Jump to content

Recommended Posts

Posted

Love the functionality in your AD UDF, Water. I do have one question, but first some background...

I'm writing an AutoIt script for our first level support team that will show AD user information (location, home drive, Exchange server, AD groups, etc.). I rely heavily on your AD UDF to do this, and am currently trying to integrate Powershell scripts into it (that's another matter). My question is, when I enter a partial AD username is there any way to bring back a list of the names that match that pattern? For instance, if I enter in "smith" is there any way to retrieve a list of all (or at least the first dozen or so) smiths? Currently, the only thing I can figure out is to return a message saying that the user "smith" does not exist. Is there any way to work with your current AD UDF and perform this partial username match?

Who lied and told you life would EVER be fair?

Posted

In your case I suggest to use the "swiss army knife" of the AD UDF - _AD_GetObjectsInOU.

$sUser = "Smith"
$aObjects = _AD_GetObjectsInOU("", "(&(objectcategory=person)(objectclass=user)(cn=" & $sUser & "*))", 2, "sAMAccountName,distinguishedName,displayname", "displayname")
Returns a list of users where the common name starts with "Smith".

If you want to search more than one field you could try ANR (Ambigous Name Resolution). Please check example script _AD_GetObjectsInOU.au3 - example 3.

My UDFs and Tutorials:

Spoiler

UDFs:
Active Directory (NEW 2024-07-28 - Version 1.6.3.0) - Download - General Help & Support - Example Scripts - Wiki
ExcelChart (2017-07-21 - Version 0.4.0.1) - Download - General Help & Support - Example Scripts
OutlookEX (2021-11-16 - Version 1.7.0.0) - Download - General Help & Support - Example Scripts - Wiki
OutlookEX_GUI (2021-04-13 - Version 1.4.0.0) - Download
Outlook Tools (2019-07-22 - Version 0.6.0.0) - Download - General Help & Support - Wiki
PowerPoint (2021-08-31 - Version 1.5.0.0) - Download - General Help & Support - Example Scripts - Wiki
Task Scheduler (2022-07-28 - Version 1.6.0.1) - Download - General Help & Support - Wiki

Standard UDFs:
Excel - Example Scripts - Wiki
Word - Wiki

Tutorials:
ADO - Wiki
WebDriver - Wiki

 

Posted

In your case I suggest to use the "swiss army knife" of the AD UDF - _AD_GetObjectsInOU.

$sUser = "Smith"
$aObjects = _AD_GetObjectsInOU("", "(&(objectcategory=person)(objectclass=user)(cn=" & $sUser & "*))", 2, "sAMAccountName,distinguishedName,displayname", "displayname")
Returns a list of users where the common name starts with "Smith".

If you want to search more than one field you could try ANR (Ambigous Name Resolution). Please check example script _AD_GetObjectsInOU.au3 - example 3.

Thanks, water! Worked perfectly!

Who lied and told you life would EVER be fair?

Posted
:)

My UDFs and Tutorials:

Spoiler

UDFs:
Active Directory (NEW 2024-07-28 - Version 1.6.3.0) - Download - General Help & Support - Example Scripts - Wiki
ExcelChart (2017-07-21 - Version 0.4.0.1) - Download - General Help & Support - Example Scripts
OutlookEX (2021-11-16 - Version 1.7.0.0) - Download - General Help & Support - Example Scripts - Wiki
OutlookEX_GUI (2021-04-13 - Version 1.4.0.0) - Download
Outlook Tools (2019-07-22 - Version 0.6.0.0) - Download - General Help & Support - Wiki
PowerPoint (2021-08-31 - Version 1.5.0.0) - Download - General Help & Support - Example Scripts - Wiki
Task Scheduler (2022-07-28 - Version 1.6.0.1) - Download - General Help & Support - Wiki

Standard UDFs:
Excel - Example Scripts - Wiki
Word - Wiki

Tutorials:
ADO - Wiki
WebDriver - Wiki

 

