Jump to content

Using the _ADRecursiveGetMemberOf() function


gmmg
 Share

Recommended Posts

hi all,

how can i use the _ADRecursiveGetMemberOf function from adfunctions.au3?

here's the code:

#include <array.au3>
#include <adfunctions.au3>

$loggedonusergroups = ""

MsgBox (0, "error",_ADRecursiveGetMemberOf ($loggedonusergroups, _ADSamAccountNameToFQDN (@UserName)))

Can anyone help?

greetings

gmmg

Edited by gmmg
Link to comment
Share on other sites

hi all,

how can i use the _ADRecursiveGetMemberOf function from adfunctions.au3?

here's the code:

#include <array.au3>
#include <adfunctions.au3>

$loggedonusergroups = ""

MsgBox (0, "error",_ADRecursiveGetMemberOf ($loggedonusergroups, _ADSamAccountNameToFQDN (@UserName)))

Can anyone help?

greetings

gmmg

You can nest functions that way in AutoIt, and it makes cleaner more efficient code. But I would make sure thing work first then nest them.

This works on my domain:

#include <array.au3>
#include <adfunctions.au3>

Global $avGroups = ""

$UserFQDN = _ADSamAccountNameToFQDN(@UserName)
MsgBox(64, "Debug", "$UserFQDN = " & $UserFQDN)

_ADRecursiveGetMemberOf($avGroups, $UserFQDN)
_ArrayDisplay($avGroups, "Debug: $avGroups")

If you didn't seem to be getting results, it may just be that you didn't know how to display the returned array (MsgBox won't work for an array).

:P

Valuater's AutoIt 1-2-3, Class... Is now in Session!For those who want somebody to write the script for them: RentACoder"Any technology distinguishable from magic is insufficiently advanced." -- Geek's corollary to Clarke's law
Link to comment
Share on other sites

@ psaldyds :P

it works fine!

how can i use the "if then else" statement for this?

Global $avGroups = ""

_ADRecursiveGetMemberOf($avGroups, _ADSamAccountNameToFQDN(@UserName))
_ArrayDisplay($avGroups, "Debug: $avGroups")

;-------- ingroup control --------
if @username = ingroup($avGroups) then
  msgbox(0,"","ingroup")
else
  msgbox(0,"","not ingroup")
endif

thx for answer :-)

Edited by gmmg
Link to comment
Share on other sites

how can i use the "if then else" statement for this?

Global $avGroups = ""

_ADRecursiveGetMemberOf($avGroups, _ADSamAccountNameToFQDN(@UserName))
_ArrayDisplay($avGroups, "Debug: $avGroups")

;-------- ingroup control --------
if @username = ingroup($avGroups) then
  msgbox(0,"","ingroup")
else
  msgbox(0,"","not ingroup")
endif

thx for answer :-)

Where did the function ingroup() come from and what does it do? The $avGroups array contains only a list of groups @UserName belongs to, so checking again to see if @UserName is a member of those groups is just silly.

:P

Edited by PsaltyDS
Valuater's AutoIt 1-2-3, Class... Is now in Session!For those who want somebody to write the script for them: RentACoder"Any technology distinguishable from magic is insufficiently advanced." -- Geek's corollary to Clarke's law
Link to comment
Share on other sites

@arcker -- i also know,

i will switch a script from kix to autoit!

this is only an example to understand what I mean!

i hope someone can help me ..

greetings gmmg

:P

Help you do what?

You have AutoIt code that retrieves an array of all the groups @UserName belongs to.

Now what? How are you going to get any help if you won't say what you want to do next?

