Jump to content

Active Directory UDF


water
 Share

Recommended Posts

Why do you query this group? What information do you want to get?

My UDFs and Tutorials:

Spoiler

UDFs:
Active Directory (NEW 2024-07-28 - Version 1.6.3.0) - Download - General Help & Support - Example Scripts - Wiki
ExcelChart (2017-07-21 - Version 0.4.0.1) - Download - General Help & Support - Example Scripts
OutlookEX (2021-11-16 - Version 1.7.0.0) - Download - General Help & Support - Example Scripts - Wiki
OutlookEX_GUI (2021-04-13 - Version 1.4.0.0) - Download
Outlook Tools (2019-07-22 - Version 0.6.0.0) - Download - General Help & Support - Wiki
PowerPoint (2021-08-31 - Version 1.5.0.0) - Download - General Help & Support - Example Scripts - Wiki
Task Scheduler (2022-07-28 - Version 1.6.0.1) - Download - General Help & Support - Wiki

Standard UDFs:
Excel - Example Scripts - Wiki
Word - Wiki

Tutorials:
ADO - Wiki
WebDriver - Wiki

 

Link to comment
Share on other sites

Nothing very special...

First, it was a bit strange and confusing to me:

Querying group members for "Domain Users" = empty,

querying member's groups = "Domain Users" present.

Second, the function I used before lists all group members for "Domain Users".

But as the linked forum post explained: This is normal... :D

Link to comment
Share on other sites

I'm glad you like it!

But it mainly the effort of Jonathan Clelland. I just brushed it up and extended it a bit.

Edited by water

My UDFs and Tutorials:

Spoiler

UDFs:
Active Directory (NEW 2024-07-28 - Version 1.6.3.0) - Download - General Help & Support - Example Scripts - Wiki
ExcelChart (2017-07-21 - Version 0.4.0.1) - Download - General Help & Support - Example Scripts
OutlookEX (2021-11-16 - Version 1.7.0.0) - Download - General Help & Support - Example Scripts - Wiki
OutlookEX_GUI (2021-04-13 - Version 1.4.0.0) - Download
Outlook Tools (2019-07-22 - Version 0.6.0.0) - Download - General Help & Support - Wiki
PowerPoint (2021-08-31 - Version 1.5.0.0) - Download - General Help & Support - Example Scripts - Wiki
Task Scheduler (2022-07-28 - Version 1.6.0.1) - Download - General Help & Support - Wiki

Standard UDFs:
Excel - Example Scripts - Wiki
Word - Wiki

Tutorials:
ADO - Wiki
WebDriver - Wiki

 

Link to comment
Share on other sites

It's still hugely impressive - many thanks to you and Jonathan Clelland for all the work.

I've just been raking through the list of examples and they all work beautifully. I've got a big project away to start which will require a lot of AD integration and querying so this just saved me a huge chunk of time.

Nice one fella. :D

Link to comment
Share on other sites

Hi JonnyThunder,

please wait a few minutes before you start with your project.

There might be some script breaking changes in the next version. Some functions use "ByRef" to return data but most of the functions don't.

I think about removing the "ByRef" so the calls to the functions might change.

I'm going to do some performance checks and if there is little difference then I'm going to change it.

I'll keep you informed.

My UDFs and Tutorials:

Spoiler

UDFs:
Active Directory (NEW 2024-07-28 - Version 1.6.3.0) - Download - General Help & Support - Example Scripts - Wiki
ExcelChart (2017-07-21 - Version 0.4.0.1) - Download - General Help & Support - Example Scripts
OutlookEX (2021-11-16 - Version 1.7.0.0) - Download - General Help & Support - Example Scripts - Wiki
OutlookEX_GUI (2021-04-13 - Version 1.4.0.0) - Download
Outlook Tools (2019-07-22 - Version 0.6.0.0) - Download - General Help & Support - Wiki
PowerPoint (2021-08-31 - Version 1.5.0.0) - Download - General Help & Support - Example Scripts - Wiki
Task Scheduler (2022-07-28 - Version 1.6.0.1) - Download - General Help & Support - Wiki

Standard UDFs:
Excel - Example Scripts - Wiki
Word - Wiki

Tutorials:
ADO - Wiki
WebDriver - Wiki

 

Link to comment
Share on other sites

Hi Water,

thank you for V0.34. Good job! :D

When I query 300+ users by _AD_GetObjectProperties() the script stops with an:

!>17:17:07 AutoIT3.exe ended.rc:-1073741819

... error. Without _AD_GetObjectProperties() the scripts runs fine.

