Jump to content
jp10558

Find out computer domain from local account

Recommended Posts

So I'm writing a post install script for my Win7 boxes, and I log in as a local user the first time to do some things that only seem to work from within a user account. I want to check that the domain join succeeded or try it again, but the obvious @LogonDomain or @LogonDNSDomain only show if the account currently logged in is part of the domain - which it isn't. How can I check the domain name from a local user account? If I right click on Computer and go to Properties, it says "Domain" and shows the domain name "example.com"... I want to check "example.com" against a value, but I'm not sure how to pull that value?

Share this post


Link to post
Share on other sites

Does this script - generated by Scriptomatic - give you the needed information?

; Generated by AutoIt Scriptomatic

$wbemFlagReturnImmediately = 0x10
$wbemFlagForwardOnly = 0x20
$colItems = ""
$strComputer = "localhost"

$Output=""
$Output = $Output & "Computer: " & $strComputer  & @CRLF
$Output = $Output & "==========================================" & @CRLF
$objWMIService = ObjGet("winmgmts:\\" & $strComputer & "\")
$colItems = $objWMIService.ExecQuery("SELECT * FROM Win32_NTDomain", "WQL", _
                                          $wbemFlagReturnImmediately + $wbemFlagForwardOnly)

If IsObj($colItems) then
   For $objItem In $colItems
      $Output = $Output & "Caption: " & $objItem.Caption & @CRLF
      $Output = $Output & "ClientSiteName: " & $objItem.ClientSiteName & @CRLF
      $Output = $Output & "CreationClassName: " & $objItem.CreationClassName & @CRLF
      $Output = $Output & "DcSiteName: " & $objItem.DcSiteName & @CRLF
      $Output = $Output & "Description: " & $objItem.Description & @CRLF
      $Output = $Output & "DnsForestName: " & $objItem.DnsForestName & @CRLF
      $Output = $Output & "DomainControllerAddress: " & $objItem.DomainControllerAddress & @CRLF
      $Output = $Output & "DomainControllerAddressType: " & $objItem.DomainControllerAddressType & @CRLF
      $Output = $Output & "DomainControllerName: " & $objItem.DomainControllerName & @CRLF
      $Output = $Output & "DomainGuid: " & $objItem.DomainGuid & @CRLF
      $Output = $Output & "DomainName: " & $objItem.DomainName & @CRLF
      $Output = $Output & "DSDirectoryServiceFlag: " & $objItem.DSDirectoryServiceFlag & @CRLF
      $Output = $Output & "DSDnsControllerFlag: " & $objItem.DSDnsControllerFlag & @CRLF
      $Output = $Output & "DSDnsDomainFlag: " & $objItem.DSDnsDomainFlag & @CRLF
      $Output = $Output & "DSDnsForestFlag: " & $objItem.DSDnsForestFlag & @CRLF
      $Output = $Output & "DSGlobalCatalogFlag: " & $objItem.DSGlobalCatalogFlag & @CRLF
      $Output = $Output & "DSKerberosDistributionCenterFlag: " & $objItem.DSKerberosDistributionCenterFlag & @CRLF
      $Output = $Output & "DSPrimaryDomainControllerFlag: " & $objItem.DSPrimaryDomainControllerFlag & @CRLF
      $Output = $Output & "DSTimeServiceFlag: " & $objItem.DSTimeServiceFlag & @CRLF
      $Output = $Output & "DSWritableFlag: " & $objItem.DSWritableFlag & @CRLF
      $Output = $Output & "InstallDate: " & WMIDateStringToDate($objItem.InstallDate) & @CRLF
      $Output = $Output & "Name: " & $objItem.Name & @CRLF
      $Output = $Output & "NameFormat: " & $objItem.NameFormat & @CRLF
      $Output = $Output & "PrimaryOwnerContact: " & $objItem.PrimaryOwnerContact & @CRLF
      $Output = $Output & "PrimaryOwnerName: " & $objItem.PrimaryOwnerName & @CRLF
      $strRoles = $objItem.Roles(0)
      $Output = $Output & "Roles: " & $strRoles & @CRLF
      $Output = $Output & "Status: " & $objItem.Status & @CRLF
      if Msgbox(1,"WMI Output",$Output) = 2 then ExitLoop
      $Output=""
   Next
Else
   Msgbox(0,"WMI Output","No WMI Objects Found for class: " & "Win32_NTDomain" )
Endif

Func WMIDateStringToDate($dtmDate)

    Return (StringMid($dtmDate, 5, 2) & "/" & _
    StringMid($dtmDate, 7, 2) & "/" & StringLeft($dtmDate, 4) _
    & " " & StringMid($dtmDate, 9, 2) & ":" & StringMid($dtmDate, 11, 2) & ":" & StringMid($dtmDate,13, 2))
EndFunc

 


My UDFs and Tutorials:

Spoiler

UDFs:
Active Directory (2018-12-03 - Version 1.4.11.0) - Download - General Help & Support - Example Scripts - Wiki
OutlookEX (NEW 2019-03-02 - Version 1.3.5.0) - Download - General Help & Support - Example Scripts - Wiki
Outlook Tools (2019-01-22 - Version 0.1.0.0) - Download - General Help & Support
ExcelChart (2017-07-21 - Version 0.4.0.1) - Download - General Help & Support - Example Scripts
PowerPoint (2017-06-06 - Version 0.0.5.0) - Download - General Help & Support
Excel - Example Scripts - Wiki
Word - Wiki
 
Tutorials:

ADO - Wiki

 

Share this post


Link to post
Share on other sites

I guess I don't understand why @LogonDomain doesn't work for you? If you do something like this, it should give you the answer you're after:

MsgBox(0, "", (@LogonDomain = @ComputerName) ? "Domain Join Failed!" : "Domain Join Successful!")

