Jump to content

Active Directory UDF


water
 Share

Recommended Posts

This seems to be caused by missing privileges.

Can you delete objects from this groups when you use one of the microsoft tools?

Edit: Wrong! It is caused by a bug in function _AD_DeleteObject (please see section: "Known Bugs" on page 1). Will be fixed with the next version!

BTW: Could you please post questions on how to use the UDF on the General Help and Support Thread?

Edited by water

My UDFs and Tutorials:

Spoiler

UDFs:
Active Directory (NEW 2024-07-28 - Version 1.6.3.0) - Download - General Help & Support - Example Scripts - Wiki
ExcelChart (2017-07-21 - Version 0.4.0.1) - Download - General Help & Support - Example Scripts
OutlookEX (2021-11-16 - Version 1.7.0.0) - Download - General Help & Support - Example Scripts - Wiki
OutlookEX_GUI (2021-04-13 - Version 1.4.0.0) - Download
Outlook Tools (2019-07-22 - Version 0.6.0.0) - Download - General Help & Support - Wiki
PowerPoint (2021-08-31 - Version 1.5.0.0) - Download - General Help & Support - Example Scripts - Wiki
Task Scheduler (2022-07-28 - Version 1.6.0.1) - Download - General Help & Support - Wiki

Standard UDFs:
Excel - Example Scripts - Wiki
Word - Wiki

Tutorials:
ADO - Wiki
WebDriver - Wiki

 

Link to comment
Share on other sites

  • 2 weeks later...

Thank you for the UDF.

I need to make a complete extration AD (> 19,500 users). when I use: _AD_GetObjectsInOU

me it does not return the set. Whereas with the CODE below, I am full users:

Func _ReadAD($sQuery,$sFilter)
    Dim $oCmd, $oCnx, $oRSAD
    Dim $sDN, $oUser, $iCpt, $sUser, $icptclean
    Local $sAttributes = "distinguishedName"

    $oCnx = ObjCreate("ADODB.Connection")
    $oCnx.Provider = "ADsDSOObject"
    $oCnx.Open = "Active Directory Provider"

    $oCmd = ObjCreate("ADODB.Command")
    $oCmd.ActiveConnection = $oCnx
    $oCmd.Properties ("Page Size") = 1000
    $oCmd.Properties ("Size Limit") = 5000
    $oCmd.Properties ("Timeout") = 30
    $oCmd.Properties ("Cache Results") = False
    $oCmd.Properties ("searchscope") = 2    ;$ADS_SCOPE_SUBTREE

    $oCmd.CommandText = "<LDAP://" & $sQuery & ">;" & $sFilter & ";" & $sAttributes & ";subtree"
    $oRSAD = $oCmd.Execute

    $oRSAD.MoveFirst

    While Not $oRSAD.EOF
;~      ConsoleWrite( $oRSAD.Fields(0).Value & @CRLF)
        $sDN =  $oRSAD.Fields("distinguishedName").Value
        $oUser = ObjGet("LDAP://" & $sDN)
;~      ConsoleWrite( $sDN & @CRLF)
        _ArrayAdd($aUsers,$oUser)
        $oRSAD.MoveNext
    WEnd
    _Arraydisplay($aUsers,'$aUsers')
    $oCnx.Close

EndFunc   ;==>_ReadAD

I have so 2 questions:

1) Is it possible to modify the UDF to change the properties

2) could be incles functions for mailbox:

_ADAddAccountToMailboxRights

_AD_GetMailboxPerms

_AD_RemoveMailboxRights

Who were in: adfunctions.au3

thank you in advance for any answers

Link to comment
Share on other sites

Bug in _AD_DeleteObject and _AD_RenameObject

This functions don't work when the FQDN of the object doesn't contain an OU. Here you find the fixed versions.

Please test before using in production as I only have read access to our AD!