Maybe it is the user count; querying 10-20 works without errors...

Putting Sleep(0100) somewhere between doesn't help...

Any ideas about this?

Greets,

-supersonic.

Link to comment
Share on other sites

JonnyThunder,

if it works fine for you... Maybe you - or somebody else - can help me or give me a clue:

At first I run a query like this to get all users (and some of their attributes):

_AD_GetObjectsInOU($aTmp1, $GUICtrlRead, "(&(objectCategory=user))", 2, _ArrayToString($aADQAttributes, ",", 1, 0), "")

After that I would like to get some "encoded" attributes of each user:

Local aADQAttributes ; An one-based array of attributes. If there is a match, the value will be returned to $aTmp2.
Local $aTmp2
_AD_InjectObjectProperties($aTmp2, $aADQAttributes, _AD_FQDNToSamAccountName($aTmp1[$i][1]))
.
.
.
Func _AD_InjectObjectProperties(ByRef $iArr1, ByRef Const $iArr2, $iStr = "")
    Local $aAttr[7] = ["accountExpires", "badPasswordTime", "lastLogon", "lastLogonTimestamp", "objectGUID", "objectSID", "pwdLastSet"]
    Local $aProp    = _AD_GetObjectProperties($iStr)
    If @error <> 1 Then
        For $i = 0 To UBound($aAttr) - 1 Step 1
            Local $vTmp1 = _ArraySearch($iArr2, $aAttr[$i], 1, 0, 0, 0, 1, 0)
            If $vTmp1 > 0 Then
                Local $vTmp2 = _ArraySearch($aProp, $aAttr[$i], 1, 0, 0, 0, 1, 0)
                If $vTmp2 > 0 Then
                    $iArr1[$vTmp1 - 2] = $aProp[$vTmp2][1] ; Less array index and hidden/invisible attribute. "Something" special; please ignore...
                EndIf
            EndIf
        Next
    EndIf
EndFunc

Maybe the code isn't very good!? Could someone provide a better example?

Greets,

-supersonic.

Edited by supersonic
Link to comment
Share on other sites

Sounds strange: If I convert your returncode to hex I get 0xC0000005. Google returns some very strange results on that.

Where (is the line number in your script or somewhere in the AD UDF) do you get this error?

I've modified _AD_GetObjectProperties so you can specify which attributes to return in a comma seprated list.

So

$aProperties = _AD_GetObjectProperties(@UserName,"accountExpires, badPasswordTime, lastLogon, lastLogonTimestamp, objectGUID, objectSID, pwdLastSet")
should do the trick.

; #FUNCTION# ====================================================================================================================
; Name...........: _AD_GetObjectProperties
; Description ...: Returns a two-dimensional array with all properties and their values of an object in readable form.
; Syntax.........: _AD_GetObjectProperties([$sAD_Object = @UserName[, $sAD_Attributes = ""]])
; Parameters ....: $sAD_Object - Optional: SamAccountName or FQDN of the object to get the attributes from (e.g. computer, user, group ...) (default = @Username)
;   $sAD_Attributes - Optional: Comma separated list of attributes to return (default = "" = return all attributes)
; Return values .: Success - Returns a two-dimensional array with all properties and their values of an object in readable form
;   Failure - 0 or property name, sets @error to:
;   |1 - $sAD_Object could not be found
;   |2 - No attributes for the specified property. The property is returned as the functions result
; Author ........: Sundance
; Modified.......: Thomas Rupp
; Remarks .......: Dates are returned in format: YYYY/MM/DD HH:MM:SS
;   NT Security Descriptors are returned as: Control:nn, Group:Domain\Group, Owner:Domain\Group, Revision:nn
;   No error is returned if there are attributes in $sAD_Attributes that are not available for the selected object
; Related .......:
; Link ..........: http://www.autoitscript.com/forum/index.php?showtopic=49627&view=findpost&p=422402, http://msdn.microsoft.com/en-us/library/ms675090(VS.85).aspx
; Example .......: Yes
; ===============================================================================================================================
Func _AD_GetObjectProperties($sAD_Object = @UserName, $sAD_Attributes = "")

