Jump to content

Users in active directory

jerem488

By jerem488,
in AutoIt General Help and Support

 Share

Recommended Posts

PsaltyDS Universalist

PsaltyDS

Posted
Posted

Hello,

I wanted to know how I can tell the group to which a user is in active directory?

thanks in advance

Using LDAP interface: 
#include <array.au3>

Global $oMyError = ObjEvent("AutoIt.Error", "MyErrFunc")

Global $sServer = "myserver.mydomain.com"
Global $sUserPath = "cn=User Name, ou=Users, ou=Users and Computers, dc=mydomain, dc=com"
Global $oUser, $avGroups

; Get user object
Local $oUser = ObjGet("LDAP://" & $sServer & "/" & $sUserPath)
If IsObj($oUser) Then
    $avGroups = $oUser.GetEx("memberof")
    If IsArray($avGroups) Then
        _ArrayDisplay($avGroups, "$avGroups")
    Else
        MsgBox(16, "Error", "$avGroups is not an array.")
    EndIf
Else
    MsgBox(16, "Error", "$oUser is not an object.")
EndIf

Func MyErrFunc()
    $HexNumber = Hex($oMyError.number, 8)
    MsgBox(0, "", "We intercepted a COM Error !" & @CRLF & _
            "Number is: " & $HexNumber & @CRLF & _
            "Windescription is: " & $oMyError.windescription)

    $g_eventerror = 1; something to check for when this function returns
EndFunc  ;==>MyErrFunc

Note that you can get varied results based on the server that you query (specified by $sServer). If it is a member server, DC, or has the GC you can different results for each. So do some research on the results.

:mellow:

Valuater's AutoIt 1-2-3, Class... Is now in Session!For those who want somebody to write the script for them: RentACoder"Any technology distinguishable from magic is insufficiently advanced." -- Geek's corollary to Clarke's law
Link to comment
Share on other sites
jerem488 Universalist

jerem488

Posted
  • Author
Posted (edited)

I have an error when I execute this code,

But I have only a small question...

When you put :

Global $sUserPath = "cn=User Name, ou=Users, ou=Users and Computers, dc=mydomain, dc=com"

I have informed all except "ou=Users and Computers", I don't see wht I must inform here, so I deleted this field.

cn=user name ==>> the user name it's simply !

ou = users, I have put the organization unit name...

ou=Users and Computers = not filled

dc= my domain (it's clear)

and dc = fr

and when I execute this code I have an error message

thanks

post-24962-1225877511_thumb.png

Edited by jerem488

Qui ose gagneWho Dares Win[left]CyberExploit[/left]

Link to comment
Share on other sites
PsaltyDS Universalist

PsaltyDS

Posted
Posted

I tested while putting

Global $sUserPath = "cn=User1, ou=My Organisation Unit, ou=User1, dc=mydomain, dc=fr"

We intercepted a COM Error! Number is: 80072030.

Go into Active Directory Users and Computers tool on the mydomain.fr domain. When you drill down to User1, what OU's do you drill down through? The path you describe above would be:

; mydomain.fr
;   User1  <--- Is this really an OU?
;       My Oranisation Unit
;           User1  <--- actual user container object

Is that really what it looks like?

Also use the Display Name of the user, not for example login ID. You might have login ID of User1 but Display Name of "User One".

:mellow:

Valuater's AutoIt 1-2-3, Class... Is now in Session!For those who want somebody to write the script for them: RentACoder"Any technology distinguishable from magic is insufficiently advanced." -- Geek's corollary to Clarke's law
Link to comment
Share on other sites
PsaltyDS Universalist

PsaltyDS

Posted
Posted

In Active Directory I have like in the picture :

So, it would be more like: 
Global $sUserPath = "cn=utilisateur1, ou=PPC, dc=ppc, dc=freyssinet, dc=com"

It looks like your convention if for the display name and login to be the same, and the users you show are all in the PPC OU.

:mellow:

Valuater's AutoIt 1-2-3, Class... Is now in Session!For those who want somebody to write the script for them: RentACoder"Any technology distinguishable from magic is insufficiently advanced." -- Geek's corollary to Clarke's law
Link to comment
Share on other sites
PsaltyDS Universalist

PsaltyDS

Posted
Posted

Hello,

Oh sorry... :mellow:

But I tried to reproduce the "Active directory" of my business but in fact it is not just that.

It's rather this picture :

So... does it work after you correct the LDAP path string?

:(

Valuater's AutoIt 1-2-3, Class... Is now in Session!For those who want somebody to write the script for them: RentACoder"Any technology distinguishable from magic is insufficiently advanced." -- Geek's corollary to Clarke's law
Link to comment
Share on other sites
PsaltyDS Universalist

PsaltyDS

Posted
Posted

No.... not yet :(

I put this code :

Global $sUserPath = "cn=COMBCT, ou=PPC, dc=dppc dc=fr"
And what happens? Do you get a COM error, an error MsgBox, or what?

:mellow:

Valuater's AutoIt 1-2-3, Class... Is now in Session!For those who want somebody to write the script for them: RentACoder"Any technology distinguishable from magic is insufficiently advanced." -- Geek's corollary to Clarke's law
Link to comment
Share on other sites
PsaltyDS Universalist

PsaltyDS

Posted
Posted

Yes I have an error message

Is this typo still in your path string?

Global $sUserPath = "cn=COMBCT, ou=PPC, dc=dppc, dc=fr"

:mellow:

Valuater's AutoIt 1-2-3, Class... Is now in Session!For those who want somebody to write the script for them: RentACoder"Any technology distinguishable from magic is insufficiently advanced." -- Geek's corollary to Clarke's law
Link to comment
Share on other sites
PsaltyDS Universalist

PsaltyDS

Posted
Posted

so the program works, thnak you...

But I would like to have the name of the service found in the windows Active Directory

Service? What kind of service? I don't have that column available in my AD Users and Computers, so I don't know what you are looking for.

:mellow:

Valuater's AutoIt 1-2-3, Class... Is now in Session!For those who want somebody to write the script for them: RentACoder"Any technology distinguishable from magic is insufficiently advanced." -- Geek's corollary to Clarke's law
Link to comment
Share on other sites
PsaltyDS Universalist

PsaltyDS

Posted
Posted

hello,

we cand find this colum is in the properties of the users. In the part "organization".

I only have Title/Company/Department/Manager on that tab. But the schema is extensible, maybe "Service" was added to the schema for your particular domain.

:mellow:

Valuater's AutoIt 1-2-3, Class... Is now in Session!For those who want somebody to write the script for them: RentACoder"Any technology distinguishable from magic is insufficiently advanced." -- Geek's corollary to Clarke's law
Link to comment
Share on other sites

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!

Register a new account

Sign in

Already have an account? Sign in here.

Sign In Now
 Share
Go to topic listing

  • Recently Browsing   0 members

    • No registered users viewing this page.
×
×
  • Create New...