 

Edited by JLogan3o13

Share this post


Link to post
Share on other sites

As long as you do not need to know the name of the domain your solution should work as well.


My UDFs and Tutorials:

Spoiler

UDFs:
Active Directory (2018-12-03 - Version 1.4.11.0) - Download - General Help & Support - Example Scripts - Wiki
OutlookEX (NEW 2019-03-02 - Version 1.3.5.0) - Download - General Help & Support - Example Scripts - Wiki
Outlook Tools (2019-01-22 - Version 0.1.0.0) - Download - General Help & Support
ExcelChart (2017-07-21 - Version 0.4.0.1) - Download - General Help & Support - Example Scripts
PowerPoint (2017-06-06 - Version 0.0.5.0) - Download - General Help & Support
Excel - Example Scripts - Wiki
Word - Wiki
 
Tutorials:

ADO - Wiki

 

Share this post


Link to post
Share on other sites

Also, you can use the WinAPI NetGetJoinInformation function :

Const Enum $NetSetupUnknownStatus = 0, $NetSetupUnjoined, $NetSetupWorkgroupName, $NetSetupDomainName

Local $sJoinType

Local $aNetGetJoinInformation = _WinAPI_NetGetJoinInformation()
Switch $aNetGetJoinInformation[0]
    Case $NetSetupUnknownStatus
        $sJoinType = "The status is unknown."
    Case $NetSetupUnjoined
        $sJoinType = "The computer is not joined."
    Case $NetSetupWorkgroupName
        $sJoinType = "The computer is joined to a workgroup : " & $aNetGetJoinInformation[1]
    Case $NetSetupDomainName
        $sJoinType = "The computer is joined to a domain : " & $aNetGetJoinInformation[1]
EndSwitch

MsgBox(0, "NetGetJoinInformation", $sJoinType)


; #FUNCTION# ====================================================================================================================
; Name ..........: _WinAPI_NetGetJoinInformation
; Description ...: Retrieves join status information for the specified computer.
; Syntax ........: _WinAPI_NetGetJoinInformation([$sComputerName = ""])
; Parameters ....: $sComputerName       - [optional] Computer name (default is the local computer)
; Return values .: Success : an array :
;                    - $array[0] = Join status of the specified compute (see remarks)
;                    - $array[1] = Name of the domain or workgroup to which the computer is joined
; Remarks .......: $array[0] can contain the following values :
;                   - $NetSetupUnknownStatus : The status is unknown.
;                   - $NetSetupUnjoined      : The computer is not joined.
;                   - $NetSetupWorkgroupName : The computer is joined to a workgroup.
;                   - $NetSetupDomainName    : The computer is joined to a domain.
; ===============================================================================================================================
Func _WinAPI_NetGetJoinInformation($sComputerName = "")
    Local $aRet = DllCall("Netapi32.dll", "int", "NetGetJoinInformation", "wstr", $sComputerName, "ptr*", "", "int*", 0)
    If @error Then Return SetError(@error, 0, 0)

    Local $pNameBuffer = $aRet[2]
    Local $tName = DllStructCreate("wchar[" & _BufferSize($pNameBuffer) &"]", $pNameBuffer)
    Local $sName = DllStructGetData($tName, 1)

    DllCall("netapi32.dll", "int", "NetApiBufferFree", "ptr", $pNameBuffer)

    Local $aReturn[2] = [ Int($aRet[3]), $sName ]
    Return $aReturn
EndFunc



Func _BufferSize($pBuffer)
    Local $aResult = DllCall("Netapi32.dll", "int", "NetApiBufferSize", "ptr", $pBuffer, "dword*", 0)

    If @error OR  $aResult[0] <> 0 Then Return SetError(@error, @extended, 0)
    Return $aResult[2]
EndFunc

 

Edited by jguinch

Share this post


Link to post
Share on other sites

Thanks for that. Might come in handy in the future :)


My UDFs and Tutorials:

Spoiler

UDFs:
Active Directory (2018-12-03 - Version 1.4.11.0) - Download - General Help & Support - Example Scripts - Wiki
OutlookEX (NEW 2019-03-02 - Version 1.3.5.0) - Download - General Help & Support - Example Scripts - Wiki
Outlook Tools (2019-01-22 - Version 0.1.0.0) - Download - General Help & Support
ExcelChart (2017-07-21 - Version 0.4.0.1) - Download - General Help & Support - Example Scripts
PowerPoint (2017-06-06 - Version 0.0.5.0) - Download - General Help & Support
Excel - Example Scripts - Wiki
Word - Wiki
 
Tutorials:

ADO - Wiki

 

Share this post


Link to post
Share on other sites

As long as you do not need to know the name of the domain your solution should work as well.