; #FUNCTION# ====================================================================================================================
; Name...........: _AD_DeleteObject
; Description ...: Deletes the specified object.
; Syntax.........: _AD_DeleteObject($sAD_Object, $sAD_Class)
; Parameters ....: $sAD_Object - Object (user, group, computer) to delete (FQDN or sAMAccountName)
;                  $sAD_Class - The schema class object to delete ("user", "computer", "group", "contact" etc). Can be derived using _AD_GetObjectClass().
; Return values .: Success - 1
;                  Failure - 0, sets @error to:
;                  |1 - $sAD_Object does not exist
;                  |x - Error returned by Delete function (Missing permission etc.)
; Author ........: Jonathan Clelland
; Modified.......: water
; Remarks .......:
; Related .......: _AD_RenameObject, _AD_MoveObject
; Link ..........: http://msdn.microsoft.com/en-us/library/aa705988(v=VS.85).aspx
; Example .......: Yes
; ===============================================================================================================================
Func _AD_DeleteObject($sAD_Object, $sAD_Class)

    If Not _AD_ObjectExists($sAD_Object) Then Return SetError(1, 0, 0)
    If StringMid($sAD_Object, 3, 1) <> "=" Then $sAD_Object = _AD_SamAccountNameToFQDN($sAD_Object) ; sAMAccountName provided
    Local $oAD_Object = _AD_ObjGet("LDAP://" & $sAD_HostServer & "/" & $sAD_Object)
    Local $oAD_OU = _AD_ObjGet($oAD_Object.Parent)  ; Get the object of the OU/CN where the object resides
    Local $sAD_CN = "CN=" & _AD_GetObjectAttribute($sAD_Object, "cn")
    $oAD_OU.Delete($sAD_Class, $sAD_CN)
    If @error <> 0 Then Return SetError(@error, 0, 0)
    Return 1

EndFunc   ;==>_AD_DeleteObject

; #FUNCTION# ====================================================================================================================
; Name...........: _AD_RenameObject
; Description ...: Renames an object within an OU.
; Syntax.........: _AD_RenameObject($sAD_Object, $sAD_CN)
; Parameters ....: $sAD_Object - Object (user, group, computer) to rename (FQDN or sAMAccountName)
;                  $sAD_CN - New Name (relative name) of the object in the current OU without CN=
; Return values .: Success - 1
;                  Failure - 0, sets @error to:
;                  |1 - $sAD_Object does not exist
;                  |x - Error returned by MoveHere function (Missing permission etc.)
; Author ........: Jonathan Clelland
; Modified.......: water
; Remarks .......: Renames an object within the same OU. You can not move objects to another OU with this function.
; Related .......: _AD_MoveObject, _AD_DeleteObject
; Link ..........: http://msdn.microsoft.com/en-us/library/aa705991(v=VS.85).aspx
; Example .......: Yes
; ===============================================================================================================================
Func _AD_RenameObject($sAD_Object, $sAD_CN)

    If Not _AD_ObjectExists($sAD_Object) Then Return SetError(1, 0, 0)
    If StringMid($sAD_Object, 3, 1) <> "=" Then $sAD_Object = _AD_SamAccountNameToFQDN($sAD_Object) ; sAMAccountName provided
    Local $oAD_Object = _AD_ObjGet("LDAP://" & $sAD_HostServer & "/" & $sAD_Object)
    Local $oAD_OU = _AD_ObjGet($oAD_Object.Parent)  ; Get the object of the OU/CN where the object resides
    $sAD_CN = "CN=" & _AD_FixSpecialChars($sAD_CN) ; escape all special characters
    $oAD_OU.MoveHere("LDAP://" & $sAD_HostServer & "/" & $sAD_Object, $sAD_CN)
    If @error <> 0 Then Return SetError(@error, 0, 0)
    Return 1

EndFunc   ;==>_AD_RenameObject

My UDFs and Tutorials:

Spoiler

UDFs:
Active Directory (NEW 2024-07-28 - Version 1.6.3.0) - Download - General Help & Support - Example Scripts - Wiki
ExcelChart (2017-07-21 - Version 0.4.0.1) - Download - General Help & Support - Example Scripts
OutlookEX (2021-11-16 - Version 1.7.0.0) - Download - General Help & Support - Example Scripts - Wiki
OutlookEX_GUI (2021-04-13 - Version 1.4.0.0) - Download
Outlook Tools (2019-07-22 - Version 0.6.0.0) - Download - General Help & Support - Wiki
PowerPoint (2021-08-31 - Version 1.5.0.0) - Download - General Help & Support - Example Scripts - Wiki
Task Scheduler (2022-07-28 - Version 1.6.0.1) - Download - General Help & Support - Wiki

