Jump to content

AD UDF - Check Multiple Domains


Recommended Posts

Hi Guys,

Im having a bit of trouble with the AD UDF - I know its me and not the UDF but i thought i had this working well until i introduced a domain check before my function. It appears at that point my domain check is ignoring my commands and always going with the domain of the currently logged on user ut i dont know why. Here is my code:

#include <File.au3>
#include <MsgBoxConstants.au3>
#include <AD.au3>

Global $sFQDN_User, $Groups, $sUserIdParam, $sPasswordParam, $sDNSDomainParam, $sHostServerParam, $sConfigurationParam

FileWrite(@ScriptDir & "\TestGroups.txt", "SoftwareInstaller-All" & @CRLF)
FileWrite(@ScriptDir & "\TestGroups.txt", "SoftwareInstaller-ProfServ" & @CRLF)
FileWrite(@ScriptDir & "\TestGroups.txt", "SoftwareInstaller-Sales" & @CRLF)

DetectAD()

Func DetectAD()
    If @LogonDNSDomain = "Domain.one.two" Then
        ADCheckOT()
    ElseIf @LogonDNSDomain = "Domain.three" Then
        ADCheckT()
    EndIf
EndFunc

; Syntax.........: _AD_Open([$sUserIdParam = "", $sPasswordParam = ""[, $sDNSDomainParam = "", $sHostServerParam = "", $sConfigurationParam = ""[, $iSecurity = 0]]])

Func ADCheckOT()
            _AD_Open($sUserIdParam = "", $sPasswordParam = "", $sDNSDomainParam = "DC=domain,DC=one,DC=two", $sHostServerParam = "", $sConfigurationParam = "") ;Then

            ; Get the Fully Qualified Domain Name (FQDN) for the current user
            $sFQDN_User = _AD_SamAccountNameToFQDN()

            _FileReadToArray(@ScriptDir & "\TestGroups.txt", $Groups)

            For $i = 1 To $Groups[0]
                $sFQDN_Group = $Groups[$i]

            ; Check the group membership of the specified user for the specified group
            $iResult = _AD_IsMemberOf($sFQDN_Group, $sFQDN_User)
            Select
                Case $iResult = 1
                        If $sFQDN_Group = "SoftwareInstaller-All" Then
                    MsgBox(0,"","SoftwareInstaller-All")
                        ElseIf $sFQDN_Group = "SoftwareInstaller-ProfServ" Then
                    MsgBox(0,"","SoftwareInstaller-ProfServ")
                        ElseIf $sFQDN_Group = "SoftwareInstaller-Sales" Then
                    MsgBox(0,"","SoftwareInstaller-Sales")
                        EndIf
            EndSelect
            Next
            _AD_Close()
EndFunc


Func ADCheckT()
            _AD_Open($sUserIdParam = "", $sPasswordParam = "", $sDNSDomainParam = "DC=domain,DC=three", $sHostServerParam = "", $sConfigurationParam = "") ;Then

            ; Get the Fully Qualified Domain Name (FQDN) for the current user
            $sFQDN_User = _AD_SamAccountNameToFQDN()

            _FileReadToArray(@ScriptDir & "\TestGroups.txt", $Groups)

            For $i = 1 To $Groups[0]
                $sFQDN_Group = $Groups[$i]

            ; Check the group membership of the specified user for the specified group
            $iResult = _AD_IsMemberOf($sFQDN_Group, $sFQDN_User)
            Select
                Case $iResult = 1
                        If $sFQDN_Group = "SoftwareInstaller-All" Then
                    MsgBox(0,"","SoftwareInstaller-All")
                        ElseIf $sFQDN_Group = "SoftwareInstaller-ProfServ" Then
                    MsgBox(0,"","SoftwareInstaller-ProfServ")
                        ElseIf $sFQDN_Group = "SoftwareInstaller-Sales" Then
                    MsgBox(0,"","SoftwareInstaller-Sales")
                        EndIf
            EndSelect
            Next
            _AD_Close()
EndFunc

FileDelete(@ScriptDir & "\TestGroups.txt")

Im pretty sure i dont understand the syntax, I dont want to specify a username or password i just want to specify which domain to check as i should be able to query groups this without having to authenticate. 

The idea is that the script will check which domain they are on first, then connect to the correct domain to check group membership, if they are in 1 of the groups then another function will run - replaced with MsgBoxs for the reproducer.

