shaunexe Posted October 25, 2012 Posted October 25, 2012 Hi myself and a collegue have been having difficulties getting this little script working. All it is supposed to do is authenticate the user to AD then check they are a memeber of a certain and if they are log the user name and open IE. We don't appear to be having much luck with this and hoped somebody could help. expandcollapse popup#include <file.au3> #include <AD.au3> #include <GuiConstants.au3> #include <EditConstants.au3> Global $Susername, $Spassword $gui = GuiCreate("Authenticate",120,170) GUICtrlCreateLabel("Username:",10,10,50,20) $Susername = GUICtrlCreateInput("",10,35,100,20) GUICtrlCreateLabel("Password:",10,70,50,20) $Spassword = GUICtrlCreateInput("",10,95,100,20,$ES_PASSWORD) $go = GuiCtrlCreateButton("OK",10,130,50,25) $cancel = GuiCtrlCreateButton("Cancel",60,130,50,25) GUISetState() Do $msg = GUIGetMsg() If $msg = $go Then _AD_Open(GUICtrlRead($Susername), GUICtrlRead($Spassword)) _AD_Open() If _AD_IsMemberOf("") <> 1 Then ;MsgBox(0,"AD","Error " & @error " returned by _AD_Open.") ; Invalid userid/password etc. MsgBox(64, "Authentication Failed", "Try Again!") Exit Endif _AD_Close() ; Output Username to a log file with date and time _FileWriteLog(@ScriptDir & "Username.log", GUICtrlRead($Susername)) ShellExecute("C:\Program Files\Internet Explorer\iexplore.exe") EndIf If $msg = $cancel Then Exit EndIf Until GUIGetMsg() = $GUI_EVENT_CLOSE GuiDelete($gui) Thanks
water Posted October 25, 2012 Posted October 25, 2012 This should work. Set variable $sGroup to the group you want to check membership: expandcollapse popup#include <file.au3> #include <AD.au3> #include <GuiConstants.au3> #include <ButtonConstants.au3> #include <EditConstants.au3> _AD_ErrorNotify(2) Global $hUserName, $hPassword, $sUserName, $sPassword, $sGroup = "Test" $gui = GUICreate("Authenticate", 120, 170) GUICtrlCreateLabel("Username:", 10, 10, 50, 20) $hUserName = GUICtrlCreateInput("", 10, 35, 100, 20) GUICtrlCreateLabel("Password:", 10, 70, 50, 20) $hPassword = GUICtrlCreateInput("", 10, 95, 100, 20, $ES_PASSWORD) $go = GUICtrlCreateButton("OK", 10, 130, 50, 25, $BS_DEFPUSHBUTTON) $cancel = GUICtrlCreateButton("Cancel", 60, 130, 50, 25) GUISetState() While 1 $msg = GUIGetMsg() Switch $msg Case $go $sUserName = GUICtrlRead($hUserName) $sPassword = GUICtrlRead($hPassword) _AD_Open($sUserName, $sPassword) If @error Then MsgBox(64, "Error", "Authentication Failed! Try again!" & @CRLF & "@error: " & @error & ", @extended: " & @extended) Exit ElseIf _AD_IsMemberOf($sGroup) <> 1 Then MsgBox(64, "Error", "User is not member of group '" & $sGroup & "'!" & @CRLF & "@error: " & @error & ", @extended: " & @extended) _AD_Close() Exit EndIf _AD_Close() ; Output Username to a log file with date and time ; _FileWriteLog(@ScriptDir & "Username.log", GUICtrlRead($hUserName)) ; ShellExecute("C:\Program Files\Internet Explorer\iexplore.exe") Case $cancel, $GUI_EVENT_CLOSE Exit EndSwitch WEnd GUIDelete($gui) MarkIT 1 My UDFs and Tutorials: Spoiler UDFs: Active Directory (NEW 2024-07-28 - Version 1.6.3.0) - Download - General Help & Support - Example Scripts - Wiki ExcelChart (2017-07-21 - Version 0.4.0.1) - Download - General Help & Support - Example Scripts OutlookEX (2021-11-16 - Version 1.7.0.0) - Download - General Help & Support - Example Scripts - Wiki OutlookEX_GUI (2021-04-13 - Version 1.4.0.0) - Download Outlook Tools (2019-07-22 - Version 0.6.0.0) - Download - General Help & Support - Wiki PowerPoint (2021-08-31 - Version 1.5.0.0) - Download - General Help & Support - Example Scripts - Wiki Task Scheduler (2022-07-28 - Version 1.6.0.1) - Download - General Help & Support - Wiki Standard UDFs: Excel - Example Scripts - Wiki Word - Wiki Tutorials: ADO - Wiki WebDriver - Wiki
shaunexe Posted October 25, 2012 Author Posted October 25, 2012 Hi still not working, even tried the put in the full path to the group and failed. It does appear to be authenticating as if I test with incorrect password it gives the authentication failure error.