    Local $aAD_ObjectProperties[1][2]
    Local $sAD_Query, $oAD_Item, $oAD_PropertyEntry, $oAD_Value, $iCount3, $xAD_Dummy
    ; Data Type Mapping between Active Directory and LDAP
    ; http://msdn.microsoft.com/en-us/library/aa772375(VS.85).aspx
    Local Const $ADSTYPE_DN_STRING = 1
    Local Const $ADSTYPE_CASE_IGNORE_STRING = 3
    Local Const $ADSTYPE_BOOLEAN = 6
    Local Const $ADSTYPE_INTEGER = 7
    Local Const $ADSTYPE_OCTET_STRING = 8
    Local Const $ADSTYPE_UTC_TIME = 9
    Local Const $ADSTYPE_LARGE_INTEGER = 10
    Local Const $ADSTYPE_NT_SECURITY_DESCRIPTOR = 25
    Local Const $ADSTYPE_UNKNOWN = 26
    Local $aAD_SAMAccountType[12][2] = [["DOMAIN_OBJECT", 0x0],["GROUP_OBJECT", 0x10000000],["NON_SECURITY_GROUP_OBJECT", 0x10000001], _
            ["ALIAS_OBJECT", 0x20000000],["NON_SECURITY_ALIAS_OBJECT", 0x20000001],["USER_OBJECT", 0x30000000],["NORMAL_USER_ACCOUNT", 0x30000000], _
            ["MACHINE_ACCOUNT", 0x30000001],["TRUST_ACCOUNT", 0x30000002],["APP_BASIC_GROUP", 0x40000000],["APP_QUERY_GROUP", 0x40000001], _
            ["ACCOUNT_TYPE_MAX", 0x7fffffff]]
    Local $aAD_UAC[21][2] = [[0x00000001, "SCRIPT"],[0x00000002, "ACCOUNTDISABLE"],[0x00000008, "HOMEDIR_REQUIRED"],[0x00000010, "LOCKOUT"],[0x00000020, "PASSWD_NOTREQD"], _
            [0x00000040, "PASSWD_CANT_CHANGE"],[0x00000080, "ENCRYPTED_TEXT_PASSWORD_ALLOWED"],[0x00000100, "TEMP_DUPLICATE_ACCOUNT"],[0x00000200, "NORMAL_ACCOUNT"], _
            [0x00000800, "INTERDOMAIN_TRUST_ACCOUNT"],[0x00001000, "WORKSTATION_TRUST_ACCOUNT"],[0x00002000, "SERVER_TRUST_ACCOUNT"],[0x00010000, "DONT_EXPIRE_PASSWD"], _
            [0x00020000, "MNS_LOGON_ACCOUNT"],[0x00040000, "SMARTCARD_REQUIRED"],[0x00080000, "TRUSTED_FOR_DELEGATION"],[0x00100000, "NOT_DELEGATED"], _
            [0x00200000, "USE_DES_KEY_ONLY"],[0x00400000, "DONT_REQUIRE_PREAUTH"],[0x00800000, "PASSWORD_EXPIRED"],[0x01000000, "TRUSTED_TO_AUTHENTICATE_FOR_DELEGATION"]]