Standard UDFs:
Excel - Example Scripts - Wiki
Word - Wiki

Tutorials:
ADO - Wiki
WebDriver - Wiki

 

Link to comment
Share on other sites

I have so 2 questions:

1) Is it possible to modify the UDF to change the properties

2) could be incles functions for mailbox:

_ADAddAccountToMailboxRights

_AD_GetMailboxPerms

_AD_RemoveMailboxRights

Who were in: adfunctions.au3

Hi jackymb,

I have considered to make the ADODB.Command object a global object. Then you could set the properties or I could provide a function to set the properties.

I think I will implement this in the next version of the UDF.

Do you want to wait for the next version? If yes, how long can you wait?

I didn't add the mailbox related functions because I didn't need them and because M$ no longer seems to support CDOEXM.

I'm not very familiar with AD and Exchange.

Do you have any information about AD and Exchange that works with Exchange 2007 and later?

My UDFs and Tutorials:

Spoiler

UDFs:
Active Directory (NEW 2024-07-28 - Version 1.6.3.0) - Download - General Help & Support - Example Scripts - Wiki
ExcelChart (2017-07-21 - Version 0.4.0.1) - Download - General Help & Support - Example Scripts
OutlookEX (2021-11-16 - Version 1.7.0.0) - Download - General Help & Support - Example Scripts - Wiki
OutlookEX_GUI (2021-04-13 - Version 1.4.0.0) - Download
Outlook Tools (2019-07-22 - Version 0.6.0.0) - Download - General Help & Support - Wiki
PowerPoint (2021-08-31 - Version 1.5.0.0) - Download - General Help & Support - Example Scripts - Wiki
Task Scheduler (2022-07-28 - Version 1.6.0.1) - Download - General Help & Support - Wiki

Standard UDFs:
Excel - Example Scripts - Wiki
Word - Wiki

Tutorials:
ADO - Wiki
WebDriver - Wiki

 

Link to comment
Share on other sites

Hi jackymb,

I have considered to make the ADODB.Command object a global object. Then you could set the properties or I could provide a function to set the properties.

I think I will implement this in the next version of the UDF.

Do you want to wait for the next version? If yes, how long can you wait?

I didn't add the mailbox related functions because I didn't need them and because M$ no longer seems to support CDOEXM.

I'm not very familiar with AD and Exchange.

Do you have any information about AD and Exchange that works with Exchange 2007 and later?

Hi Wlater,

Thank you for the reply.

I can wait the next version of the UDF

I have no information on AD, Exchange 2007 and later, because in my organization we have exchange 2003.

Link to comment
Share on other sites

I have no information on AD, Exchange 2007 and later, because in my organization we have exchange 2003.

The problem with Exchange 2003 is, that it has/will reach the end of its lifetime. So sooner or later you will upgrade to Exchange 2007/2010.

The Exchange functions (_AD_CreateMailbox ..) will no longer work with Exchange 2010 (don't know about Exchange 2007).

Therefore I won't implement further Exchange related functions. Another reason is that I nearly know nothing about Exchange and all this CDO etc. stuff.

My UDFs and Tutorials:

Spoiler

UDFs:
Active Directory (NEW 2024-07-28 - Version 1.6.3.0) - Download - General Help & Support - Example Scripts - Wiki
ExcelChart (2017-07-21 - Version 0.4.0.1) - Download - General Help & Support - Example Scripts
OutlookEX (2021-11-16 - Version 1.7.0.0) - Download - General Help & Support - Example Scripts - Wiki
OutlookEX_GUI (2021-04-13 - Version 1.4.0.0) - Download
Outlook Tools (2019-07-22 - Version 0.6.0.0) - Download - General Help & Support - Wiki
PowerPoint (2021-08-31 - Version 1.5.0.0) - Download - General Help & Support - Example Scripts - Wiki
Task Scheduler (2022-07-28 - Version 1.6.0.1) - Download - General Help & Support - Wiki

Standard UDFs:
Excel - Example Scripts - Wiki
Word - Wiki

Tutorials:
ADO - Wiki
WebDriver - Wiki

 

Link to comment
Share on other sites

I can wait the next version of the UDF

Hi jackymb,

attached you can find a pre release of the next UDF version. Deleted because this version has been officialy released.