water Posted October 25, 2012 Posted October 25, 2012 What's the exact @error and @extended values you get? My UDFs and Tutorials: Spoiler UDFs: Active Directory (NEW 2024-07-28 - Version 1.6.3.0) - Download - General Help & Support - Example Scripts - Wiki ExcelChart (2017-07-21 - Version 0.4.0.1) - Download - General Help & Support - Example Scripts OutlookEX (2021-11-16 - Version 1.7.0.0) - Download - General Help & Support - Example Scripts - Wiki OutlookEX_GUI (2021-04-13 - Version 1.4.0.0) - Download Outlook Tools (2019-07-22 - Version 0.6.0.0) - Download - General Help & Support - Wiki PowerPoint (2021-08-31 - Version 1.5.0.0) - Download - General Help & Support - Example Scripts - Wiki Task Scheduler (2022-07-28 - Version 1.6.0.1) - Download - General Help & Support - Wiki Standard UDFs: Excel - Example Scripts - Wiki Word - Wiki Tutorials: ADO - Wiki WebDriver - Wiki
shaunexe Posted October 25, 2012 Author Posted October 25, 2012 @error:0 @extended:0 that's just using membership of Domain Users.
water Posted October 25, 2012 Posted October 25, 2012 You have to pass the username to function _AD_IsMemberOf as parameter 2 (samaccountname or FQDN). And if you want to check the primary group you have to set parameter 3 to True (because in AD primary groups have no members - so the membership check has to be done differently). Or you could use function _AD_GetUserPrimaryGroup to check for the primary group of the user. My UDFs and Tutorials: Spoiler UDFs: Active Directory (NEW 2024-07-28 - Version 1.6.3.0) - Download - General Help & Support - Example Scripts - Wiki ExcelChart (2017-07-21 - Version 0.4.0.1) - Download - General Help & Support - Example Scripts OutlookEX (2021-11-16 - Version 1.7.0.0) - Download - General Help & Support - Example Scripts - Wiki OutlookEX_GUI (2021-04-13 - Version 1.4.0.0) - Download Outlook Tools (2019-07-22 - Version 0.6.0.0) - Download - General Help & Support - Wiki PowerPoint (2021-08-31 - Version 1.5.0.0) - Download - General Help & Support - Example Scripts - Wiki Task Scheduler (2022-07-28 - Version 1.6.0.1) - Download - General Help & Support - Wiki Standard UDFs: Excel - Example Scripts - Wiki Word - Wiki Tutorials: ADO - Wiki WebDriver - Wiki
water Posted October 25, 2012 Posted October 25, 2012 Your current script allows to enter any user name plus this users password. You then connect to the AD with this credentials.But function _AD_IsMemberOf - as you use it right now - uses the current user name (the user logged on to the computer) to check the membership.That's why you have to pass the username to the function.Every user has a primary group he is assigned to. You can query the members of every group but not the primary group for performance reasons (limitation of AD).That's why you need parameter 3 if you want to check the primary group. My UDFs and Tutorials: Spoiler UDFs: Active Directory (NEW 2024-07-28 - Version 1.6.3.0) - Download - General Help & Support - Example Scripts - Wiki ExcelChart (2017-07-21 - Version 0.4.0.1) - Download - General Help & Support - Example Scripts OutlookEX (2021-11-16 - Version 1.7.0.0) - Download - General Help & Support - Example Scripts - Wiki OutlookEX_GUI (2021-04-13 - Version 1.4.0.0) - Download Outlook Tools (2019-07-22 - Version 0.6.0.0) - Download - General Help & Support - Wiki PowerPoint (2021-08-31 - Version 1.5.0.0) - Download - General Help & Support - Example Scripts - Wiki Task Scheduler (2022-07-28 - Version 1.6.0.1) - Download - General Help & Support - Wiki Standard UDFs: Excel - Example Scripts - Wiki Word - Wiki Tutorials: ADO - Wiki WebDriver - Wiki