    If _AD_ObjectExists($sAD_Object) = 0 Then Return SetError(1, 0, 0)
    $sAD_Attributes = "," & StringReplace($sAD_Attributes, " ", "" ) & ","
    Local $sAD_Property = "sAMAccountName"
    If StringMid($sAD_Object, 3, 1) = "=" Then $sAD_Property = "distinguishedName"; FQDN provided
    $sAD_Query = "<LDAP://" & $sAD_HostServer & "/" & $sAD_DNSDomain & ">;(" & $sAD_Property & "=" & $sAD_Object & ");ADsPath;subtree"
    Local $oAD_RecordSet = $oAD_Connection.Execute($sAD_Query) ; Retrieve the FQDN for the object
    Local $sAD_LDAPEntry = $oAD_RecordSet.fields(0).value
    Local $oAD_Object = _AD_ObjGet($sAD_LDAPEntry) ; Retrieve the COM Object
    $oAD_Object.GetInfo()
    Local $iCount1 = $oAD_Object.PropertyCount()
    For $iCount2 = 0 To $iCount1 - 1
        $oAD_Item = $oAD_Object.Item($iCount2)
        ; Falls der Wert in der AttributListe vorkommt, dann weiterverarbeiten, sonst ContinueLoop
        If Not ($sAD_Attributes = ",," Or StringInStr($sAD_Attributes,"," & $oAD_Item.Name & ",") > 0) Then ContinueLoop
        $oAD_PropertyEntry = $oAD_Object.GetPropertyItem($oAD_Item.Name, $ADSTYPE_UNKNOWN)
        If IsObj($oAD_PropertyEntry) = 0 Then
            Return SetError (2, 0, $oAD_Item.Name)
        Else
            For $vAD_PropertyValue In $oAD_PropertyEntry.Values
                ReDim $aAD_ObjectProperties[UBound($aAD_ObjectProperties, 1) + 1][2]
                $iCount3 = UBound($aAD_ObjectProperties, 1) - 1
                $aAD_ObjectProperties[$iCount3][0] = $oAD_Item.Name
                If $oAD_Item.ADsType = $ADSTYPE_CASE_IGNORE_STRING Then
                    $aAD_ObjectProperties[$iCount3][1] = $vAD_PropertyValue.CaseIgnoreString
                ElseIf $oAD_Item.ADsType = $ADSTYPE_INTEGER Then
                    If $oAD_Item.Name = "sAMAccountType" Then
                        For $iCount4 = 0 To 11
                            If $vAD_PropertyValue.Integer = $aAD_SAMAccountType[$iCount4][1] Then
                                $aAD_ObjectProperties[$iCount3][1] = $aAD_SAMAccountType[$iCount4][0]
                                ExitLoop
                            EndIf
                        Next
                    ElseIf $oAD_Item.Name = "userAccountControl" Then
                        $aAD_ObjectProperties[$iCount3][1] = $vAD_PropertyValue.Integer & " = "
                        For $iCount4 = 0 To 20
                            If BitAND($vAD_PropertyValue.Integer, $aAD_UAC[$iCount4][0]) = $aAD_UAC[$iCount4][0] Then
                                $aAD_ObjectProperties[$iCount3][1] &= $aAD_UAC[$iCount4][1] & " - "
                            EndIf
                        Next
                        If StringRight($aAD_ObjectProperties[$iCount3][1], 3) = " - " Then $aAD_ObjectProperties[$iCount3][1] = StringTrimRight($aAD_ObjectProperties[$iCount3][1], 3)
                    Else
                        $aAD_ObjectProperties[$iCount3][1] = $vAD_PropertyValue.Integer
                    EndIf
                ElseIf $oAD_Item.ADsType = $ADSTYPE_LARGE_INTEGER Then
                    If $oAD_Item.Name = "pwdLastSet" Or $oAD_Item.Name = "accountExpires" Or $oAD_Item.Name = "lastLogonTimestamp" Or $oAD_Item.Name = "badPasswordTime" Or $oAD_Item.Name = "lastLogon" Then
                        $aAD_ObjectProperties[$iCount3][1] = _DateAdd("s", Int(_AD_LargeInt2Double($vAD_PropertyValue.LargeInteger.LowPart, $vAD_PropertyValue.LargeInteger.HighPart) / (10000000)), "1601/01/01 00:00:00")
                    Else
                        $aAD_ObjectProperties[$iCount3][1] = _AD_LargeInt2Double($vAD_PropertyValue.LargeInteger.LowPart, $vAD_PropertyValue.LargeInteger.HighPart)
                    EndIf
                ElseIf $oAD_Item.ADsType = $ADSTYPE_OCTET_STRING Then
                    $xAD_Dummy = DllStructCreate("byte[56]")
                    DllStructSetData($xAD_Dummy, 1, $vAD_PropertyValue.OctetString)
                    ; objectSID etc. See: http://msdn.microsoft.com/en-us/library/aa379597(VS.85).aspx
                    ; objectGUID etc. See: http://www.autoitscript.com/forum/index.php?showtopic=106163&view=findpost&p=767558
                    If _Security__IsValidSid(DllStructGetPtr($xAD_Dummy)) Then
                        $aAD_ObjectProperties[$iCount3][1] = _Security__SidToStringSid(DllStructGetPtr($xAD_Dummy)) ; SID
                    Else
                        $aAD_ObjectProperties[$iCount3][1] = _WinAPI_StringFromGUID(DllStructGetPtr($xAD_Dummy)) ; GUID
                    EndIf
                ElseIf $oAD_Item.ADsType = $ADSTYPE_DN_STRING Then
                    $aAD_ObjectProperties[$iCount3][1] = $vAD_PropertyValue.DNString
                ElseIf $oAD_Item.ADsType = $ADSTYPE_UTC_TIME Then
                    Local $iAD_DateTime = $vAD_PropertyValue.UTCTime
                    $aAD_ObjectProperties[$iCount3][1] = StringLeft($iAD_DateTime, 4) & "/" & StringMid($iAD_DateTime, 5, 2) & "/" & StringMid($iAD_DateTime, 7, 2) & _
                            " " & StringMid($iAD_DateTime, 9, 2) & ":" & StringMid($iAD_DateTime, 11, 2) & ":" & StringMid($iAD_DateTime, 13, 2)
                ElseIf $oAD_Item.ADsType = $ADSTYPE_BOOLEAN Then
                    If $vAD_PropertyValue.Boolean = 0 Then
                        $aAD_ObjectProperties[$iCount3][1] = "False"
                    Else
                        $aAD_ObjectProperties[$iCount3][1] = "True"
                    EndIf
                ElseIf $oAD_Item.ADsType = $ADSTYPE_NT_SECURITY_DESCRIPTOR Then
                    $oAD_Value = $vAD_PropertyValue.SecurityDescriptor
                    $aAD_ObjectProperties[$iCount3][1] = "Control:" & $oAD_Value.Control & ", " & _
                            "Group:" & $oAD_Value.Group & ", " & _
                            "Owner:" & $oAD_Value.Owner & ", " & _
                            "Revision:" & $oAD_Value.Revision
                Else
                    $aAD_ObjectProperties[$iCount3][1] = "Has the unknown Type: " & $oAD_Item.ADsType
                EndIf
            Next
        EndIf
    Next
    $aAD_ObjectProperties[0][0] = UBound($aAD_ObjectProperties, 1) - 1
    _ArraySort($aAD_ObjectProperties, 0, 1)
    Return $aAD_ObjectProperties