The LDAP command object $oAD_Command is now global and will be used for all LDAP queries.

It's defined in _AD_Open so after _AD_Open you can set all properties of the command object to your needs.

_AD_Open()
$oAD_Command.Properties("Page Size") = 5000
$oAD_Command.Properties("TimeOut") = 50

This settings are persistent - until you change them manually.

Do you have any suggestions for the default values for the command object?

Would you like to see a function to set the values or do you like to do it yourself?

If you find some spare time I would be glad if you could do some testing.

KR

water

Edited by water

My UDFs and Tutorials:

Spoiler

UDFs:
Active Directory (NEW 2024-07-28 - Version 1.6.3.0) - Download - General Help & Support - Example Scripts - Wiki
ExcelChart (2017-07-21 - Version 0.4.0.1) - Download - General Help & Support - Example Scripts
OutlookEX (2021-11-16 - Version 1.7.0.0) - Download - General Help & Support - Example Scripts - Wiki
OutlookEX_GUI (2021-04-13 - Version 1.4.0.0) - Download
Outlook Tools (2019-07-22 - Version 0.6.0.0) - Download - General Help & Support - Wiki
PowerPoint (2021-08-31 - Version 1.5.0.0) - Download - General Help & Support - Example Scripts - Wiki
Task Scheduler (2022-07-28 - Version 1.6.0.1) - Download - General Help & Support - Wiki

Standard UDFs:
Excel - Example Scripts - Wiki
Word - Wiki

Tutorials:
ADO - Wiki
WebDriver - Wiki

 

Link to comment
Share on other sites

Hi Walter,

I made test with the code below, it returns me well all the elements

Func _ReadAllObject($sFqdnOU)
    Dim $oAD_RecordSet, $sDN, $oUser, $iCpt

    $sFilter = "(objectcategory=user)"
;~  $sFilter = "(objectcategory=Computer)"

    Local $sAttributes = "distinguishedName"
    _AD_OPEN($sUserName, $sUserPwd, "","", $sFqdnOU)

    $oAD_Command.CommandText = "<LDAP://" & $sFqdnOU & ">;" & $sFilter & ";" & $sAttributes & ";subtree"
    $oAD_RecordSet = $oAD_Command.Execute

    While Not $oAD_RecordSet.EOF
        $sDN =  $oAD_RecordSet.Fields("distinguishedName").Value
        $oUser = ObjGet("LDAP://" & $sDN)
;~      ConsoleWrite( $sDN & @CRLF)
        $iCpt += 1
        $oAD_RecordSet.MoveNext
    WEnd
    _AD_Close()
    ConsoleWrite( $iCpt & @CRLF)
EndFunc ;==> _ReadAllObject

For orders were that of ADSI

Property Type Default

-----------------------------------------------------------------------------

"Asynchronous" BOOLEAN FALSE

"deref Aliases" BOOLEAN FALSE

"Size Limit" Integer (0)No Limit

"Time Limit" Integer None (0)

"Column Names Only" BOOLEAN FALSE

"SearchScopes" 0 (Base), 1 (onelevel), 2 (subtree) 2 (Subtree)

"Timeout" Integer None (0)

"Page Size" Integer None (0)

"Time Limit" Integer None (0)

"Chase Referrals" BOOLEAN FALSE

"Cache Results" BOOLEAN TRUE

A function would be nice to run before _AD_OPen (ex _AD_Init)

but can be run with default setting in case it does not execute

Jacky

Link to comment
Share on other sites

Quick answer.

Wouldn't function _AD_GetObjectsInOU deliver the same results?