Can someone point me in the right direction?

Thanks

Link to comment
Share on other sites

The syntax for _AD_Open is not being used correctly. Should be:

_AD_Open("", "", "DC=domain,DC=one,DC=two", "", "")

 

My UDFs and Tutorials:

Spoiler

UDFs:
Active Directory (NEW 2022-02-19 - Version 1.6.1.0) - Download - General Help & Support - Example Scripts - Wiki
ExcelChart (2017-07-21 - Version 0.4.0.1) - Download - General Help & Support - Example Scripts
OutlookEX (2021-11-16 - Version 1.7.0.0) - Download - General Help & Support - Example Scripts - Wiki
OutlookEX_GUI (2021-04-13 - Version 1.4.0.0) - Download
Outlook Tools (2019-07-22 - Version 0.6.0.0) - Download - General Help & Support - Wiki
PowerPoint (2021-08-31 - Version 1.5.0.0) - Download - General Help & Support - Example Scripts - Wiki
Task Scheduler (NEW 2022-07-28 - Version 1.6.0.1) - Download - General Help & Support - Wiki

Standard UDFs:
Excel - Example Scripts - Wiki
Word - Wiki

Tutorials:
ADO - Wiki
WebDriver - Wiki

 

Link to comment
Share on other sites

Hi Water,

I was hoping you would reply, pretty sure i found the AD UDF on one of your posts.

I changed the syntax and now get this error on running my script :

"C:\Program Files (x86)\AutoIt3\Include\AD.au3" (464) : ==> Variable must be of type "Object".:
$__oAD_Command.CommandText = "<LDAP://" & $sAD_HostServer & "/" & $sAD_DNSDomain & ">;(sAMAccountName=" & $sSamAccountName & ");distinguishedName;subtree"
$__oAD_Command^ ERROR

Pretty sure i got that before which is why i started experimenting by changing bits but havent been able to figure it out.

Any ideas?

Thanks

Link to comment
Share on other sites

When the third parameter is being set then parameter 4 and 5 need to be set as well.

My UDFs and Tutorials:

Spoiler

UDFs:
Active Directory (NEW 2022-02-19 - Version 1.6.1.0) - Download - General Help & Support - Example Scripts - Wiki
ExcelChart (2017-07-21 - Version 0.4.0.1) - Download - General Help & Support - Example Scripts
OutlookEX (2021-11-16 - Version 1.7.0.0) - Download - General Help & Support - Example Scripts - Wiki
OutlookEX_GUI (2021-04-13 - Version 1.4.0.0) - Download
Outlook Tools (2019-07-22 - Version 0.6.0.0) - Download - General Help & Support - Wiki
PowerPoint (2021-08-31 - Version 1.5.0.0) - Download - General Help & Support - Example Scripts - Wiki
Task Scheduler (NEW 2022-07-28 - Version 1.6.0.1) - Download - General Help & Support - Wiki

Standard UDFs:
Excel - Example Scripts - Wiki
Word - Wiki

Tutorials:
ADO - Wiki
WebDriver - Wiki

 

Link to comment
Share on other sites

The AD article in the wiki (link can be found in my (hidden) signature) explains how to connect to other domains.

My UDFs and Tutorials:

Spoiler

UDFs:
Active Directory (NEW 2022-02-19 - Version 1.6.1.0) - Download - General Help & Support - Example Scripts - Wiki
ExcelChart (2017-07-21 - Version 0.4.0.1) - Download - General Help & Support - Example Scripts
OutlookEX (2021-11-16 - Version 1.7.0.0) - Download - General Help & Support - Example Scripts - Wiki
OutlookEX_GUI (2021-04-13 - Version 1.4.0.0) - Download
Outlook Tools (2019-07-22 - Version 0.6.0.0) - Download - General Help & Support - Wiki
PowerPoint (2021-08-31 - Version 1.5.0.0) - Download - General Help & Support - Example Scripts - Wiki
Task Scheduler (NEW 2022-07-28 - Version 1.6.0.1) - Download - General Help & Support - Wiki

Standard UDFs:
Excel - Example Scripts - Wiki
Word - Wiki

Tutorials:
ADO - Wiki
WebDriver - Wiki

 

Link to comment
Share on other sites

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!

Register a new account

Sign in

Already have an account? Sign in here.

Sign In Now
 Share

×
×
  • Create New...