EndFunc ;==>_AD_GetObjectProperties

BTW: Could we move discussions of errors in user scripts to the "General help and Support" forum? I've opened a thread there.

This thread I would like to reserve for announcements and discussions of new functions.

Edited by water

My UDFs and Tutorials:

Spoiler

UDFs:
Active Directory (NEW 2024-07-28 - Version 1.6.3.0) - Download - General Help & Support - Example Scripts - Wiki
ExcelChart (2017-07-21 - Version 0.4.0.1) - Download - General Help & Support - Example Scripts
OutlookEX (2021-11-16 - Version 1.7.0.0) - Download - General Help & Support - Example Scripts - Wiki
OutlookEX_GUI (2021-04-13 - Version 1.4.0.0) - Download
Outlook Tools (2019-07-22 - Version 0.6.0.0) - Download - General Help & Support - Wiki
PowerPoint (2021-08-31 - Version 1.5.0.0) - Download - General Help & Support - Example Scripts - Wiki
Task Scheduler (2022-07-28 - Version 1.6.0.1) - Download - General Help & Support - Wiki

Standard UDFs:
Excel - Example Scripts - Wiki
Word - Wiki

Tutorials:
ADO - Wiki
WebDriver - Wiki

 

Link to comment
Share on other sites

Hi supersonic,

this is already included via date.au3.

I was wondering how the example scripts would have been working otherwise.

water

My UDFs and Tutorials:

Spoiler

UDFs:
Active Directory (NEW 2024-07-28 - Version 1.6.3.0) - Download - General Help & Support - Example Scripts - Wiki
ExcelChart (2017-07-21 - Version 0.4.0.1) - Download - General Help & Support - Example Scripts
OutlookEX (2021-11-16 - Version 1.7.0.0) - Download - General Help & Support - Example Scripts - Wiki
OutlookEX_GUI (2021-04-13 - Version 1.4.0.0) - Download
Outlook Tools (2019-07-22 - Version 0.6.0.0) - Download - General Help & Support - Wiki
PowerPoint (2021-08-31 - Version 1.5.0.0) - Download - General Help & Support - Example Scripts - Wiki
Task Scheduler (2022-07-28 - Version 1.6.0.1) - Download - General Help & Support - Wiki

Standard UDFs:
Excel - Example Scripts - Wiki
Word - Wiki

Tutorials:
ADO - Wiki
WebDriver - Wiki

 

Link to comment
Share on other sites

Hi TomV,

glad you like the UDF.