Didn't you get an error message? Because the 5th parameter of _AD_Open is used wrong.

I will think about a function to set the command properties.

Edited by water

My UDFs and Tutorials:

Spoiler

UDFs:
Active Directory (NEW 2024-07-28 - Version 1.6.3.0) - Download - General Help & Support - Example Scripts - Wiki
ExcelChart (2017-07-21 - Version 0.4.0.1) - Download - General Help & Support - Example Scripts
OutlookEX (2021-11-16 - Version 1.7.0.0) - Download - General Help & Support - Example Scripts - Wiki
OutlookEX_GUI (2021-04-13 - Version 1.4.0.0) - Download
Outlook Tools (2019-07-22 - Version 0.6.0.0) - Download - General Help & Support - Wiki
PowerPoint (2021-08-31 - Version 1.5.0.0) - Download - General Help & Support - Example Scripts - Wiki
Task Scheduler (2022-07-28 - Version 1.6.0.1) - Download - General Help & Support - Wiki

Standard UDFs:
Excel - Example Scripts - Wiki
Word - Wiki

Tutorials:
ADO - Wiki
WebDriver - Wiki

 

Link to comment
Share on other sites

with this code :

Func _ReadAllObject1($sFqdnOU)
    Dim $aObjectAll
    ConsoleWrite( $sFqdnOU & @CRLF)     ; 1 <============
    $sFilter = "(objectcategory=user)"
;~  $sFilter = "(objectcategory=Computer)"

    _AD_OPEN($sUserName, $sUserPwd, "","", $sFqdnOU)
    $aObjectAll = _AD_GetObjectsInOU($sFqdnOU, $sFilter, 2, "sAMAccountName,displayname", "sAMAccountName")
    _ArrayDisplay($aObjectAll,"$aObjectAll")
    ConsoleWrite( @error & @CRLF)
    _AD_Close()

EndFunc ;==> _ReadAllObject1

_AD_GetObjectsInOU I did a mistake :

C:\zJMBOutils\_Dev\_AutoIt\MyInclude\AD1.au3 (1213) : ==> Array variable has incorrect number of subscripts or subscript dimension range exceeded.:

$aAD_Objects[$iCount2][$iCount1 - 1] = $oAD_RecordSet.Fields($aAD_DataToRetrieve[$iCount1] ).Value

^ ERROR

if I comment out the first consolewrite : Error code is 1

Link to comment
Share on other sites

This error could be caused by the server being unable to sort so many records (please check ).

Could you please replace the last parameter of _AD_GetObjectsInOU with " "?

Edited by water

My UDFs and Tutorials:

Spoiler

UDFs:
Active Directory (NEW 2024-07-28 - Version 1.6.3.0) - Download - General Help & Support - Example Scripts - Wiki
ExcelChart (2017-07-21 - Version 0.4.0.1) - Download - General Help & Support - Example Scripts
OutlookEX (2021-11-16 - Version 1.7.0.0) - Download - General Help & Support - Example Scripts - Wiki
OutlookEX_GUI (2021-04-13 - Version 1.4.0.0) - Download
Outlook Tools (2019-07-22 - Version 0.6.0.0) - Download - General Help & Support - Wiki
PowerPoint (2021-08-31 - Version 1.5.0.0) - Download - General Help & Support - Example Scripts - Wiki
Task Scheduler (2022-07-28 - Version 1.6.0.1) - Download - General Help & Support - Wiki

Standard UDFs:
Excel - Example Scripts - Wiki
Word - Wiki

Tutorials:
ADO - Wiki
WebDriver - Wiki

 

Link to comment
Share on other sites

FYI

In AD.au3 V0.42 function _AD_IsObjectLocked uses this line to calculate the ResetLockoutTime:

Local $sAD_ResetLockoutTime = _DateAdd("n", $aAD_Temp[5], $sAD_LockoutTime)

I don't know why but on our AD the value of $aAD_Temp[5] was 15372286728.0913 which caused _DateAdd to fail with an error 2 - Invalid $iValToAdd. => _DateAdd($sType, $iValToAdd, $sDate)

Fixed this by making it an int:

Local $sAD_ResetLockoutTime = _DateAdd("n", int($aAD_Temp[5]), $sAD_LockoutTime)

Other than that, great work on the UDF!