Posted

@water

; #FUNCTION# ====================================================================================================================
; Name...........: _AD_IsObjectLocked
; Description ...: Returns 1 if the object (user account, computer account) is locked.
; Syntax.........: _AD_IsObjectLocked([$sAD_Object = @Username])
; Parameters ....: $sAD_Object - Optional: Object to check (default = @Username). Can be specified as Fully Qualified Domain Name (FQDN) or sAMAccountName
; Return values .: Success - 1, Specified object is locked, sets @error to:
;                  |x - number of minutes till the account is unlocked. -1 means the account has to be unlocked manually by an admin
;                  Failure - 0, sets @error to:
;                  |0 - $sAD_Object is not locked
;                  |1 - $sAD_Object could not be found
; Author ........: water
; Modified.......:
; Remarks .......: A $ sign must be appended to the computer name to create a correct sAMAccountName e.g. @ComputerName & "$"
;                  LockoutTime contains the timestamp when the object was locked. This value is not reset until the user/computer logs on again.
;                  LockoutTime could be > 0 even when the lockout already has expired.
; Related .......: _AD_GetObjectsLocked, _AD_UnlockObject
; Link ..........: http://www.pcreview.co.uk/forums/thread-1350048.php, http://www.rlmueller.net/IsUserLocked.htm, http://technet.microsoft.com/en-us/library/cc780271%28WS.10%29.aspx
; Example .......: Yes
; ===============================================================================================================================
Func _AD_IsObjectLocked($sAD_Object = @UserName)

    ;-------------------------------------------------------------
    ; HINT: To enhance performance this can also be written as:
    ;   $oUser = ObjGet("WinNT://<Domain>/<User>")
    ;   ConsoleWrite("Locked: " & $oUser.IsAccountLocked & @CRLF)
    ;-------------------------------------------------------------
    If Not _AD_ObjectExists($sAD_Object) Then Return SetError(1, 0, 0)
    Local $sAD_Property = "sAMAccountName"
    If StringMid($sAD_Object, 3, 1) = "=" Then $sAD_Property = "distinguishedName"; FQDN provided
    $oAD_Command.CommandText = "<LDAP://" & $sAD_HostServer & "/" & $sAD_DNSDomain & ">;(" & $sAD_Property & "=" & $sAD_Object & ");ADsPath;subtree"
    Local $oAD_RecordSet = $oAD_Command.Execute ; Retrieve the ADsPath for the object
    Local $sAD_LDAPEntry = $oAD_RecordSet.fields(0).value
    Local $oAD_Object = _AD_ObjGet($sAD_LDAPEntry) ; Retrieve the COM Object for the object
    Local $oAD_LockoutTime = $oAD_Object.LockoutTime
    ; Object is not locked out
    If Not IsObj($oAD_LockoutTime) Then Return
    ; Calculate lockout time (UTC)
    Local $sAD_LockoutTime = _DateAdd("s", Int(_AD_LargeInt2Double($oAD_LockoutTime.LowPart, $oAD_LockoutTime.HighPart) / (10000000)), "1601/01/01 00:00:00")
    ; Object is not locked out
    If $sAD_LockoutTime = "1601/01/01 00:00:00" Then Return
    ; Get password info - Account Lockout Duration
    Local $aAD_Temp = _AD_GetPasswordInfo($sAD_Object)
    ; if lockout duration is 0 (= unlock manually by admin needed) then no calculation is necessary. Set @error to -1 (minutes till the account is unlocked)
    If $aAD_Temp[5] = 0 Then Return SetError(-1, 0, 1)
    ; Calculate when the lockout will be reset
    Local $sAD_ResetLockoutTime = _DateAdd("n", $aAD_Temp[5], $sAD_LockoutTime)
    ; Compare to current date/time (UTC)
    Local $sAD_Now = _Date_Time_GetSystemTime()
    $sAD_Now = _Date_Time_SystemTimeToDateTimeStr($sAD_Now, 1)
    If $sAD_ResetLockoutTime >= $sAD_Now Then Return SetError(_DateDiff("n", $sAD_Now, $sAD_ResetLockoutTime), 0, 1)
    Return

EndFunc   ;==>_AD_IsObjectLocked

This function does not return as expected? Maybe I am doing something wrong. But it says that is should return 1 if the account is locked - if i just unlock the account, it does unlock, but I want to check the account first to verify before unlocking - is this possible? It does show that the account is disable - if true?

_AD_Open()
        $Username = 'Tuckerg'
                If Not _AD_IsObjectDisabled($UserName) Then
             If _AD_IsObjectLocked('TUCKERG') = 1 Then
                  $test = _AD_UnlockObject($UserName)
                  MsgBox('', '', $test)
             Else
                  MsgBox('', 'Account is not Locked', 'Username = ' & $UserName)
             EndIf
        Else
             MsgBox('','DISABLED AD ACCOUNT', 'Account is currently disabled - has to be reEnabled to work!')
        EndIf
    _AD_Close()

I have also tried, and it worked for a couple of times, but then stopped...but like above if I just force an unlock it works?

; $oUser = ObjGet("WinNT://<Domain>/<User>")

; ConsoleWrite("Locked: " & $oUser.IsAccountLocked & @CRLF)

2¢

All by me:

"Sometimes you have to go back to where you started, to get to where you want to go." 