I try to get it included with the standard AutoIt installation as soon as we've reached version 1.0.

That means function freeze and some successful tests of people who have write access to their AD. Some Exchange related functions will come in the next few weeks.

I've already tried to contact the maintainer of the UDFs but didn't get any response 'til now.

My UDFs and Tutorials:

Spoiler

UDFs:
Active Directory (NEW 2024-07-28 - Version 1.6.3.0) - Download - General Help & Support - Example Scripts - Wiki
ExcelChart (2017-07-21 - Version 0.4.0.1) - Download - General Help & Support - Example Scripts
OutlookEX (2021-11-16 - Version 1.7.0.0) - Download - General Help & Support - Example Scripts - Wiki
OutlookEX_GUI (2021-04-13 - Version 1.4.0.0) - Download
Outlook Tools (2019-07-22 - Version 0.6.0.0) - Download - General Help & Support - Wiki
PowerPoint (2021-08-31 - Version 1.5.0.0) - Download - General Help & Support - Example Scripts - Wiki
Task Scheduler (2022-07-28 - Version 1.6.0.1) - Download - General Help & Support - Wiki

Standard UDFs:
Excel - Example Scripts - Wiki
Word - Wiki

Tutorials:
ADO - Wiki
WebDriver - Wiki

 

Link to comment
Share on other sites

Hi TomV,

just a bit of testing. I can't test the functions that modify the AD (I onyl have read access). If you like you could run the example scripts that alter the AD and report any problems you see.

Please be careful and use a test environment!

Thanks!

water

My UDFs and Tutorials:

Spoiler

UDFs:
Active Directory (NEW 2024-07-28 - Version 1.6.3.0) - Download - General Help & Support - Example Scripts - Wiki
ExcelChart (2017-07-21 - Version 0.4.0.1) - Download - General Help & Support - Example Scripts
OutlookEX (2021-11-16 - Version 1.7.0.0) - Download - General Help & Support - Example Scripts - Wiki
OutlookEX_GUI (2021-04-13 - Version 1.4.0.0) - Download
Outlook Tools (2019-07-22 - Version 0.6.0.0) - Download - General Help & Support - Wiki
PowerPoint (2021-08-31 - Version 1.5.0.0) - Download - General Help & Support - Example Scripts - Wiki
Task Scheduler (2022-07-28 - Version 1.6.0.1) - Download - General Help & Support - Wiki

Standard UDFs:
Excel - Example Scripts - Wiki
Word - Wiki

Tutorials:
ADO - Wiki
WebDriver - Wiki

 

Link to comment
Share on other sites

Hi Jaymac,

thanks for your reply!

You don't have to run the AD.au3 :D That's the UDF itself which is called by all the other example scripts.

But I think it's a good idea to add a readme.txt file that explains how to install the UDF and the associated files.

My UDFs and Tutorials:

Spoiler

UDFs:
Active Directory (NEW 2024-07-28 - Version 1.6.3.0) - Download - General Help & Support - Example Scripts - Wiki
ExcelChart (2017-07-21 - Version 0.4.0.1) - Download - General Help & Support - Example Scripts
OutlookEX (2021-11-16 - Version 1.7.0.0) - Download - General Help & Support - Example Scripts - Wiki
OutlookEX_GUI (2021-04-13 - Version 1.4.0.0) - Download
Outlook Tools (2019-07-22 - Version 0.6.0.0) - Download - General Help & Support - Wiki
PowerPoint (2021-08-31 - Version 1.5.0.0) - Download - General Help & Support - Example Scripts - Wiki
Task Scheduler (2022-07-28 - Version 1.6.0.1) - Download - General Help & Support - Wiki

Standard UDFs:
Excel - Example Scripts - Wiki
Word - Wiki

Tutorials:
ADO - Wiki
WebDriver - Wiki

 

Link to comment
Share on other sites

Guest
This topic is now closed to further replies.
 Share

×
×
  • Create New...