Get Full Returnstring from TCP-IP-STACK in AutoIt-Variable

[card0384@…]

I would like to register myself from a computer place, out of range of my AD-DOMAIN on LDAP with user name and keyword. Therefore I need extended feedback, for example:

525 - user not found
52e - invalid credentials
530 - not permitted to logon at this time
532 - password expired
533 - account disabled
701 - account expired
773 - user must reset password

To get access to LDAP-CONNECT, I have 3 solutions to offer:

1. via ADSDSOObject – disadvantage: I don`t get feedback in case of failure
2. via $SobjiDSO.OpenDSObject – there is feedback with Network-Monitor showing but in AutoIt RETURN missing
3. via DLLCALL on WLAPD32.DLL – there is also feedback with Network-Monitor showing but in AutoIt RETURN missing

For 3. I have tried with the following source code:

#include <WINAPI.au3>
Global $objDSO = ObjGet ("LDAP:")
Global $Host = "xxx.xxx.xxx.xxx xxx.xxx.xxx.xxx"
Global $Port = "389"
Global $fkt
Const $LDAP_OPT_PROTOCOL_VERSION = 0x11
Const $LDAP_AUTH_SIMPLE = 0x80
Global $username = "username"
Global $Passwort = "secret"
Global $domain = "DOMAIN"

Global $ldapldll = DllOpen("WLDAP32.DLL")

$ldapinit = ldapinit()
$ldapsetOption = ldap_set_option()
$ldapcon = ldap_simple_bind_s()
errorpruefung($ldapcon, $fkt)
ldap_unbind()
DllClose("WLDAP32.DLL")
ConsoleWrite(@CRLF)
exit

Func ldapinit()

$Hostptr = DllStructCreate("char& (StringLen($Host) + 1) &?")
DllStructSetData($Hostptr,1,$Host)
$fkt = "ldap_open"
Return DllCall($ldapldll, "ptr", $fkt, "ptr",DllStructGetPtr($Hostptr), "ULONG", "")

EndFunc

Func ldap_simple_bind_s()

$fkt = "ldap_simple_bind_s"
$dn = DllStructCreate("char[" & (StringLen($domain & "\" & $username) + 1) & "]")
DllStructSetData($dn,1, $domain & "\" & $username)
$passwd = DllStructCreate("char& (StringLen($Passwort) + 1) &?")
DllStructSetData($passwd,1, $Passwort)
Return DllCall($ldapldll, "ULONG", $fkt, "ptr", $ldapinit[0], "ptr",DllStructGetPtr($dn), "ptr",DllStructGetPtr($passwd), "ULONG", $LDAP_AUTH_SIMPLE)

EndFunc

Func ldap_set_option()

$ldaperr = DllStructCreate("ULONG")
DllStructSetData($ldaperr,1, 3)
$fkt = "ldap_set_option"
$ergebnis = DllCall($ldapldll, "ULONG", $fkt, "ptr", $ldapinit[0], "int", $LDAP_OPT_PROTOCOL_VERSION, "ptr", DllStructGetPtr($ldaperr))
If @error <> 0 Then ConsoleWrite(Hex(_WinAPI_GetLastError()) & ": " & _WinAPI_GetLastErrorMessage())
errorpruefung($ldaperr, $fkt)
Return $ergebnis

EndFunc

Func ldap_unbind()

$fkt = "ldap_unbind"
$ldapunbind = DllCall($ldapldll, "ULONG", $fkt, "ptr", $ldapinit[0])

EndFunc

Func errorpruefung($ID, $Name = "")

If IsArray($ID) THEN

ConsoleWrite(@CRLF & $Name & " ")
For $I = 0 To UBound($ID)-1

ConsoleWrite(@CRLF & $I & ": " & $ID[$I] & " - " & hex($ID[$I],8) & " - " & dec(hex($ID[$I],8)) & " " & DllStructGetData($ID, $I))

Next
ConsoleWrite(@CRLF)

Else

ConsoleWrite(@CRLF & $Name & " " & DllStructGetData($ID, 1) & " - " & hex(DllStructGetData($ID, 1),8) & " " & DllStructGetData($ID, 2) & " - " & hex(DllStructGetData($ID, 2),8) & @CRLF)

EndIf

EndFunc

• during input of the right username and keyword, I get back in array[0] the Hex-Value “0x0” – this means everything is fine.
• in case of a wrong input of username and keyword, I get back in array[0] the Hex-Value “0x31” – LDAP_INVALID_CREDENTIALS – which means everything is fine. But the Return-String recorded with network-sniffer says: ErrorMessage: 80090308: LdapErr: DSID-0C090334, comment: AcceptSecurityContext error, data 701, vece

Here is at right error data 701 - in this case: account expired

For 2. i have following code:

Global $objDSO = ObjGet ("LDAP:")
Const $ADS_SERVER_BIND= 512 ;0x200
Global $username = "DOMAIN\Username"
Global $Passwort = "secret"
$obj1 = $objDSO.OpenDSObject("LDAP://xxx.xxx.xxx.xxx", $username, $Passwort, $ADS_SERVER_BIND)

With Networksniffer i received also the message: ErrorMessage: 80090308: LdapErr: DSID-0C090334, comment: AcceptSecurityContext error, data 701, vece

Please give a feature to get the Full-TCP-IP-Stack-Return-Message with comment and data from dllcall or/and $objDSO.OpenDSObject in a variable in autoit.

[card0384@…]

The MS-Reference for ldap_simple_bind_s is here: ​http://msdn.microsoft.com/en-us/library/aa366995(VS.85).aspx and OpenDSObject ​http://msdn.microsoft.com/en-us/library/aa706065(VS.85).aspx

[TicketCleanup]

Automatic ticket cleanup.

[thomas.rupp@…]

I would be glad too if this information could be made accessible from within AutoIt. I could enhance the Active Directory UDF to get better error description in function _AD_Open().

[card0384@…]

The problem in Autoit v.3.3.6.0 still exists

[card0384@…]

For better understanding - i need from Returnstring (Networksniffer i received also the message: ErrorMessage: 80090308: LdapErr: DSID-0C090334, comment: AcceptSecurityContext error, data 701, vece) the "data 701"

[Jpm]

Perhaps the only thing you need is to use LdapGetLastError() when needed.
You are not using Autoit TCP Builtin functions so just follow what the DLL functions give you.
It is always better to go to the forum before submiting a ticket