water Posted April 26, 2013 Author Posted April 26, 2013 I see. I had the same problem with Windows 7. The exe you run is not on a "trusted location". Means: Windows doesn't allow you to run the application from there. Copy it to a trusted location and try again. My UDFs and Tutorials: Spoiler UDFs: Active Directory (NEW 2024-07-28 - Version 1.6.3.0) - Download - General Help & Support - Example Scripts - Wiki ExcelChart (2017-07-21 - Version 0.4.0.1) - Download - General Help & Support - Example Scripts OutlookEX (2021-11-16 - Version 1.7.0.0) - Download - General Help & Support - Example Scripts - Wiki OutlookEX_GUI (2021-04-13 - Version 1.4.0.0) - Download Outlook Tools (2019-07-22 - Version 0.6.0.0) - Download - General Help & Support - Wiki PowerPoint (2021-08-31 - Version 1.5.0.0) - Download - General Help & Support - Example Scripts - Wiki Task Scheduler (2022-07-28 - Version 1.6.0.1) - Download - General Help & Support - Wiki Standard UDFs: Excel - Example Scripts - Wiki Word - Wiki Tutorials: ADO - Wiki WebDriver - Wiki
water Posted April 26, 2013 Author Posted April 26, 2013 Ah, this works! Thank you!Glad you got it working. My UDFs and Tutorials: Spoiler UDFs: Active Directory (NEW 2024-07-28 - Version 1.6.3.0) - Download - General Help & Support - Example Scripts - Wiki ExcelChart (2017-07-21 - Version 0.4.0.1) - Download - General Help & Support - Example Scripts OutlookEX (2021-11-16 - Version 1.7.0.0) - Download - General Help & Support - Example Scripts - Wiki OutlookEX_GUI (2021-04-13 - Version 1.4.0.0) - Download Outlook Tools (2019-07-22 - Version 0.6.0.0) - Download - General Help & Support - Wiki PowerPoint (2021-08-31 - Version 1.5.0.0) - Download - General Help & Support - Example Scripts - Wiki Task Scheduler (2022-07-28 - Version 1.6.0.1) - Download - General Help & Support - Wiki Standard UDFs: Excel - Example Scripts - Wiki Word - Wiki Tutorials: ADO - Wiki WebDriver - Wiki
water Posted April 26, 2013 Author Posted April 26, 2013 You need something like the following. Make sure the useraccount name is correct. I think "test.account" isn't a valid SamAccountName. #include <AD.au3> #include <File.au3> Global $sJPG = FileRead("D:\testaccount.JPG") Global $aJPG = StringSplit($sJPG, "", 2) _AD_Open() _AD_ModifyAttribute("test","thumbnailPhoto",$aJPG) _AD_Close() My UDFs and Tutorials: Spoiler UDFs: Active Directory (NEW 2024-07-28 - Version 1.6.3.0) - Download - General Help & Support - Example Scripts - Wiki ExcelChart (2017-07-21 - Version 0.4.0.1) - Download - General Help & Support - Example Scripts OutlookEX (2021-11-16 - Version 1.7.0.0) - Download - General Help & Support - Example Scripts - Wiki OutlookEX_GUI (2021-04-13 - Version 1.4.0.0) - Download Outlook Tools (2019-07-22 - Version 0.6.0.0) - Download - General Help & Support - Wiki PowerPoint (2021-08-31 - Version 1.5.0.0) - Download - General Help & Support - Example Scripts - Wiki Task Scheduler (2022-07-28 - Version 1.6.0.1) - Download - General Help & Support - Wiki Standard UDFs: Excel - Example Scripts - Wiki Word - Wiki Tutorials: ADO - Wiki WebDriver - Wiki
ScriptingNewbie Posted April 29, 2013 Posted April 29, 2013 (edited) You need something like the following. Make sure the useraccount name is correct. I think "test.account" isn't a valid SamAccountName. #include <AD.au3> #include <File.au3> Global $sJPG = FileRead("D:\testaccount.JPG") Global $aJPG = StringSplit($sJPG, "", 2) _AD_Open() _AD_ModifyAttribute("test","thumbnailPhoto",$aJPG) _AD_Close() The SamAccountName is called test.account. It is a test account I created for this. When I run it, I get; COM Error Encountered in Change Photo.au3 AD UDF version = 1.3.0 @AutoItVersion = 3.3.8.1 @AutoItX64 = 0 @Compiled = 0 @OSArch = X86 @OSVersion = WIN_XP Scriptline = 2479 NumberHex = 80020009 Number = -2147352567 WinDescription = The attribute syntax specified to the directory service is invalid. Description = Source = HelpFile = HelpContext = 0 LastDllError = 0 ======================================================== +>09:09:18 AutoIt3.exe ended.rc:0 >Exit code: 0 Time: 0.887 Edited April 29, 2013 by ScriptingNewbie
