Active Directory Scripts

[surveyor]

Sorry... Thats line... 84 for me. I thought we were using the same script? Move $oMyError = ObjEvent("AutoIt.Error", "_ADDoError") ; Install a custom error handler to the top...

It's the same error. I'm using adfunction 3.1.1 or 3.1.2?

; Active Directory Function Library. Include this to allow access to Active Directory Functions

; Author : Jonthan Clelland
; Email : jclelland@statestreet.com
; Version : 3.1.1

;Version History -- Starting from v3.1

; 3.1 -- First released version
; 3.1.1 -- Bugfix to _ADGetObjectsInOU, default $filter value caused errors. Has been changed.
; 3.1.2 -- Corrections made to comments, replaced occurrences of 'Samaccountname' with 'Full Distringuished Name' where this had changed ibn the code.
; 3.1.2 -- Change to '_ADUserCreateMailbox', added '$emaildomain' and removed the hard-coded Email Domain name.

[BrettF]

It's the same error. I'm using adfunction 3.1.1 or 3.1.2?

; Active Directory Function Library. Include this to allow access to Active Directory Functions

; Author : Jonthan Clelland
; Email : jclelland@statestreet.com
; Version : 3.1.1

;Version History -- Starting from v3.1

; 3.1 -- First released version
; 3.1.1 -- Bugfix to _ADGetObjectsInOU, default $filter value caused errors. Has been changed.
; 3.1.2 -- Corrections made to comments, replaced occurrences of 'Samaccountname' with 'Full Distringuished Name' where this had changed ibn the code.
; 3.1.2 -- Change to '_ADUserCreateMailbox', added '$emaildomain' and removed the hard-coded Email Domain name.

It should pop up with a COM error...

[surveyor]

It should pop up with a COM error...

Yes, sorry. There is a popup with COM Error 800050000 and line number 173. Windescription is a cryptic line?!?

[linkit]

Hello again,

could anyone help me ? I use the include adfunctions.au3

I don't know, if I use Versopm 3.1.1 or 3.1.2. Because the history says something different as the version number.

; Active Directory Function Library. Include this to allow access to Active Directory Functions

; Author : Jonthan Clelland
; Email : jclelland@statestreet.com
; Version : 3.1.1

;Version History -- Starting from v3.1

; 3.1 -- First released version
; 3.1.1 -- Bugfix to _ADGetObjectsInOU, default $filter value caused errors. Has been changed.
; 3.1.2 -- Corrections made to comments, replaced occurrences of 'Samaccountname' with 'Full Distringuished Name' where this had changed ibn the code.
; 3.1.2 -- Change to '_ADUserCreateMailbox', added '$emaildomain' and removed the hard-coded Email Domain name.

This one is my script:

#include <adfunctions.au3>

; example IsMemberOf("AD Gruppenname",@username)

If _ADIsMemberOf("team",@username) = 1  then

    MsgBox(0, "AD","User is in the group")
Else
    MsgBox(0, "AD","User is not in the group")
EndIf

I get some errors in a Message Box:

We intercepted a COM Error !

Number is: 80072032

Windescription is: Unknown dn-syntax.

Script Line number is 283.

[surveyor]

I get some errors in a Message Box:

We intercepted a COM Error !

Number is: 80072032

Windescription is: Unknown dn-syntax.

Script Line number is 283.

I get the same errormessages with your samplecode. ?!?

[surveyor]

I've found the solution in another forum:

#include <adfunctions.au3>

If _ADIsMemberOf(_ADSamAccountNametoFQDN("G-OU-GV-OU-Benutzer"), _ADSamAccountNametoFQDN("KalskiJe")) Then
    MsgBox(0, "Test", "Member")
Else
    MsgBox(0, "Test", "No Member")
EndIf

[mrrlg]

I am trying to use adfunctions to extract the members of local groups on member servers that are not domain controllers. I have been able to get the script to work after a fashion. It will create and populate the text file, but the script pauses and fails to create the csv file on the public share. I then have to end the script before I can rerun the script to extract members of another local group (there are several groups on the server that need to be checked on a monthly basis). Any ideas?