Thanks!

Link to comment
Share on other sites

FYI

In AD.au3 V0.42 function _AD_IsObjectLocked uses this line to calculate the ResetLockoutTime:

Local $sAD_ResetLockoutTime = _DateAdd("n", $aAD_Temp[5], $sAD_LockoutTime)

I don't know why but on our AD the value of $aAD_Temp[5] was 15372286728.0913 which caused _DateAdd to fail with an error 2 - Invalid $iValToAdd. => _DateAdd($sType, $iValToAdd, $sDate)

Fixed this by making it an int:

Local $sAD_ResetLockoutTime = _DateAdd("n", int($aAD_Temp[5]), $sAD_LockoutTime)

Other than that, great work on the UDF!

Thanks!

This has happended before. Please check this

Seems that the lockout duration time is set to 0 in your environment. Does it make sense to lock a user for 0 minutes?

I did some more research and found that this value (long integer with HighValue set to 0x7FFFFFFF and the LowValue set to 0xFFFFFFFF means "will not be locked" (according to http://msdn.microsoft.com/en-us/library/cc208659.aspx).

The value of 15372286728.0913 is the above value interpreted as a time in 100-nanosecond intervals.

Please replace function _AD_Int8ToSec with the following code and check if the error goes away:

Func _AD_Int8ToSec($oAD_Int8)

    Local $lngHigh, $lngLow
    $lngHigh = $oAD_Int8.HighPart
    $lngLow = $oAD_Int8.LowPart
    If $lngHigh = 0x7FFFFFFF And $lngLow = 0xFFFFFFFF Then Return 0
    If $lngLow < 0 Then
        $lngHigh = $lngHigh + 1
    EndIf
    Return -($lngHigh * (2 ^ 32) + $lngLow) / (10000000)

EndFunc   ;==>_AD_Int8ToSec
Edited by water

My UDFs and Tutorials:

Spoiler

UDFs:
Active Directory (NEW 2024-07-28 - Version 1.6.3.0) - Download - General Help & Support - Example Scripts - Wiki
ExcelChart (2017-07-21 - Version 0.4.0.1) - Download - General Help & Support - Example Scripts
OutlookEX (2021-11-16 - Version 1.7.0.0) - Download - General Help & Support - Example Scripts - Wiki
OutlookEX_GUI (2021-04-13 - Version 1.4.0.0) - Download
Outlook Tools (2019-07-22 - Version 0.6.0.0) - Download - General Help & Support - Wiki
PowerPoint (2021-08-31 - Version 1.5.0.0) - Download - General Help & Support - Example Scripts - Wiki
Task Scheduler (2022-07-28 - Version 1.6.0.1) - Download - General Help & Support - Wiki

Standard UDFs:
Excel - Example Scripts - Wiki
Word - Wiki

Tutorials:
ADO - Wiki
WebDriver - Wiki

 

Link to comment
Share on other sites

I searched this topic for _AD_IsObjectLocked and did not find what I was looking for. I therefor missed the you provided :)

As per this link a value of 0 should (and AFAIK DOES) mean this:

Account lockout duration

Computer Configuration\Windows Settings\Security Settings\Account Policies\Account Lockout Policy

Description

Determines the number of minutes a locked out account remains locked out before automatically becoming unlocked. The range is 1 to 99999 minutes. You can specify that the account will be locked out until an administrator explicitly unlocks it by setting the value to 0.

Accounts don't become unlocked automatically in our environment.

I'll checkout you're code change for _AD_Int8ToSec.

Link to comment
Share on other sites

As per this link a value of 0 should (and AFAIK DOES) mean this:

Accounts don't become unlocked automatically in our environment.

That's something I didn't find when searching :)

I have added this information to _AD_GetPasswordInfo.

