEW 2017-02-27 - Version 1.3.1.0) - Download - General Help & Support - Example Scripts - Wiki
ExcelChart (2015-04-01 - Version 0.4.0.0) - Download - General Help & Support - Example Scripts
Excel - Example Scripts - Wiki
Word - Wiki
PowerPoint (2015-06-06 - Version 0.0.5.0) - Download - General Help & Support

Tutorials:
ADO - Wiki

 

Share this post


Link to post
Share on other sites

Hi Water,

thx for the very fast answer.

I used the script _AD_ListRootDSEAttributes.au3 and it connects to a 2003R2 bridgehead server. I know that we have also 2008R2 AD Servers so i have to connect to one of these somehow ?

Share this post


Link to post
Share on other sites

Give it a try. You can specify the DC you want to connect to in the _AD_Open function call.

But I'm not sure if the server needs to be Windows 2008 or the domain/forest needs to be operated in 2008 mode.


My UDFs and Tutorials:

Spoiler

UDFs:
Active Directory (NEW 2017-04-18 - Version 1.4.8.0) - Download - General Help & Support - Example Scripts - Wiki
OutlookEX (NEW 2017-02-27 - Version 1.3.1.0) - Download - General Help & Support - Example Scripts - Wiki
ExcelChart (2015-04-01 - Version 0.4.0.0) - Download - General Help & Support - Example Scripts
Excel - Example Scripts - Wiki
Word - Wiki
PowerPoint (2015-06-06 - Version 0.0.5.0) - Download - General Help & Support

Tutorials:
ADO - Wiki

 

Share this post


Link to post
Share on other sites

i am unsure about the correct syntax of this function and tried:

_AD_Open("dc=Test,dc=intra,dc=corp","TESTDC0003")

...getting com errors

I also tried a few other ways of syntax

Share this post


Link to post
Share on other sites

Please have a look at the wiki.

Search or "If you want to connect to a specific Domain Controller in the domain then simply specify the HostServer."


My UDFs and Tutorials:

Spoiler

UDFs:
Active Directory (NEW 2017-04-18 - Version 1.4.8.0) - Download - General Help & Support - Example Scripts - Wiki
OutlookEX (NEW 2017-02-27 - Version 1.3.1.0) - Download - General Help & Support - Example Scripts - Wiki
ExcelChart (2015-04-01 - Version 0.4.0.0) - Download - General Help & Support - Example Scripts
Excel - Example Scripts - Wiki
Word - Wiki
PowerPoint (2015-06-06 - Version 0.0.5.0) - Download - General Help & Support

Tutorials:
ADO - Wiki

 

Share this post


Link to post
Share on other sites

i searched the wiki. Thanks for that hint :thumbsup:

and now used _AD_Open("","","","TESTDC0003.test.intra.corp") which works fine.

The com error occurs when trying to get the attribute from my user:

$oResult = _AD_GetObjectAttribute("MyUser", "msTSProfilePath")

So it looks like the domain/forest needs to be operated in 2008 mode like you mentioned before ?

The only thing i am wondering about is that this little vbscript i use is working fine - it outputs the correct path:

Dim sTSHomePath

Set oUser = GetObject("LDAP://cn=MYUser,ou=USERS,ou=Company,ou=DE,dc=test,dc=intra,dc=corp")

sTSHomePath = LCase(oUser.TerminalServicesHomeDirectory)

msgbox sTSHomePath

Converted to autoit it throws an error (The requested action with this object has failed):

Dim $sTSHomePath

$oUser = ObjGet("LDAP://cn=MYUser,ou=USERS,ou=Company,ou=DE,dc=test,dc=intra,dc=corp")

$sTSHomePath = StringLower($oUser.TerminalServicesHomeDirectory)

msgbox(4096,"Output", $sTSHomePath)

Share this post


Link to post
Share on other sites

The VBScript works because you query a different attribute. This attribute is not stored as blob but as a simple string.


My UDFs and Tutorials:

Spoiler

UDFs:
Active Directory (NEW 2017-04-18 - Version 1.4.8.0) - Download - General Help & Support - Example Scripts - Wiki
OutlookEX (NEW 2017-02-27 - Version 1.3.1.0) - Download - General Help & Support - Example Scripts - Wiki
ExcelChart (2015-04-01 - Version 0.4.0.0) - Download - General Help & Support - Example Scripts
Excel - Example Scripts - Wiki
Word - Wiki
PowerPoint (2015-06-06 - Version 0.0.5.0) - Download - General Help & Support

Tutorials:
ADO - Wiki

 

Share this post


Link to post
Share on other sites

Oh sorry, i pasted the wrong one - but this one works also (and converted to autoit it doesn't):

Dim sTSProfilePath

Set oUser = GetObject("LDAP://cn=MYUser,ou=USERS,ou=Company,ou=DE,dc=test,dc=intra,dc=corp")

sTSProfilePath = LCase(oUser.TerminalServicesProfilePath)

msgbox sTSProfilePath

Any ideas ?

Share this post


Link to post
Share on other sites

Here is a description what happens under the covers.

I have never used the Termin Server properties myself.

Looks like a different interface needs to be used to access those properties.

Maybe the user who solved the problem answers in the next few days?


My UDFs and Tutorials:

Spoiler

UDFs:
Active Directory (NEW 2017-04-18 - Version 1.4.8.0) - Download - General Help & Support - Example Scripts - Wiki
OutlookEX (NEW 2017-02-27 - Version 1.3.1.0) - Download - General Help & Support - Example Scripts - Wiki
ExcelChart (2015-04-01 - Version 0.4.0.0) - Download - General Help & Support - Example Scripts
Excel - Example Scripts - Wiki
Word - Wiki
PowerPoint (2015-06-06 - Version 0.0.5.0) - Download - General Help & Support

Tutorials:
ADO - Wiki

 

Share this post


Link to post
Share on other sites

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!


Register a new account

Sign in

Already have an account? Sign in here.


Sign In Now
Sign in to follow this  
Followers 0