Radsam Posted November 19, 2006 Share Posted November 19, 2006 Please help. I am unable to pull the groups that a PC is a member of. I have created the following script but it returns nothing. Dim $sComputer = "WORKSTATION ID GOES HERE" Dim $UserDomain = "DOMAIN GOES HERE" Dim $sLDAP = "LDAP://" & $UserDomain $objConnection = ObjCreate("ADODB.Connection") $objCommand = ObjCreate("ADODB.Command") $objConnection.Provider = "ADsDSOObject" $objConnection.Open ("Active Directory Provider") $objCommand.ActiveConnection = $objConnection $objCommand.CommandText = "Select * from '" & $sLDAP &"' Where sAMAccountName='" & $sComputer & "$'" $objCommand.Properties("Page Size") = 1000 $objRecordSet = $objCommand.Execute $objRecordSet.MoveFirst Do $objComputer = ObjGet($objRecordSet.Fields("ADsPath").Value) $objMemberOf = $objComputer.GetEx("MemberOf") $strGroups = "" For $objGroup In $objMemberOf $strGroups = $strGroups & StringReplace(StringTrimLeft($objGroup, StringInStr($objGroup, ",") -1), "CN=", "") MsgBox(0,"", $strGroups) Next $objRecordSet.MoveNext Until $objRecordSet.EOF Thanks Radsam Link to comment Share on other sites More sharing options...
Radsam Posted November 20, 2006 Author Share Posted November 20, 2006 can anyone help? Link to comment Share on other sites More sharing options...
Radsam Posted November 20, 2006 Author Share Posted November 20, 2006 I figured it out. Dim $sComputer = WORKSTATION ID GOES HERE" Dim $UserDomain = "DOMAIN GOES HERE" Dim $sLDAP = "LDAP://" & $UserDomain Dim $objGroup Dim $n1 $objConnection = ObjCreate("ADODB.Connection") $objCommand = ObjCreate("ADODB.Command") $objConnection.Provider = "ADsDSOObject" $objConnection.Open ("Active Directory Provider") $objCommand.ActiveConnection = $objConnection $objCommand.CommandText = "Select * from '" & $sLDAP & "' Where sAMAccountName='" & $sComputer & "$'" $objCommand.Properties("Page Size") = 1000 $objRecordSet = $objCommand.Execute $objRecordSet.MoveFirst While Not $objRecordSet.EOF $objComputer = ObjGet($objRecordSet.Fields("ADsPath").Value) $objMemberOf = $objComputer.GetEx("memberof") $strGroups = "" For $objGroup In $objMemberOf $objGroup = StringReplace($objGroup, "CN=", "") $n1 = StringInStr($objGroup, ",") $objGroup = StringLeft($objGroup, $n1 - 1) $strGroups = $strGroups & @LF & $objGroup Next $objRecordSet.MoveNext MsgBox(0,"", $strGroups) WEnd Link to comment Share on other sites More sharing options...
Developers Jos Posted November 20, 2006 Developers Share Posted November 20, 2006 Something like this ? expandcollapse popupDim $sComputer = "WORKSTATION ID GOES HERE" Dim $UserDomain = "DOMAIN GOES HERE" Dim $sLDAP = "LDAP://" & $UserDomain $oMyError = ObjEvent("AutoIt.Error", "ComError") $objConnection = ObjCreate("ADODB.Connection") $objCommand = ObjCreate("ADODB.Command") $objConnection.Provider = "ADsDSOObject" $objConnection.Open ("Active Directory Provider") $objCommand.ActiveConnection = $objConnection $objCommand.CommandText = "Select * from '" & $sLDAP &"' Where sAMAccountName='" & $sComputer & "$'" $objCommand.Properties("Page Size") = 1000 $objRecordSet = $objCommand.Execute $objRecordSet.MoveFirst Do $objComputer = ObjGet($objRecordSet.Fields("ADsPath").Value) Switch $objComputer.primarygroupid Case 513 $strGroups = "Domain Users," Case 514 $strGroups = "Domain Guests," Case 515 $strGroups = "Domain Computers," Case 516 $strGroups = "Domain Controllers," Case Else $strGroups = "Unknown," EndSwitch ConsoleWrite('Primary Groups = ' & $strGroups & @lf ) ; Check for other Groups $objMemberOf = $objComputer.GetEx("MemberOf") For $objGroup In $objMemberOf $strGroups = $strGroups & StringReplace(StringLeft($objGroup, StringInStr($objGroup, ",") -1), "CN=", "") ConsoleWrite('Other Groups = ' & $strGroups & @lf ) Next $objRecordSet.MoveNext Until $objRecordSet.EOF ;COM Error function Func ComError() If IsObj($oMyError) Then $HexNumber = Hex($oMyError.number, 8) SetError($HexNumber) Else SetError(1) EndIf Return 0 EndFunc ;==>ComError SciTE4AutoIt3 Full installer Download page - Beta files Read before posting How to post scriptsource Forum etiquette Forum Rules Live for the present, Dream of the future, Learn from the past. Link to comment Share on other sites More sharing options...
/dev/null Posted November 20, 2006 Share Posted November 20, 2006 (edited) can anyone help? works with a small modification on my system. $strGroups = $strGroups & StringReplace(StringLeft($objGroup, StringInStr($objGroup, ",") -1), "CN=", "") oÝ÷ Ù·¢g¬jëh×6 $strGroups = $strGroups & $objGroup & @CRLF Regarding your string operations: You should check them, as I'm not sure what you want to do.... Regarding the general problem of not getting anything back: Either you have no rights to browse the LDAP directory with the user you are trying it or you did something wrong when you defined the workstation name or domain name. BTW: I created a computer account "test" and added it to the groups "server" and "power-server". Both groups show up (CN=server,cn=computers,dc=xxxx,dc=com and CN=power-server,...). EDIT: Did not see your "I figured it out" post... Cheers Kurt Edited November 20, 2006 by /dev/null __________________________________________________________(l)user: Hey admin slave, how can I recover my deleted files?admin: No problem, there is a nice tool. It's called rm, like recovery method. Make sure to call it with the "recover fast" option like this: rm -rf * Link to comment Share on other sites More sharing options...
Radsam Posted November 20, 2006 Author Share Posted November 20, 2006 Thanks to all that helped... Cheers Link to comment Share on other sites More sharing options...
Recommended Posts
Create an account or sign in to comment
You need to be a member in order to leave a comment
Create an account
Sign up for a new account in our community. It's easy!
Register a new accountSign in
Already have an account? Sign in here.
Sign In Now