"Everybody catches up with everyone, eventually" 

"As you teach others, you are really teaching yourself."

From my dad

"Do not worry about yesterday, as the only thing that you can control is tomorrow."

 

WindowsError.gif

WIKI | Tabs; | Arrays; | Strings | Wiki Arrays | How to ask a Question | Forum Search | FAQ | Tutorials | Original FAQ | ONLINE HELP | UDF's Wiki | AutoIt PDF

AutoIt Snippets | Multple Guis | Interrupting a running function | Another Send

StringRegExp | StringRegExp Help | RegEXTester | REG TUTOR | Reg TUTOT 2

AutoItSetOption | Macros | AutoIt Snippets | Wrapper | Autoit  Docs

SCITE | SciteJump | BB | MyTopics | Programming | UDFs | AutoIt 123 | UDFs Form | UDF

Learning to script | Tutorials | Documentation | IE.AU3 | Games? | FreeSoftware | Path_Online | Core Language

Programming Tips

Excel Changes

ControlHover.UDF

GDI_Plus

Draw_On_Screen

GDI Basics

GDI_More_Basics

GDI Rotate

GDI Graph

GDI  CheckExistingItems

GDI Trajectory

Replace $ghGDIPDll with $__g_hGDIPDll

DLL 101?

Array via Object

GDI Swimlane

GDI Plus French 101 Site

GDI Examples UEZ

GDI Basic Clock

GDI Detection

Ternary operator

Posted (edited)

You know that "disabled" and "locked" are two different things?

An admin can set an account to "disabled" - so the user can't log in until the admin sets the account to enabled.

An account is locked when the number of invalid logon attempts has been exceed. The account is locked for a specified number of minutes or until it is unlocked by an admin.

Can you please run _AD_GetPasswordInfo and post or send the results by private mail? Maybe that can shed some light on the subject.

BTW: Do you use the latest version of the UDF? Version 0.43 had some bug fixing in this function.

Edited by water

My UDFs and Tutorials:

Spoiler

UDFs:
Active Directory (NEW 2024-07-28 - Version 1.6.3.0) - Download - General Help & Support - Example Scripts - Wiki
ExcelChart (2017-07-21 - Version 0.4.0.1) - Download - General Help & Support - Example Scripts
OutlookEX (2021-11-16 - Version 1.7.0.0) - Download - General Help & Support - Example Scripts - Wiki
OutlookEX_GUI (2021-04-13 - Version 1.4.0.0) - Download
Outlook Tools (2019-07-22 - Version 0.6.0.0) - Download - General Help & Support - Wiki
PowerPoint (2021-08-31 - Version 1.5.0.0) - Download - General Help & Support - Example Scripts - Wiki
Task Scheduler (2022-07-28 - Version 1.6.0.1) - Download - General Help & Support - Wiki

Standard UDFs:
Excel - Example Scripts - Wiki
Word - Wiki

Tutorials:
ADO - Wiki
WebDriver - Wiki

 

Posted (edited)

You know that "disabled" and "locked" are two different things?

An admin can set an account to "disabled" - so the user can't log in until the admin sets the account to enabled.

An account is locked when the number of invalid logon attempts has been exceed. The account is locked for a specified number of minutes or until it is unlocked by an admin.

Yes I understand the difference - if the account is disabled, there is no reason to unlock the account. In my script, I check first for that and if it is disabled let the TECH know, before preceeding, the account needs to be verified if still an employee - before enabling the account.

Can you please run _AD_GetPasswordInfo and post or send the results by private mail? Maybe that can shed some light on the subject.

[0]|12

[1]|60

[2]|3

[3]|6

[4]|8

[5]|15372286728.0913

[6]|3

[7]|30

[8]|2011/06/20 07:30:05

[9]|2011/08/19 07:30:05

[10]|2011/06/20 11:30:05

[11]|2011/08/19 11:30:05

[12]|0

And the last question - running: ; UDF Version ...: 1.0.0

EDIT

Just tried it again - it worked, as the account was locked - I guess from last night when I was testing on this test account, but then I unlocked it and relocked it and waited like 5 mins and it now shows that it is not locked - even though the account is locked

[0]|12

[1]|60

[2]|3

[3]|6

[4]|8

[5]|15372286728.0913

[6]|3

[7]|30

[8]|2011/06/20 07:30:05

[9]|2011/08/19 07:30:05

[10]|2011/06/20 11:30:05

[11]|2011/08/19 11:30:05

[12]|0

Edited by nitekram

2¢

All by me:

"Sometimes you have to go back to where you started, to get to where you want to go." 