My UDFs and Tutorials:

Spoiler

UDFs:
Active Directory (NEW 2024-07-28 - Version 1.6.3.0) - Download - General Help & Support - Example Scripts - Wiki
ExcelChart (2017-07-21 - Version 0.4.0.1) - Download - General Help & Support - Example Scripts
OutlookEX (2021-11-16 - Version 1.7.0.0) - Download - General Help & Support - Example Scripts - Wiki
OutlookEX_GUI (2021-04-13 - Version 1.4.0.0) - Download
Outlook Tools (2019-07-22 - Version 0.6.0.0) - Download - General Help & Support - Wiki
PowerPoint (2021-08-31 - Version 1.5.0.0) - Download - General Help & Support - Example Scripts - Wiki
Task Scheduler (2022-07-28 - Version 1.6.0.1) - Download - General Help & Support - Wiki

Standard UDFs:
Excel - Example Scripts - Wiki
Word - Wiki

Tutorials:
ADO - Wiki
WebDriver - Wiki

 

Link to comment
Share on other sites

You're suggestion for _AD_Int8ToSec didn't do the job. For the corresponding value of $aAD_Temp[5] I got $IngHigh = -2147483648 (hex 0x80000000) and $IngLow=0.

I changed the code to this but in the end it doesn't work for _DateAdd in _AD_IsObjectLocked:

Func _AD_Int8ToSec($oAD_Int8)

    Local $lngHigh, $lngLow
    $lngHigh = $oAD_Int8.HighPart
    $lngLow = $oAD_Int8.LowPart
    If $lngHigh = 0x80000000 And $lngLow = 0 Then Return 0
    If $lngLow < 0 Then
        $lngHigh = $lngHigh + 1
    EndIf
    Return -($lngHigh * (2 ^ 32) + $lngLow) / (10000000)

EndFunc   ;==>_AD_Int8ToSec

Instead of 0 it should probably return something close to infinite. In this case as high an integer as possible and return an integer when devided by 60, as per _AD_GetPasswordInfo:

If $lngHigh = 0x80000000 And $lngLow = 0 Then Return 4294967280

It does do the job but I'm not so sure this is the way to go. (4294967280 / 60 = 71582788 seconds which makes 828 days 12 hours 6m28s and is not even close to infinite :)

Link to comment
Share on other sites

It's more complex than I thought :)

Changing _AD_Int8ToSec isn't the way to go - I will have to change _AD_IsObjectLocked.

Now _AD_IsObjectLocked returns 1 and sets @error to the number of minutes until the account is unlocked.

If the account has to be unlocked by an admin the function should still return 1 but set @error to -1.

What doy ou think?

My UDFs and Tutorials:

Spoiler

UDFs:
Active Directory (NEW 2024-07-28 - Version 1.6.3.0) - Download - General Help & Support - Example Scripts - Wiki
ExcelChart (2017-07-21 - Version 0.4.0.1) - Download - General Help & Support - Example Scripts
OutlookEX (2021-11-16 - Version 1.7.0.0) - Download - General Help & Support - Example Scripts - Wiki
OutlookEX_GUI (2021-04-13 - Version 1.4.0.0) - Download
Outlook Tools (2019-07-22 - Version 0.6.0.0) - Download - General Help & Support - Wiki
PowerPoint (2021-08-31 - Version 1.5.0.0) - Download - General Help & Support - Example Scripts - Wiki
Task Scheduler (2022-07-28 - Version 1.6.0.1) - Download - General Help & Support - Wiki

Standard UDFs:
Excel - Example Scripts - Wiki
Word - Wiki

Tutorials:
ADO - Wiki
WebDriver - Wiki

 

Link to comment
Share on other sites

I re-did my math with autoit and came to this number: 9999999999999960

The coding would then be:

If $lngHigh = 0x80000000 And $lngLow = 0 Then Return 9999999999999960

When divided by 60 it would return 166666666666666, which is closer to infinite: 1929012345d 16 hours 17m46s :) (5.28 million years)

And therefor less likely to become a y2k issue :)

But I'll leave the design to you of course!

Edit: crossed you're post...

Edited by WLZAdmin
Link to comment
Share on other sites

Guest
This topic is now closed to further replies.
 Share

×
×
  • Create New...