Jump to content

Using the _ADRecursiveGetMemberOf() function

gmmg

By gmmg
in AutoIt General Help and Support

 Share

Recommended Posts

gmmg Seeker

gmmg

Posted
Posted (edited)

hi all,

how can i use the _ADRecursiveGetMemberOf function from adfunctions.au3?

here's the code:

#include <array.au3>
#include <adfunctions.au3>

$loggedonusergroups = ""

MsgBox (0, "error",_ADRecursiveGetMemberOf ($loggedonusergroups, _ADSamAccountNameToFQDN (@UserName)))

Can anyone help?

greetings

gmmg

Edited by gmmg
PsaltyDS Universalist

PsaltyDS

Posted
Posted

hi all,

how can i use the _ADRecursiveGetMemberOf function from adfunctions.au3?

here's the code:

#include <array.au3>
#include <adfunctions.au3>

$loggedonusergroups = ""

MsgBox (0, "error",_ADRecursiveGetMemberOf ($loggedonusergroups, _ADSamAccountNameToFQDN (@UserName)))

Can anyone help?

greetings

gmmg

You can nest functions that way in AutoIt, and it makes cleaner more efficient code. But I would make sure thing work first then nest them.

This works on my domain:

#include <array.au3>
#include <adfunctions.au3>

Global $avGroups = ""

$UserFQDN = _ADSamAccountNameToFQDN(@UserName)
MsgBox(64, "Debug", "$UserFQDN = " & $UserFQDN)

_ADRecursiveGetMemberOf($avGroups, $UserFQDN)
_ArrayDisplay($avGroups, "Debug: $avGroups")

If you didn't seem to be getting results, it may just be that you didn't know how to display the returned array (MsgBox won't work for an array).

:P

Valuater's AutoIt 1-2-3, Class... Is now in Session!For those who want somebody to write the script for them: RentACoder"Any technology distinguishable from magic is insufficiently advanced." -- Geek's corollary to Clarke's law
gmmg Seeker

gmmg

Posted
  • Author
Posted (edited)

@ psaldyds :P

it works fine!

how can i use the "if then else" statement for this?

Global $avGroups = ""

_ADRecursiveGetMemberOf($avGroups, _ADSamAccountNameToFQDN(@UserName))
_ArrayDisplay($avGroups, "Debug: $avGroups")

;-------- ingroup control --------
if @username = ingroup($avGroups) then
  msgbox(0,"","ingroup")
else
  msgbox(0,"","not ingroup")
endif

thx for answer :-)

Edited by gmmg
PsaltyDS Universalist

PsaltyDS

Posted
Posted (edited)

how can i use the "if then else" statement for this?

Global $avGroups = ""

_ADRecursiveGetMemberOf($avGroups, _ADSamAccountNameToFQDN(@UserName))
_ArrayDisplay($avGroups, "Debug: $avGroups")

;-------- ingroup control --------
if @username = ingroup($avGroups) then
  msgbox(0,"","ingroup")
else
  msgbox(0,"","not ingroup")
endif

thx for answer :-)

Where did the function ingroup() come from and what does it do? The $avGroups array contains only a list of groups @UserName belongs to, so checking again to see if @UserName is a member of those groups is just silly.

:P

Edited by PsaltyDS
Valuater's AutoIt 1-2-3, Class... Is now in Session!For those who want somebody to write the script for them: RentACoder"Any technology distinguishable from magic is insufficiently advanced." -- Geek's corollary to Clarke's law
arcker Universalist

arcker

Posted
Posted

ingroup is in Kix language :P

-- Arck System _ Soon -- Ideas make everything

"La critique est facile, l'art est difficile"

Projects :

[list] [*]Au3Service : Run your exe as service V3 / Updated 29/07/2013 Get it Here [/list]
gmmg Seeker

gmmg

Posted
  • Author
Posted

@arcker -- i also know,

i will switch a script from kix to autoit!

this is only an example to understand what I mean!

i hope someone can help me ..

greetings gmmg

:P

PsaltyDS Universalist

PsaltyDS

Posted
Posted

@arcker -- i also know,

i will switch a script from kix to autoit!

this is only an example to understand what I mean!

i hope someone can help me ..

greetings gmmg

:P

Help you do what?

You have AutoIt code that retrieves an array of all the groups @UserName belongs to.

Now what? How are you going to get any help if you won't say what you want to do next?

;)

Valuater's AutoIt 1-2-3, Class... Is now in Session!For those who want somebody to write the script for them: RentACoder"Any technology distinguishable from magic is insufficiently advanced." -- Geek's corollary to Clarke's law
gmmg Seeker

gmmg

Posted
  • Author
Posted

@ psaldyds

so, my problem! i have a ad user "ab" ! this user is member of a ad group "abc"! and again, this group "abc" is member of a ad group "xyz"!

i need a query to retrieve the membership for the group "xyz"!

i wrote it with my own words:

;--------------------------

if user "ab" = member of group "xyz" then

do something

endif

;---------------------------

i think i have all values in the $avGroups array!

can i check the membership of user "ab" with a loop? must i split the strings in the array?

example:

;---------

for $element IN $avGroups array

next

;--------- or so

i hope you understand what i mean :-)

i have tried with the IsmemberOf function but this could only examine the direct affiliation

it doesn't work in nested groups

any idea

PsaltyDS Universalist

PsaltyDS

Posted
Posted

@ psaldyds

so, my problem! i have a ad user "ab" ! this user is member of a ad group "abc"! and again, this group "abc" is member of a ad group "xyz"!

i need a query to retrieve the membership for the group "xyz"!

i wrote it with my own words:

;--------------------------

if user "ab" = member of group "xyz" then

do something

endif

;---------------------------

i think i have all values in the $avGroups array!

can i check the membership of user "ab" with a loop? must i split the strings in the array?

example:

;---------

for $element IN $avGroups array

next

;--------- or so

i hope you understand what i mean :-)

i have tried with the IsmemberOf function but this could only examine the direct affiliation

it doesn't work in nested groups

any idea

The group xyz should be in the full list returned in the array for user ab, but as you should have seen running my code in the earlier post, the groups are listed in LDAP FQDN format. All you need is a For/Next loop through the array to check for xyz. Just be aware of the formatting so it doesn't throw you off.

:)

Valuater's AutoIt 1-2-3, Class... Is now in Session!For those who want somebody to write the script for them: RentACoder"Any technology distinguishable from magic is insufficiently advanced." -- Geek's corollary to Clarke's law
gmmg Seeker

gmmg

Posted
  • Author
Posted

@ psaldyds

ok ^_^

the result in the array is the right, but i have a problem to split the string :-(

#include <array.au3>
#include <adfunctions.au3>

Global $avGroups = ""

$UserFQDN = _ADSamAccountNameToFQDN(@UserName)
;MsgBox(64, "Debug", "$UserFQDN = " & $UserFQDN)

_ADRecursiveGetMemberOf($avGroups, $UserFQDN)
_ArrayDisplay($avGroups, "Debug: $avGroups")

;--begin loop--

$string = ""
For $i = 0  To $avGroups[$i]
If @error = 1 then ExitLoop
    $ab = $avGroups[$i]
;MsgBox (0,"",$ab)
    $gr_split = StringSplit($avGroups[$i], ",")
;MsgBox(0,"",$gr_split)
;$gr_split1 = StringSplit($gr_split[1], "=")
    $gr = $gr_split[1]
    MsgBox(0,"",$gr)
Next

the result of $gr is "CN=groupname"

how can i replace the string "CN=" ?

gmmg

:)

ptrex Universalist

ptrex

Posted
Posted

@gmmg

Maybe something like this :

StringReplace($gr , "CN=", "")

Regards

ptrex

Contributions :Firewall Log Analyzer for XP - Creating COM objects without a need of DLL's - UPnP support in AU3Crystal Reports Viewer - PDFCreator in AutoIT - Duplicate File FinderSQLite3 Database functionality - USB Monitoring - Reading Excel using SQLRun Au3 as a Windows Service - File Monitor - Embedded Flash PlayerDynamic Functions - Control Panel Applets - Digital Signing Code - Excel Grid In AutoIT - Constants for Special Folders in WindowsRead data from Any Windows Edit Control - SOAP and Web Services in AutoIT - Barcode Printing Using PS - AU3 on LightTD WebserverMS LogParser SQL Engine in AutoIT - ImageMagick Image Processing - Converter @ Dec - Hex - Bin -Email Address Encoder - MSI Editor - SNMP - MIB ProtocolFinancial Functions UDF - Set ACL Permissions - Syntax HighLighter for AU3ADOR.RecordSet approach - Real OCR - HTTP Disk - PDF Reader Personal Worldclock - MS Indexing Engine - Printing ControlsGuiListView - Navigation (break the 4000 Limit barrier) - Registration Free COM DLL Distribution - Update - WinRM SMART Analysis - COM Object Browser - Excel PivotTable Object - VLC Media Player - Windows LogOnOff Gui -Extract Data from Outlook to Word & Excel - Analyze Event ID 4226 - DotNet Compiler Wrapper - Powershell_COM  - New

gmmg Seeker

gmmg

Posted
  • Author
Posted (edited)

@ptrex

it works fine :)

Global $avGroups = ""

$UserFQDN = _ADSamAccountNameToFQDN(@UserName)
;MsgBox(64, "Debug", "$UserFQDN = " & $UserFQDN)

_ADRecursiveGetMemberOf($avGroups, $UserFQDN)
_ArrayDisplay($avGroups, "Debug: $avGroups")

$string = ""
For $i = 0  To $avGroups[$i]
If @error = 1 then ExitLoop
    $ab = $avGroups[$i]
;MsgBox (0,"",$ab)
    $gr_split = StringSplit($avGroups[$i], ",")
;MsgBox(0,"",$gr_split)
    $gr = $gr_split[1]
;MsgBox(0,"",$gr)
    $gr1 = StringReplace($gr , "CN=", "")
;MsgBox(0,"",$gr1)
    If $gr1 = "groupname" Then 
        MsgBox(0,"","user is in group" & "groupname")           
    EndIf
Next

thx for help!

regards

gmmg

Edited by gmmg

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!

Register a new account

Sign in

Already have an account? Sign in here.

Sign In Now
 Share
Go to topic listing

  • Recently Browsing   0 members

    • No registered users viewing this page.
×
×
  • Create New...