"Everybody catches up with everyone, eventually" 

"As you teach others, you are really teaching yourself."

From my dad

"Do not worry about yesterday, as the only thing that you can control is tomorrow."

 

WindowsError.gif

WIKI | Tabs; | Arrays; | Strings | Wiki Arrays | How to ask a Question | Forum Search | FAQ | Tutorials | Original FAQ | ONLINE HELP | UDF's Wiki | AutoIt PDF

AutoIt Snippets | Multple Guis | Interrupting a running function | Another Send

StringRegExp | StringRegExp Help | RegEXTester | REG TUTOR | Reg TUTOT 2

AutoItSetOption | Macros | AutoIt Snippets | Wrapper | Autoit  Docs

SCITE | SciteJump | BB | MyTopics | Programming | UDFs | AutoIt 123 | UDFs Form | UDF

Learning to script | Tutorials | Documentation | IE.AU3 | Games? | FreeSoftware | Path_Online | Core Language

Programming Tips

Excel Changes

ControlHover.UDF

GDI_Plus

Draw_On_Screen

GDI Basics

GDI_More_Basics

GDI Rotate

GDI Graph

GDI  CheckExistingItems

GDI Trajectory

Replace $ghGDIPDll with $__g_hGDIPDll

DLL 101?

Array via Object

GDI Swimlane

GDI Plus French 101 Site

GDI Examples UEZ

GDI Basic Clock

GDI Detection

Ternary operator

Posted

Please disregard - I think it is a timing issue, I waited since last edit from above post and it found the account locked. I am in the testing phase, so the latency will/should not be a problem in a live enviroment, cause, well they should not lock themselfs out again in 15-20 mins.

Thanks for your understanding - of my lack of knowledge, with your UDF.

2¢

All by me:

"Sometimes you have to go back to where you started, to get to where you want to go." 

"Everybody catches up with everyone, eventually" 

"As you teach others, you are really teaching yourself."

From my dad

"Do not worry about yesterday, as the only thing that you can control is tomorrow."

 

WindowsError.gif

WIKI | Tabs; | Arrays; | Strings | Wiki Arrays | How to ask a Question | Forum Search | FAQ | Tutorials | Original FAQ | ONLINE HELP | UDF's Wiki | AutoIt PDF

AutoIt Snippets | Multple Guis | Interrupting a running function | Another Send

StringRegExp | StringRegExp Help | RegEXTester | REG TUTOR | Reg TUTOT 2

AutoItSetOption | Macros | AutoIt Snippets | Wrapper | Autoit  Docs

SCITE | SciteJump | BB | MyTopics | Programming | UDFs | AutoIt 123 | UDFs Form | UDF

Learning to script | Tutorials | Documentation | IE.AU3 | Games? | FreeSoftware | Path_Online | Core Language

Programming Tips

Excel Changes

ControlHover.UDF

GDI_Plus

Draw_On_Screen

GDI Basics

GDI_More_Basics

GDI Rotate

GDI Graph

GDI  CheckExistingItems

GDI Trajectory

Replace $ghGDIPDll with $__g_hGDIPDll

DLL 101?

Array via Object

GDI Swimlane

GDI Plus French 101 Site

GDI Examples UEZ

GDI Basic Clock

GDI Detection

Ternary operator

Posted (edited)

I still wonder why you get

[5]|15372286728.0913
from _AD_GetPasswordInfo.

This bug has been solved in Version 0.43.

This bug led to a wrong result of _AD_IsObjectLocked.

Can you please re-verify that the AD UDF is at version 1.0.0?

If it is some more testing is necessary.

Edited by water

My UDFs and Tutorials:

Spoiler

UDFs:
Active Directory (NEW 2024-07-28 - Version 1.6.3.0) - Download - General Help & Support - Example Scripts - Wiki
ExcelChart (2017-07-21 - Version 0.4.0.1) - Download - General Help & Support - Example Scripts
OutlookEX (2021-11-16 - Version 1.7.0.0) - Download - General Help & Support - Example Scripts - Wiki
OutlookEX_GUI (2021-04-13 - Version 1.4.0.0) - Download
Outlook Tools (2019-07-22 - Version 0.6.0.0) - Download - General Help & Support - Wiki
PowerPoint (2021-08-31 - Version 1.5.0.0) - Download - General Help & Support - Example Scripts - Wiki
Task Scheduler (2022-07-28 - Version 1.6.0.1) - Download - General Help & Support - Wiki

Standard UDFs:
Excel - Example Scripts - Wiki
Word - Wiki

Tutorials:
ADO - Wiki
WebDriver - Wiki

 

Posted

I still wonder why you get

[5]|15372286728.0913
from _AD_GetPasswordInfo.