water Posted October 25, 2012 Posted October 25, 2012 Something like this: expandcollapse popup#include <file.au3> #include <AD.au3> #include <GuiConstants.au3> #include <ButtonConstants.au3> #include <EditConstants.au3> _AD_ErrorNotify(2) Global $hUserName, $hPassword, $sUserName, $sPassword, $sGroup = "Domain Users" $gui = GUICreate("Authenticate", 120, 170) GUICtrlCreateLabel("Username:", 10, 10, 50, 20) $hUserName = GUICtrlCreateInput("", 10, 35, 100, 20) GUICtrlCreateLabel("Password:", 10, 70, 50, 20) $hPassword = GUICtrlCreateInput("", 10, 95, 100, 20, $ES_PASSWORD) $go = GUICtrlCreateButton("OK", 10, 130, 50, 25, $BS_DEFPUSHBUTTON) $cancel = GUICtrlCreateButton("Cancel", 60, 130, 50, 25) GUISetState() While 1 $msg = GUIGetMsg() Switch $msg Case $go $sUserName = GUICtrlRead($hUserName) $sPassword = GUICtrlRead($hPassword) _AD_Open($sUserName, $sPassword) If @error Then MsgBox(64, "Error", "Authentication Failed! Try again!" & @CRLF & "@error: " & @error & ", @extended: " & @extended) Exit ElseIf _AD_IsMemberOf($sGroup, $sUserName, True) <> 1 Then MsgBox(64, "Error", "User is not member of group '" & $sGroup & "'!" & @CRLF & "@error: " & @error & ", @extended: " & @extended) _AD_Close() Exit EndIf _AD_Close() ; Output Username to a log file with date and time _FileWriteLog(@ScriptDir & "Username.log", $sUserName) ShellExecute("C:\Program Files\Internet Explorer\iexplore.exe") Case $cancel, $GUI_EVENT_CLOSE Exit EndSwitch WEnd GUIDelete($gui) My UDFs and Tutorials: Spoiler UDFs: Active Directory (NEW 2024-07-28 - Version 1.6.3.0) - Download - General Help & Support - Example Scripts - Wiki ExcelChart (2017-07-21 - Version 0.4.0.1) - Download - General Help & Support - Example Scripts OutlookEX (2021-11-16 - Version 1.7.0.0) - Download - General Help & Support - Example Scripts - Wiki OutlookEX_GUI (2021-04-13 - Version 1.4.0.0) - Download Outlook Tools (2019-07-22 - Version 0.6.0.0) - Download - General Help & Support - Wiki PowerPoint (2021-08-31 - Version 1.5.0.0) - Download - General Help & Support - Example Scripts - Wiki Task Scheduler (2022-07-28 - Version 1.6.0.1) - Download - General Help & Support - Wiki Standard UDFs: Excel - Example Scripts - Wiki Word - Wiki Tutorials: ADO - Wiki WebDriver - Wiki
water Posted November 20, 2018 Posted November 20, 2018 On 25.10.2012 at 10:07 AM, shaunexe said: _AD_Open(GUICtrlRead($Susername), GUICtrlRead($Spassword)) _AD_Open() The script calls _AD_Opn twice, which does not make sense. Could you please try the _AD_Open.au3 example script which comes with the AD UDF? My UDFs and Tutorials: Spoiler UDFs: Active Directory (NEW 2024-07-28 - Version 1.6.3.0) - Download - General Help & Support - Example Scripts - Wiki ExcelChart (2017-07-21 - Version 0.4.0.1) - Download - General Help & Support - Example Scripts OutlookEX (2021-11-16 - Version 1.7.0.0) - Download - General Help & Support - Example Scripts - Wiki OutlookEX_GUI (2021-04-13 - Version 1.4.0.0) - Download Outlook Tools (2019-07-22 - Version 0.6.0.0) - Download - General Help & Support - Wiki PowerPoint (2021-08-31 - Version 1.5.0.0) - Download - General Help & Support - Example Scripts - Wiki Task Scheduler (2022-07-28 - Version 1.6.0.1) - Download - General Help & Support - Wiki Standard UDFs: Excel - Example Scripts - Wiki Word - Wiki Tutorials: ADO - Wiki WebDriver - Wiki
amdinside Posted March 31, 2021 Posted March 31, 2021 goes great. it is also possible to query two or more AD Groups GROUPS i tried it, but i didn´t get it works. Quote #Region ;**** Directives created by AutoIt3Wrapper_GUI **** #AutoIt3Wrapper_Icon=..