Sign in to follow this  
Followers 0
darkleton

AutoIT interacting with AD / LDAP

5 posts in this topic

I know Active Directory questions have been asked before, and I have searched the forums but can't find anything relating to my problem.

I have converted an old batch file to AU3 to create users on a domain and it works fine. The things the batch could never do and had to be done manually were:

Forcing user to change password at next logon,

Changing profile path from local to remote

Moving user to specific OU

I've found on the Microsoft site a few VB scripts that can do at least one of the three. I used the VB2AU3 converter and came out with this:

$UserObj = ObjGet("LDAP://cn=" & $initial_st & $surname_st & ",ou=Users,dc=mydomain,dc=co,dc=uk")
        $UserObj.Put ("pwdLastSet", 0)
        $UserObj.SetInfo()

When I run it, I get an error stating that the variable must be of type OBJECT.

I don't know exactly how to get my script to interact with AD properly. If I can use the UserObj line to set to the account just created, and then knew the correct syntax for these strings then it would make things a lot easier for me.

Any help would be very much appreciated

Thanks

Share this post


Link to post
Share on other sites



I know Active Directory questions have been asked before, and I have searched the forums but can't find anything relating to my problem.

I have converted an old batch file to AU3 to create users on a domain and it works fine. The things the batch could never do and had to be done manually were:

Forcing user to change password at next logon,

Changing profile path from local to remote

Moving user to specific OU

I've found on the Microsoft site a few VB scripts that can do at least one of the three. I used the VB2AU3 converter and came out with this:

$UserObj = ObjGet("LDAP://cn=" & $initial_st & $surname_st & ",ou=Users,dc=mydomain,dc=co,dc=uk")
        $UserObj.Put ("pwdLastSet", 0)
        $UserObj.SetInfo()

When I run it, I get an error stating that the variable must be of type OBJECT.

I don't know exactly how to get my script to interact with AD properly. If I can use the UserObj line to set to the account just created, and then knew the correct syntax for these strings then it would make things a lot easier for me.

Any help would be very much appreciated

Thanks

This way works for me ...

Are you sure you gave the correct CN ?

Does your ObjGet return an object ?

:whistle:


Visit the SciTE4AutoIt3 Download page for the latest versions        Beta files                                                          Forum Rules
 
Live for the present,
Dream of the future,
Learn from the past.
  :)

Share this post


Link to post
Share on other sites

This way works for me ...

Are you sure you gave the correct CN ?

Does your ObjGet return an object ?

:P

it should be in the format of cn=username,ou=ou-they-are-in,dc=mydomain,dc=name

correct?

i don't know if it returns anything, but it does say that the error is on the PwdLastSet line, not the initial line. How would I find out if its returning an object correctly?

I know I know, I'm stupid :whistle:

Share this post


Link to post
Share on other sites

@darkleton

2 things to get you started :

This is a list of AD functions UDF which might come in handy.

Regarding the Errors you get :

Add the COM handler and it will tell you axactly what is going wrong in your script.

; Initialize COM error handler add in the beginning of the script
$oMyError = ObjEvent("AutoIt.Error","MyErrFunc")

; Add at the end of the script
; This is my custom error handler
Func MyErrFunc()
  $HexNumber=hex($oMyError.number,8)
  Msgbox(0,"AutoItCOM Test","We intercepted a COM Error !"       & @CRLF  & @CRLF & _
             "err.description is: "    & @TAB & $oMyError.description    & @CRLF & _
             "err.windescription:"     & @TAB & $oMyError.windescription & @CRLF & _
             "err.number is: "         & @TAB & $HexNumber              & @CRLF & _
             "err.lastdllerror is: "   & @TAB & $oMyError.lastdllerror   & @CRLF & _
             "err.scriptline is: "     & @TAB & $oMyError.scriptline     & @CRLF & _
             "err.source is: "         & @TAB & $oMyError.source         & @CRLF & _
             "err.helpfile is: "       & @TAB & $oMyError.helpfile       & @CRLF & _
             "err.helpcontext is: "    & @TAB & $oMyError.helpcontext _
            )
  SetError(1)  ; to check for after this function returns
Endfunc

Hope this gets you going.

regards

ptrex

Share this post


Link to post
Share on other sites

thanks to both of you for pointing me in the right direction. I've now got the password reset next logon and home directory flags working great.

The last thing i need is to move the user to a different OU.

This is the VBS code:

Set objOU = GetObject("LDAP://ou=sales,dc=na,dc=fabrikam,dc=com")
objOU.MoveHere _
    "LDAP://cn=BarrAdam,OU=hr,dc=na,dc=fabrikam,dc=com", vbNullString

I tried converting this too, and then tried (stupidly) changing it to how I thought it would work, and ended up with this:

$OuObj = ObjGet("LDAP://CN=OU-TO-MOVE-TO, DC=mydomain, DC=co, DC=uk")
$OuObj.MoveHere("LDAP://CN=" & $initial_st & $surname_st & ", CN=Users, DC=mydomain, DC=co, DC=uk")

I would assume that the top line sets the OU to move to, and the bottom line is the username and OU where they currently reside? If so then I get an error (as described by that COM error thing I put in) saying that no such object exists.

This is like the final piece of the puzzle. If I can get it to move to a new OU properly then v1.0 of my first attempt is done :whistle:

Share this post


Link to post
Share on other sites

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!


Register a new account

Sign in

Already have an account? Sign in here.


Sign In Now
Sign in to follow this  
Followers 0