This bug has been solved in Version 0.43.

This bug led to a wrong result of _AD_IsObjectLocked.

Can you please re-verify that the AD UDF is at version 1.0.0?

If it is some more testing is necessary.

Yes - from your header

#include-once
#include <Array.au3>
#include <Date.au3>
#include <Constants.au3>
#Tidy_Parameters= /gd 1  /gds 1 /nsdp
#AutoIt3Wrapper_AU3Check_Parameters= -d -w 1 -w 2 -w 3 -w 4 -w 5 -w 6
#AutoIt3Wrapper_AU3Check_Stop_OnWarning=Y
; #INDEX# =======================================================================================================================
; Title .........: Active Directory Function Library
; AutoIt Version : 3.3.6.0 (because of _Date_Time_SystemTimeToDateTimeStr)
; UDF Version ...: 1.0.0
; Language ......: English
; Description ...: A collection of functions for accessing and manipulating Microsoft Active Directory

2¢

All by me:

"Sometimes you have to go back to where you started, to get to where you want to go." 

"Everybody catches up with everyone, eventually" 

"As you teach others, you are really teaching yourself."

From my dad

"Do not worry about yesterday, as the only thing that you can control is tomorrow."

 

WindowsError.gif

WIKI | Tabs; | Arrays; | Strings | Wiki Arrays | How to ask a Question | Forum Search | FAQ | Tutorials | Original FAQ | ONLINE HELP | UDF's Wiki | AutoIt PDF

AutoIt Snippets | Multple Guis | Interrupting a running function | Another Send

StringRegExp | StringRegExp Help | RegEXTester | REG TUTOR | Reg TUTOT 2

AutoItSetOption | Macros | AutoIt Snippets | Wrapper | Autoit  Docs

SCITE | SciteJump | BB | MyTopics | Programming | UDFs | AutoIt 123 | UDFs Form | UDF

Learning to script | Tutorials | Documentation | IE.AU3 | Games? | FreeSoftware | Path_Online | Core Language

Programming Tips

Excel Changes

ControlHover.UDF

GDI_Plus

Draw_On_Screen

GDI Basics

GDI_More_Basics

GDI Rotate

GDI Graph

GDI  CheckExistingItems

GDI Trajectory

Replace $ghGDIPDll with $__g_hGDIPDll

DLL 101?

Array via Object

GDI Swimlane

GDI Plus French 101 Site

GDI Examples UEZ

GDI Basic Clock

GDI Detection

Ternary operator

Posted

So we have to dig a bit into the subject.

Do you use the "granular password policy" feature implemented with Windows Server 2008?

Is it true that the "lockout duration" is set to 0 so that every locked user has to be unlocked by an admin?

Depending on thea nswers I will have to provide you with a modified version of _AD_IsObjectLocked to get more detail.

My UDFs and Tutorials:

Spoiler

UDFs:
Active Directory (NEW 2024-07-28 - Version 1.6.3.0) - Download - General Help & Support - Example Scripts - Wiki
ExcelChart (2017-07-21 - Version 0.4.0.1) - Download - General Help & Support - Example Scripts
OutlookEX (2021-11-16 - Version 1.7.0.0) - Download - General Help & Support - Example Scripts - Wiki
OutlookEX_GUI (2021-04-13 - Version 1.4.0.0) - Download
Outlook Tools (2019-07-22 - Version 0.6.0.0) - Download - General Help & Support - Wiki
PowerPoint (2021-08-31 - Version 1.5.0.0) - Download - General Help & Support - Example Scripts - Wiki
Task Scheduler (2022-07-28 - Version 1.6.0.1) - Download - General Help & Support - Wiki

Standard UDFs:
Excel - Example Scripts - Wiki
Word - Wiki

Tutorials:
ADO - Wiki
WebDriver - Wiki

 

Posted

So we have to dig a bit into the subject.

Do you use the "granular password policy" feature implemented with Windows Server 2008?

Is it true that the "lockout duration" is set to 0 so that every locked user has to be unlocked by an admin?

Depending on thea nswers I will have to provide you with a modified version of _AD_IsObjectLocked to get more detail.

Not sure of the first question, but do not think so as we only have a few servers that are 2008 and I do not think those are DC. The second is true - they get locked out, Admin has to do the unlock.

2¢

All by me:

"Sometimes you have to go back to where you started, to get to where you want to go." 