;)

Valuater's AutoIt 1-2-3, Class... Is now in Session!For those who want somebody to write the script for them: RentACoder"Any technology distinguishable from magic is insufficiently advanced." -- Geek's corollary to Clarke's law
Link to comment
Share on other sites

@ psaldyds

so, my problem! i have a ad user "ab" ! this user is member of a ad group "abc"! and again, this group "abc" is member of a ad group "xyz"!

i need a query to retrieve the membership for the group "xyz"!

i wrote it with my own words:

;--------------------------

if user "ab" = member of group "xyz" then

do something

endif

;---------------------------

i think i have all values in the $avGroups array!

can i check the membership of user "ab" with a loop? must i split the strings in the array?

example:

;---------

for $element IN $avGroups array

next

;--------- or so

i hope you understand what i mean :-)

i have tried with the IsmemberOf function but this could only examine the direct affiliation

it doesn't work in nested groups

any idea

Link to comment
Share on other sites

@ psaldyds

so, my problem! i have a ad user "ab" ! this user is member of a ad group "abc"! and again, this group "abc" is member of a ad group "xyz"!

i need a query to retrieve the membership for the group "xyz"!

i wrote it with my own words:

;--------------------------

if user "ab" = member of group "xyz" then

do something

endif

;---------------------------

i think i have all values in the $avGroups array!

can i check the membership of user "ab" with a loop? must i split the strings in the array?

example:

;---------

for $element IN $avGroups array

next

;--------- or so

i hope you understand what i mean :-)

i have tried with the IsmemberOf function but this could only examine the direct affiliation

it doesn't work in nested groups

any idea

The group xyz should be in the full list returned in the array for user ab, but as you should have seen running my code in the earlier post, the groups are listed in LDAP FQDN format. All you need is a For/Next loop through the array to check for xyz. Just be aware of the formatting so it doesn't throw you off.

:)

Valuater's AutoIt 1-2-3, Class... Is now in Session!For those who want somebody to write the script for them: RentACoder"Any technology distinguishable from magic is insufficiently advanced." -- Geek's corollary to Clarke's law
Link to comment
Share on other sites

@ psaldyds

ok ^_^

the result in the array is the right, but i have a problem to split the string :-(

#include <array.au3>
#include <adfunctions.au3>

Global $avGroups = ""

$UserFQDN = _ADSamAccountNameToFQDN(@UserName)
;MsgBox(64, "Debug", "$UserFQDN = " & $UserFQDN)

_ADRecursiveGetMemberOf($avGroups, $UserFQDN)
_ArrayDisplay($avGroups, "Debug: $avGroups")

;--begin loop--

$string = ""
For $i = 0  To $avGroups[$i]
If @error = 1 then ExitLoop
    $ab = $avGroups[$i]
;MsgBox (0,"",$ab)
    $gr_split = StringSplit($avGroups[$i], ",")
;MsgBox(0,"",$gr_split)
;$gr_split1 = StringSplit($gr_split[1], "=")
    $gr = $gr_split[1]
    MsgBox(0,"",$gr)
Next

the result of $gr is "CN=groupname"

how can i replace the string "CN=" ?

gmmg

:)

Link to comment
Share on other sites

@ptrex

it works fine :)

Global $avGroups = ""

$UserFQDN = _ADSamAccountNameToFQDN(@UserName)
;MsgBox(64, "Debug", "$UserFQDN = " & $UserFQDN)

_ADRecursiveGetMemberOf($avGroups, $UserFQDN)
_ArrayDisplay($avGroups, "Debug: $avGroups")

$string = ""
For $i = 0  To $avGroups[$i]
If @error = 1 then ExitLoop
    $ab = $avGroups[$i]
;MsgBox (0,"",$ab)
    $gr_split = StringSplit($avGroups[$i], ",")
;MsgBox(0,"",$gr_split)
    $gr = $gr_split[1]
;MsgBox(0,"",$gr)
    $gr1 = StringReplace($gr , "CN=", "")
;MsgBox(0,"",$gr1)
    If $gr1 = "groupname" Then 
        MsgBox(0,"","user is in group" & "groupname")           
    EndIf
Next

thx for help!

regards

gmmg

Edited by gmmg
Link to comment
Share on other sites

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!

Register a new account

Sign in

Already have an account? Sign in here.

Sign In Now
 Share

  • Recently Browsing   0 members

    • No registered users viewing this page.
×
×
  • Create New...