\Program Files (x86)\AutoIt3\_ICOS\924.ico #EndRegion ;**** Directives created by AutoIt3Wrapper_GUI **** #include <file.au3> #include <AD.au3> #include <GuiConstants.au3> #include <ButtonConstants.au3> #include <EditConstants.au3> _AD_ErrorNotify(2)Global $hUserName, $hPassword, $sUserName, $sPassword, $sGroup1 = "Group1", $sGroup2 = "Group2" $gui = GUICreate("Authenticate", 120, 170) GUICtrlCreateLabel("Username:", 10, 10, 50, 20) $hUserName = GUICtrlCreateInput("", 10, 35, 100, 20) GUICtrlCreateLabel("Password:", 10, 70, 50, 20) $hPassword = GUICtrlCreateInput("", 10, 95, 100, 20, $ES_PASSWORD) $go = GUICtrlCreateButton("OK", 10, 130, 50, 25, $BS_DEFPUSHBUTTON) $cancel = GUICtrlCreateButton("Cancel", 60, 130, 50, 25) GUISetState() While 1 $msg = GUIGetMsg() Switch $msg Case $go $sUserName = GUICtrlRead($hUserName) $sPassword = GUICtrlRead($hPassword) _AD_Open($sUserName, $sPassword) If @error Then MsgBox(64, "Error", "Authentication Failed! Try again!" & @CRLF & "@error: " & @error & ", @extended: " & @extended) Exit ElseIf _AD_IsMemberOf($sGroup1, $sUserName, True) or _AD_IsMemberOf($sGroup2, $sUserName, True) <> 1 Then MsgBox(64, "Error", "User is not member of groups '" & $sGroup1 & "__" & "or" & "__"& $sGroup2 & "'!" & @CRLF & "@error: " & @error & ", @extended: " & @extended) ; MsgBox(64, "Error", "User is not member of groups '" & $sGroup2 & "'!" & @CRLF & "@error: " & @error & ", @extended: " & @extended) _AD_Close() Exit EndIf _AD_Close() ; Output Username to a log file with date and time _FileWriteLog(@Scriptdir & "\Username.log", GUICtrlRead($hUserName)) ShellExecute("explorer.exe") Exit case $cancel, $GUI_EVENT_CLOSE Exit EndSwitch WEnd GUIDelete($gui)
water Posted March 31, 2021 Posted March 31, 2021 Quote i tried it, but i didn´t get it works. Please be more specific. Do you get an error or wrong results or omething else you don't expect? My UDFs and Tutorials: Spoiler UDFs: Active Directory (NEW 2024-07-28 - Version 1.6.3.0) - Download - General Help & Support - Example Scripts - Wiki ExcelChart (2017-07-21 - Version 0.4.0.1) - Download - General Help & Support - Example Scripts OutlookEX (2021-11-16 - Version 1.7.0.0) - Download - General Help & Support - Example Scripts - Wiki OutlookEX_GUI (2021-04-13 - Version 1.4.0.0) - Download Outlook Tools (2019-07-22 - Version 0.6.0.0) - Download - General Help & Support - Wiki PowerPoint (2021-08-31 - Version 1.5.0.0) - Download - General Help & Support - Example Scripts - Wiki Task Scheduler (2022-07-28 - Version 1.6.0.1) - Download - General Help & Support - Wiki Standard UDFs: Excel - Example Scripts - Wiki Word - Wiki Tutorials: ADO - Wiki WebDriver - Wiki
amdinside Posted March 31, 2021 Posted March 31, 2021 I do not know whether my above solution is thought so correctly and whether I may have made a mistake in the query of the two groups. It only works when the user is in group1. the message box "user not in group" appears in group2 here the line: ElseIf _AD_IsMemberOf($sGroup1, $sUserName, True) or _AD_IsMemberOf($sGroup2, $sUserName, True) <> 1 Then
water Posted March 31, 2021 Posted March 31, 2021 (edited) Use: ElseIf _AD_IsMemberOf($sGroup1, $sUserName, True) <> 1 And _AD_IsMemberOf($sGroup2, $sUserName, True) <> 1 Then This line returns True when $sUsername ist not Member of group1 and not Member of group2. Edited March 31, 2021 by water My UDFs and Tutorials: Spoiler UDFs: Active Directory (NEW 2024-07-28 - Version 1.6.3.0) - Download - General Help & Support - Example Scripts - Wiki ExcelChart (2017-07-21 - Version 0.4.0.1) - Download - General Help & Support - Example Scripts OutlookEX (2021-11-16 - Version 1.7.0.0) - Download - General Help & Support - Example Scripts - Wiki OutlookEX_GUI (2021-04-13 - Version 1.4.0.0) - Download Outlook Tools (2019-07-22 - Version 0.6.0.0) - Download - General Help & Support - Wiki PowerPoint (2021-08-31 - Version 1.5.0.0) - Download - General Help & Support - Example Scripts - Wiki Task Scheduler (2022-07-28 - Version 1.6.0.1) - Download - General Help & Support - Wiki Standard UDFs: Excel - Example Scripts - Wiki Word - Wiki Tutorials: ADO - Wiki WebDriver - Wiki
Recommended Posts
Create an account or sign in to comment
You need to be a member in order to leave a comment
Create an account
Sign up for a new account in our community. It's easy!
Register a new accountSign in
Already have an account? Sign in here.
Sign In Now