"Everybody catches up with everyone, eventually" 

"As you teach others, you are really teaching yourself."

From my dad

"Do not worry about yesterday, as the only thing that you can control is tomorrow."

 

WindowsError.gif

WIKI | Tabs; | Arrays; | Strings | Wiki Arrays | How to ask a Question | Forum Search | FAQ | Tutorials | Original FAQ | ONLINE HELP | UDF's Wiki | AutoIt PDF

AutoIt Snippets | Multple Guis | Interrupting a running function | Another Send

StringRegExp | StringRegExp Help | RegEXTester | REG TUTOR | Reg TUTOT 2

AutoItSetOption | Macros | AutoIt Snippets | Wrapper | Autoit  Docs

SCITE | SciteJump | BB | MyTopics | Programming | UDFs | AutoIt 123 | UDFs Form | UDF

Learning to script | Tutorials | Documentation | IE.AU3 | Games? | FreeSoftware | Path_Online | Core Language

Programming Tips

Excel Changes

ControlHover.UDF

GDI_Plus

Draw_On_Screen

GDI Basics

GDI_More_Basics

GDI Rotate

GDI Graph

GDI  CheckExistingItems

GDI Trajectory

Replace $ghGDIPDll with $__g_hGDIPDll

DLL 101?

Array via Object

GDI Swimlane

GDI Plus French 101 Site

GDI Examples UEZ

GDI Basic Clock

GDI Detection

Ternary operator

Posted

Can you please insert line

$iAD_Debug = 2
after _AD_Open in the _AD_GetPasswordInfo.au3 example script so we can get all unexpected erros?

My UDFs and Tutorials:

Spoiler

UDFs:
Active Directory (NEW 2024-07-28 - Version 1.6.3.0) - Download - General Help & Support - Example Scripts - Wiki
ExcelChart (2017-07-21 - Version 0.4.0.1) - Download - General Help & Support - Example Scripts
OutlookEX (2021-11-16 - Version 1.7.0.0) - Download - General Help & Support - Example Scripts - Wiki
OutlookEX_GUI (2021-04-13 - Version 1.4.0.0) - Download
Outlook Tools (2019-07-22 - Version 0.6.0.0) - Download - General Help & Support - Wiki
PowerPoint (2021-08-31 - Version 1.5.0.0) - Download - General Help & Support - Example Scripts - Wiki
Task Scheduler (2022-07-28 - Version 1.6.0.1) - Download - General Help & Support - Wiki

Standard UDFs:
Excel - Example Scripts - Wiki
Word - Wiki

Tutorials:
ADO - Wiki
WebDriver - Wiki

 

Posted (edited)

Can you please insert line

$iAD_Debug = 2
after _AD_Open in the _AD_GetPasswordInfo.au3 example script so we can get all unexpected erros?

It was already in there above the _AD_OPEN(), but I put where you asked and ran...let me know if you need anything else. I am leaving from work soon, so may not get back to you until tomorrow. Thanks again for your help

[0]<12<

[1]<Maximum Password Age (days)<60

[2]<Minimum Password Age (days)<3

[3]<Enforce Password History (# of passwords remembered)<6

[4]<Minimum Password Length<8

[5]<Account Lockout Duration (minutes)<15372286728.0913

[6]<Account Lockout Threshold (invalid logon attempts)<3

[7]<Reset account lockout counter after (minutes)<30

[8]<Password last changed (YYYY/MM/DD HH:MM:SS local time)<2011/06/20 07:30:05

[9]<Password expires (YYYY/MM/DD HH:MM:SS local time)<2011/08/19 07:30:05

[10]<Password last changed (YYYY/MM/DD HH:MM:SS UTC)<2011/06/20 11:30:05

[11]<Password expires (YYYY/MM/DD HH:MM:SS UTC)<2011/08/19 11:30:05

[12]<Password properties<0

Edited by nitekram

2¢

All by me:

"Sometimes you have to go back to where you started, to get to where you want to go." 

"Everybody catches up with everyone, eventually" 

"As you teach others, you are really teaching yourself."

From my dad

"Do not worry about yesterday, as the only thing that you can control is tomorrow."