expandcollapse popup

; ----------------------------------------------------------------------------
;
; AutoIt Version: 3.1.0
; Author:        Ben Sherrill
;
; Script Function:
;   Use CMD Prompt to run a Net Localgroups Administrators.
;~  The Using STDOUT move that data to a text file.
;   Once the text file is created use  ReadLine to get the specific users that are admins on the computer
;~  Create as CSV file for easier sorting of the computer name
; ----------------------------------------------------------------------------


#include <Constants.au3>
#include <Process.au3>
#include <File.au3>

;~ Check to see if this has already been run on the computer
;If FileExists("C:\No Streaming Media.txt") Then
;   Exit
;EndIf
FileDelete("C:\No Streaming Media.txt");used for testing purposes
; Start up the CMD Prompt
$cmd = Run(@ComSpec & "", @SystemDir, @SW_SHOW, 7)

; Write the desired commands + RETURNs to the child's STDIN
StdinWrite ($cmd, 'net localgroup "No Streaming Media"' & @CRLF & "exit" & @CRLF)

; Loop and retrieve all data from the CMD Window
While 1
   $line = StdoutRead ($cmd)
   If @error = -1 Then ExitLoop
   $file = FileOpen("C:\No Streaming Media.txt", 1)
   FileWrite($file, $line)
   FileClose($file)
   
WEnd
;Exit
; Loop and collect any error messsages from the child program
While 1
   $line = StderrRead ($cmd)
   If @error = -1 Then ExitLoop
   MsgBox(0, "STDERR read:", $line)
WEnd

;Reopen the Txt file located on the users C Drive for reading purposes
$file = FileOpen("C:\No Streaming Media.txt", 0)
$line11 = FileReadLine($file, 11)
$line12 = FileReadLine($file, 12)
$line13 = FileReadLine($file, 13)
$line14 = FileReadLine($file, 14)
$line15 = FileReadLine($file, 15)
$line16 = FileReadLine($file, 16)
$line17 = FileReadLine($file, 17)
;~ MsgBox(0,"test",$line11);testing purposes

; Now that the lines have been read and values have been given, create a CSV file on a Public Server for all IT to look at
$pc_admins = "H:\Users\localusers.csv"
; Open the file on the public server for writing purposes
FileOpen($pc_admins, 1)
; Write the following Data - The Computer name  LINE11(first Admin line)- Line17  more lines could be added. Possible array here? not sure?
FileWrite($pc_admins, @CRLF & @ComputerName & "," & $line11 & "," & $line12 & "," & $line13 & "," & $line14 & "," & $line15 & "," & $line16 & "," & $line17)
; Data has been written, now close file and exit script
FileClose($pc_admins)

Exit

[surveyor]

I am trying to use adfunctions to extract the members of local groups ...

May be it's a problem with the permissions (usercredentials)? Under which useraccount are the script running? Does this user have writeaccess to the share AND the filesystem (NTFS?)?

Have you wait for a longer time to see if there is a timeout and an errormessage?

[mrrlg]

In the example I printed above the H:\ drive share is the home directory of the logged on user and I am able to write to folders within it. As to the time left running in the background I gave up after 15 minutesd.

[mastrboy]

here is a new function that can be added, it checks if a computer account exists in the active directory (_ADObjectExist does not work for this)

Func _ADComputerExists($object)
    $strQuery = "<LDAP://" & $strHostServer & "/" & $strDNSDomain & ">;(&(objectcategory=computer)(objectclass=computer)(cn="&$object&"));cn;subtree"
    $objRecordSet = $ObjConnection.Execute ($strQuery) ; Retrieve the FQDN, if it exists
    
    If $objRecordSet.RecordCount = 1 Then
        $objRecordSet = 0
        Return 1
    Else
        $objRecordSet = 0
        Return 0
    EndIf
EndFunc  ;==>_ADObjectExists

[Flitzer]

Hi @All

i have a Problem with _ADDeleteObject

Can I get the UserOU automatically like this

Func _ADDeleteObject($object, $type)

If StringLeft($object, 3) <> "CN=" Then

$object = "CN=" & StringReplace($object, ",", "\,")

EndIf

$TESTTESTTEST = ObjGet (<<OU>>) <- get UserOU

$ObjOU = ObjGet("LDAP://" & $strHostServer & "/" $TESTTESTTEST)

$objOU.Delete ($type, $object)

$ObjOU = 0

Return 1

EndFunc ;==>_ADDeleteObject

[Uncle Argyle]

Great functions, thanks!

