I have a question about the @error logging features in _AD_CreateUser. Hopefully I am just missing something obvious.
In my app I am creating a user if it does not exist then manipulating some attributes.
If the user does exist I would then call another function to remove groups from the user and modify some attributes.
My question is...
If the user already Exists, the _AD_CreateUser option gives $iValue = 0 and @error = 0.
How can @error = 1 for the condition that the user already exists?
I copied a small ship of the code in question along with my full .au3.
I am using AD UDF 126.96.36.199 (Water, thanks for the awesome work on this!!!).
$iValue = _AD_CreateUser ($sOU, $sUser, $sCN)
If $iValue = 1 Then
_FileWriteLog ($Log, "Func UserCheck() - User '" & $sUser & "' successfully created ==> Calling UserAttribsNewUser Function.")
ElseIf @error = 1 Then
_FileWriteLog ($Log, $sUser & " already exists ==> Calling UserAttribsExistingUser Function.")
Extensive library to control and manipulate Microsoft Active Directory.
Threads: Development - General Help & Support - Example Scripts - Wiki
Previous downloads: 30467
Known Bugs: (last changed: 2018-06-01)
Things to come: (last changed: 2018-06-01)
BTW: If you like this UDF please click the "I like this" button. This tells me where to next put my development effort
from this posting of @Jos https://www.autoitscript.com/forum/topic/162005-getting-windows-users-account-type/?do=findComment&comment=1176831
I can smoothly check, if a user is a *DIRECT* group member. Has anybody some code to check also, if a user is a *INDIRECT* member of a cascaded group construct? Maybe with @Melba23 's AD UDF?
The required rights are granted to group "Dept_B" User John is member of group "Dept_A" Group "Dept_A" is member of the group "Dept_B" So in the AD / NTFS FS environment John finally has the rights of both groups But when checking his "membership to group Dept_B" the result is "no member". The approach I can think of would be, to check all Group Members of group "Dept_B" whether they are of type group, then check again if "John" is member of than " 2nd level group"
Func UserInGroup($InGroup,$ThisUser=@LogonDomain & "/" & @UserName) Local $objUser = ObjGet("WinNT://" & $ThisUser ) For $oGroup in $objUser.Groups If $oGroup.Name = $InGroup Then Return 1 EndIf Next Return 0 EndFunc Any suggestions appreciated, regards, Rudi.
ADAT is a tool to simplify common AD administration tasks. Every administration task has its own tab. It is easy to add new functions (tabs) to the tool. Some often used functions are already available: list users, computers, OUs. File ADAT.ini can be customized to hold the AD logon information if necessary.
2018-03-07: If the Script started from SciTE works but the "Process" button in the compiled exe does not do anything then please add the following line at the top of your script:
BTW: If you like this tool please click the "I like this" button. This tells me where to next put my development effort
I'm trying to make a script that could tell me, from a username list file, if the username is active, inactive or not existant in a multi-domain Active Directory....
I found a few scripts giving me hints but I found nothing to help me to accomplish this task...
Do you have any ideas !