 

WindowsError.gif

WIKI | Tabs; | Arrays; | Strings | Wiki Arrays | How to ask a Question | Forum Search | FAQ | Tutorials | Original FAQ | ONLINE HELP | UDF's Wiki | AutoIt PDF

AutoIt Snippets | Multple Guis | Interrupting a running function | Another Send

StringRegExp | StringRegExp Help | RegEXTester | REG TUTOR | Reg TUTOT 2

AutoItSetOption | Macros | AutoIt Snippets | Wrapper | Autoit  Docs

SCITE | SciteJump | BB | MyTopics | Programming | UDFs | AutoIt 123 | UDFs Form | UDF

Learning to script | Tutorials | Documentation | IE.AU3 | Games? | FreeSoftware | Path_Online | Core Language

Programming Tips

Excel Changes

ControlHover.UDF

GDI_Plus

Draw_On_Screen

GDI Basics

GDI_More_Basics

GDI Rotate

GDI Graph

GDI  CheckExistingItems

GDI Trajectory

Replace $ghGDIPDll with $__g_hGDIPDll

DLL 101?

Array via Object

GDI Swimlane

GDI Plus French 101 Site

GDI Examples UEZ

GDI Basic Clock

GDI Detection

Ternary operator

Posted

As we get no COM error we need to check why 15372286728.0913 isn't translated to the correct value of 0.

Could you please insert line

MsgBox(0,"", "Hi: " & $oAD_Temp.HighPart & @CRLF & "LO: " & $oAD_Temp.LowPart)
after line
Local $oAD_Temp = $oAD_Object.Get("lockoutDuration")
in function _AD_GetPasswordInfo in AD.au3, run _AD_GetPasswordInfo and post the result?

My UDFs and Tutorials:

Spoiler

UDFs:
Active Directory (NEW 2024-07-28 - Version 1.6.3.0) - Download - General Help & Support - Example Scripts - Wiki
ExcelChart (2017-07-21 - Version 0.4.0.1) - Download - General Help & Support - Example Scripts
OutlookEX (2021-11-16 - Version 1.7.0.0) - Download - General Help & Support - Example Scripts - Wiki
OutlookEX_GUI (2021-04-13 - Version 1.4.0.0) - Download
Outlook Tools (2019-07-22 - Version 0.6.0.0) - Download - General Help & Support - Wiki
PowerPoint (2021-08-31 - Version 1.5.0.0) - Download - General Help & Support - Example Scripts - Wiki
Task Scheduler (2022-07-28 - Version 1.6.0.1) - Download - General Help & Support - Wiki

Standard UDFs:
Excel - Example Scripts - Wiki
Word - Wiki

Tutorials:
ADO - Wiki
WebDriver - Wiki

 

Posted

Ok, as requested:

Results

Hi: -2147483648

Lo: 0

2¢

All by me:

"Sometimes you have to go back to where you started, to get to where you want to go." 

"Everybody catches up with everyone, eventually" 

"As you teach others, you are really teaching yourself."

From my dad

"Do not worry about yesterday, as the only thing that you can control is tomorrow."

 

WindowsError.gif

WIKI | Tabs; | Arrays; | Strings | Wiki Arrays | How to ask a Question | Forum Search | FAQ | Tutorials | Original FAQ | ONLINE HELP | UDF's Wiki | AutoIt PDF

AutoIt Snippets | Multple Guis | Interrupting a running function | Another Send

StringRegExp | StringRegExp Help | RegEXTester | REG TUTOR | Reg TUTOT 2

AutoItSetOption | Macros | AutoIt Snippets | Wrapper | Autoit  Docs

SCITE | SciteJump | BB | MyTopics | Programming | UDFs | AutoIt 123 | UDFs Form | UDF

Learning to script | Tutorials | Documentation | IE.AU3 | Games? | FreeSoftware | Path_Online | Core Language

Programming Tips

Excel Changes

ControlHover.UDF

GDI_Plus

Draw_On_Screen

GDI Basics

GDI_More_Basics

GDI Rotate

GDI Graph

GDI  CheckExistingItems

GDI Trajectory

Replace $ghGDIPDll with $__g_hGDIPDll

DLL 101?

Array via Object

GDI Swimlane

GDI Plus French 101 Site

GDI Examples UEZ

GDI Basic Clock

GDI Detection

Ternary operator

Posted

OK, I see. This number isn't handled by the function and therefore we get the wrong results.

Now I have some more questions:

What do you get when you insert this lines into _AD_GetPasswordInfo.au3:

ConsoleWrite("@AutoItX64: " & @AutoItX64 & @CRLF)
ConsoleWrite("@CPUArch: " & @CPUArch & @CRLF)
ConsoleWrite("@OSArch: " & @OSArch & @CRLF)

Do you run your original script as 32 or 64 bit?