I have a questions about the _ADGetObjectsInOU function. When I run my test script, I get 3 objects returned when there are only 2 objects (users) in the OU.

#include <GUIConstants.au3>
#include <ADFunctions.au3>

dim $accountants

_ADGetObjectsInOU($accountants, "ou=accounting,dc=sbs,dc=local")
    
MsgBox(0,"TEST","There are " & $accountants[0] & " accountants!")

_ArrayDisplay($accountants)

the output is the following:

There are 3 accountants!

Row Col0

-----------------

[0] 3

[1]

[2] user#1

[3] user#2

...any ideas as to why I am getting an empty record in [1]? Using the latest adfunctions.au3 posted as of 4/09/08.

Thanks.

Edited April 10, 2008 by Uncle Argyle

[Uncle Argyle]

OK. I fixed my problem by changing the following line from this

_ADGetObjectsInOU($tellers, "ou=accounting,dc=sbs,dc=local")

to this

_ADGetObjectsInOU($tellers, "ou=TELLERS,dc=ssb,dc=local", "(objectClass=user)")

Basically filtering out everything except user objects. Still would like to know what else it was returning ;-)

Mike.

[RulleStenen]

Hello out there

Im looking for a way to remove an "Acount is locked out"-status for a user.

Is this possible using adfunctions.au3.

Thanx in advance

[BaldDragon]

Has anyone worked up a function for deleting computers or moving computers to a different OU? I tried modifying the _ADDeleteObject function, but I couldn't get it to work correctly.

[pbr]

Hi,

My first Post here. I'm trying to build a script that will create new users in our AD, includiung the Creation of Home-Directory etc...

The only thing (now... I'm just testing single functions on my test-AD) is the Terminalserver Attributes Problem:

http://www.microsoft.com/technet/scriptcen...1.mspx?mfr=true

When I try to use TerminalServicesProfilePath a DCOM failure 000000A9 on Line 651 will pop up.

_ADGetObjectsInOU($accountants,"dc=test,dc=local","(name=narf*)","","TerminalServicesProfilePath")

Is there a way to manipulate the TerminalServer Attributes with this script?

Greetings from Germany

Peter

[NeilA]

I have a similar problem with ADFunctions.au3. Trying to run a test script for the _ADGetObjectsInOU function I receive an error:

"We intercepted a COM Error!. Number is:000000A9. Windescription is: Variable must be of type 'Object'. Script Line Number is 651"

Can anyone tell me why this may be happening. It looks as though the system does not like the line:

"$recordcount = $objRecordSet.RecordCount" in the _ADGetObjectsInOU function.

Neil.

[DaveR]

I have a similar problem with ADFunctions.au3. Trying to run a test script for the _ADGetObjectsInOU function I receive an error:

"We intercepted a COM Error!. Number is:000000A9. Windescription is: Variable must be of type 'Object'. Script Line Number is 651"

Can anyone tell me why this may be happening. It looks as though the system does not like the line:

"$recordcount = $objRecordSet.RecordCount" in the _ADGetObjectsInOU function.

Neil.

You are not alone. I am currently having the exact same error. Not sure what might be causing the issue but I'm hoping that someone might have soemthing new to add.

Thanks.

[DaveR]

You are not alone. I am currently having the exact same error. Not sure what might be causing the issue but I'm hoping that someone might have soemthing new to add.

Thanks.

I figured out my issue with this portion of the script. Appears I was missing part of my ou path. Also, I was unable to scan directly from the DC, I seemed to have to specify an ou.

[kcpoole]

Re _ADIsMemberOf

How can i make a version of this Function that will check Nested groups?

The exact same funcionality but for nested groups would be relly great if anyone can help me

TIA

Ken