Agreed, I was taking it as a yes/no requirement only - did the domain join work or not. Perhaps the bigger question, however, is how the OP is doing his domain join. If he is doing that as part of the script, he should be checking the error at the point of calling the function rather than after a reboot.

Share this post


Link to post
Share on other sites

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!

Register a new account

Sign in

Already have an account? Sign in here.

Sign In Now

  • Similar Content

    • By rudi
      Hello,
       
      <edit>
      In this posting below you will find a script to get an Active Directory User's Group Memberships including nested Group Memberships:
       
      </edit>
      quite a while ago I started this thread: https://www.autoitscript.com/forum/topic/193984-ad-member-of-group-in-group/
       
      #include <AD.au3> _AD_Open() $user=_AD_SamAccountNameToFQDN("ASP") $group=_AD_SamAccountNameToFQDN("daten-Bestellung-QS_lesen") $result=_AD_IsMemberOf($group,$user,false,True) ; $Group is the 1st, $User the 2nd param ConsoleWrite('@@ Debug(' & @ScriptLineNumber & ') : $result = ' & $result & @CRLF & '>Error code: ' & @error & @CRLF) ;### Debug Console _AD_Close() this works fine, thanks for the help in the other thread.
      Howto to get the "chain" of groups for nested group memberships?

      In AD.AU3 I found the function _AD_RecursiveGetMemberOf(), which might be an approach, (get all the group content then sort out what's needed), just wondering if there is another function that I've overlooked, that directly would give me the "nested membership chain" *ONLY*?
       
      Regards, Rudi.
    • By tweakster2010
      Hello All,
      It has been a long time since I posted, role changes etc involving work and I finally am back to modifying a program I write in AutoIt that has AD integration. I am at a point where we are modifying our structure where I am validating users access via what Distribution List they belong to in our AD OU's. What I have run into is the OU is a sub OU of a sub OU now. Meaning: CN=team, OU=DL, OU=Groups, DC=business.com(working), is now CN=Team, OU=SubDL, OU=DL, OU=Groups, DC=business.com (Not working).  Just curious if the AD functionality should be able to read it or maybe I am missing something?
       
      ElseIf _AD_IsMemberOf("CN=Team,OU=Distribution Lists,OU=Groups,DC=business,DC=com", $sFQDN_User) Then #works for primary Distro ElseIf _AD_IsMemberOf("CN=Team,OU=SubDL,OU=Distribution Lists,OU=Groups,DC=business,DC=com", $sFQDN_User) Then #fails for subOU of DL How I am accessing AD to get the information:
      _AD_Open() Global $aUser = _AD_GetObjectsInOU("", "(&(objectCategory=person)(objectClass=user)(samaccountname=" & @UserName & "))", 2, "ADsPath,Displayname,distinguishedName") Global $sDisplayName0 = $aUser[1][1] ; Displayname ;MsgBox(0,"", $sDisplayName0) If StringLeft($sDisplayName0, 2) = "9-" Then $Displaynamestring = StringTrimLeft($sDisplayName0, 2) $Displaynamestring1 = StringTrimRight($Displaynamestring, 6) The error code generated is a 1 with a 0 extended. I assume it is because it cannot find the SubOU.
       
      Thanks for any assistance.
    • By antmar904
      I'm trying to read all cells used in column "C" in excel to an array but not sure how.
       
      Local $NameArray = _Excel_RangeRead($oWorkbook, $oWorkbook.Activesheet, $oWorkbook.Range["C"].End)  
    • By Blois
      Hey Guys,
      Good?
      I'm ned help to consult in other domain. My three domain contains any domains.
      How do I get this query done?
       
      Tks for the Help!
       
    • By rudi
      Hello,
       
      from this posting of @Jos https://www.autoitscript.com/forum/topic/162005-getting-windows-users-account-type/?do=findComment&comment=1176831
      I can smoothly check, if a user is a *DIRECT* group member. Has anybody some code to check also, if a user is a *INDIRECT* member of a cascaded group construct?  Maybe with @Melba23 's AD UDF?
       
      The required rights are granted to group "Dept_B" User John is member of group "Dept_A" Group "Dept_A" is member of the group "Dept_B" So in the AD / NTFS FS environment John finally has the rights of both groups But when checking his "membership to group Dept_B" the result is "no member". The approach I can think of would be, to check all Group Members of group "Dept_B" whether they are of type group, then check again if "John" is member of than " 2nd level group"
      Func UserInGroup($InGroup,$ThisUser=@LogonDomain & "/" & @UserName) Local $objUser = ObjGet("WinNT://" & $ThisUser ) For $oGroup in $objUser.Groups If $oGroup.Name = $InGroup Then Return 1 EndIf Next Return 0 EndFunc Any suggestions appreciated, regards, Rudi.
×
×
  • Create New...