My UDFs and Tutorials:

Spoiler

UDFs:
Active Directory (NEW 2024-07-28 - Version 1.6.3.0) - Download - General Help & Support - Example Scripts - Wiki
ExcelChart (2017-07-21 - Version 0.4.0.1) - Download - General Help & Support - Example Scripts
OutlookEX (2021-11-16 - Version 1.7.0.0) - Download - General Help & Support - Example Scripts - Wiki
OutlookEX_GUI (2021-04-13 - Version 1.4.0.0) - Download
Outlook Tools (2019-07-22 - Version 0.6.0.0) - Download - General Help & Support - Wiki
PowerPoint (2021-08-31 - Version 1.5.0.0) - Download - General Help & Support - Example Scripts - Wiki
Task Scheduler (2022-07-28 - Version 1.6.0.1) - Download - General Help & Support - Wiki

Standard UDFs:
Excel - Example Scripts - Wiki
Word - Wiki

Tutorials:
ADO - Wiki
WebDriver - Wiki

 

Posted

As requested - the results from consolewrite()

@AutoItX64: 0

@CPUArch: X64

@OSArch: X86

And I run my script at 32 bit

Thanks again for your help...

2¢

All by me:

"Sometimes you have to go back to where you started, to get to where you want to go." 

"Everybody catches up with everyone, eventually" 

"As you teach others, you are really teaching yourself."

From my dad

"Do not worry about yesterday, as the only thing that you can control is tomorrow."

 

WindowsError.gif

WIKI | Tabs; | Arrays; | Strings | Wiki Arrays | How to ask a Question | Forum Search | FAQ | Tutorials | Original FAQ | ONLINE HELP | UDF's Wiki | AutoIt PDF

AutoIt Snippets | Multple Guis | Interrupting a running function | Another Send

StringRegExp | StringRegExp Help | RegEXTester | REG TUTOR | Reg TUTOT 2

AutoItSetOption | Macros | AutoIt Snippets | Wrapper | Autoit  Docs

SCITE | SciteJump | BB | MyTopics | Programming | UDFs | AutoIt 123 | UDFs Form | UDF

Learning to script | Tutorials | Documentation | IE.AU3 | Games? | FreeSoftware | Path_Online | Core Language

Programming Tips

Excel Changes

ControlHover.UDF

GDI_Plus

Draw_On_Screen

GDI Basics

GDI_More_Basics

GDI Rotate

GDI Graph

GDI  CheckExistingItems

GDI Trajectory

Replace $ghGDIPDll with $__g_hGDIPDll

DLL 101?

Array via Object

GDI Swimlane

GDI Plus French 101 Site

GDI Examples UEZ

GDI Basic Clock

GDI Detection

Ternary operator

Posted

I hope you access the Active Directory using an administrator account because this kind of information shouldn't be accessible by ordinary users.

This is correct. I am the domain administrator. If our users could do this I would cringe!

Posted

Hi nitekram

could you please replace the following lines in _AD_GetPasswordInfo

If $oAD_Temp.HighPart = 0x7FFFFFFF And $oAD_Temp.LowPart = 0xFFFFFFFF Then
    $aAD_PwdInfo[5] = 0 ; Account has to be unlocked manually by an admin
Else
    $aAD_PwdInfo[5] = _AD_Int8ToSec($oAD_Object.Get("lockoutDuration")) / 60 ; Convert to Minutes
EndIf
with

$aAD_PwdInfo[5] = _AD_Int8ToSec($oAD_Object.Get("lockoutDuration")) / 60 ; Convert to Minutes
If $aAD_PwdInfo[5] < 0 Or $aAD_PwdInfo[5] > 99999 Then $aAD_PwdInfo[5] = 0

What results do _AD_GetPasswordInfo and _AD_IsObjectLocked deliver?

My UDFs and Tutorials:

Spoiler

UDFs:
Active Directory (NEW 2024-07-28 - Version 1.6.3.0) - Download - General Help & Support - Example Scripts - Wiki
ExcelChart (2017-07-21 - Version 0.4.0.1) - Download - General Help & Support - Example Scripts
OutlookEX (2021-11-16 - Version 1.7.0.0) - Download - General Help & Support - Example Scripts - Wiki
OutlookEX_GUI (2021-04-13 - Version 1.4.0.0) - Download
Outlook Tools (2019-07-22 - Version 0.6.0.0) - Download - General Help & Support - Wiki
PowerPoint (2021-08-31 - Version 1.5.0.0) - Download - General Help & Support - Example Scripts - Wiki
Task Scheduler (2022-07-28 - Version 1.6.0.1) - Download - General Help & Support - Wiki

Standard UDFs:
Excel - Example Scripts - Wiki
Word - Wiki

Tutorials:
ADO - Wiki
WebDriver - Wiki

 

Guest
This topic is now closed to further replies.
×
×
  • Create New...