water Posted April 29, 2013 Author Posted April 29, 2013 Where did you find the property "thumbnailPhoto"? I only get "jpegPhoto". My UDFs and Tutorials: Spoiler UDFs: Active Directory (NEW 2024-07-28 - Version 1.6.3.0) - Download - General Help & Support - Example Scripts - Wiki ExcelChart (2017-07-21 - Version 0.4.0.1) - Download - General Help & Support - Example Scripts OutlookEX (2021-11-16 - Version 1.7.0.0) - Download - General Help & Support - Example Scripts - Wiki OutlookEX_GUI (2021-04-13 - Version 1.4.0.0) - Download Outlook Tools (2019-07-22 - Version 0.6.0.0) - Download - General Help & Support - Wiki PowerPoint (2021-08-31 - Version 1.5.0.0) - Download - General Help & Support - Example Scripts - Wiki Task Scheduler (2022-07-28 - Version 1.6.0.1) - Download - General Help & Support - Wiki Standard UDFs: Excel - Example Scripts - Wiki Word - Wiki Tutorials: ADO - Wiki WebDriver - Wiki
ScriptingNewbie Posted April 29, 2013 Posted April 29, 2013 Where did you find the property "thumbnailPhoto"? I only get "jpegPhoto".From the Active Directory Schema.
water Posted April 29, 2013 Author Posted April 29, 2013 I see. The Schema has to be on level 2008 or later. The JPG is limited to 10K by default with a max value of 100k. It's a multivalue attribute so more than 1 picture is possible. Looks like it has to be passed as a string, not a byte array. Could you try the following code. If it doesn't work could you please set the flag to 16 (binary):#include <AD.au3> #include <File.au3> Global $hJPG = FileOpen("D:\testaccount.JPG", 0) ; ==> If 0 doesn't work set the flag to 16 (binary) Global $sJPG = FileRead($hJPG) FileClose($hJPG) _AD_Open() _AD_ModifyAttribute("test","thumbnailPhoto",$sJPG) _AD_Close() My UDFs and Tutorials: Spoiler UDFs: Active Directory (NEW 2024-07-28 - Version 1.6.3.0) - Download - General Help & Support - Example Scripts - Wiki ExcelChart (2017-07-21 - Version 0.4.0.1) - Download - General Help & Support - Example Scripts OutlookEX (2021-11-16 - Version 1.7.0.0) - Download - General Help & Support - Example Scripts - Wiki OutlookEX_GUI (2021-04-13 - Version 1.4.0.0) - Download Outlook Tools (2019-07-22 - Version 0.6.0.0) - Download - General Help & Support - Wiki PowerPoint (2021-08-31 - Version 1.5.0.0) - Download - General Help & Support - Example Scripts - Wiki Task Scheduler (2022-07-28 - Version 1.6.0.1) - Download - General Help & Support - Wiki Standard UDFs: Excel - Example Scripts - Wiki Word - Wiki Tutorials: ADO - Wiki WebDriver - Wiki
ScriptingNewbie Posted April 29, 2013 Posted April 29, 2013 I see. The Schema has to be on level 2008 or later. The JPG is limited to 10K by default with a max value of 100k. It's a multivalue attribute so more than 1 picture is possible. Looks like it has to be passed as a string, not a byte array. Could you try the following code. If it doesn't work could you please set the flag to 16 (binary):#include <AD.au3> #include <File.au3> Global $hJPG = FileOpen("D:\testaccount.JPG", 0) ; ==> If 0 doesn't work set the flag to 16 (binary) Global $sJPG = FileRead($hJPG) FileClose($hJPG) _AD_Open() _AD_ModifyAttribute("test","thumbnailPhoto",$sJPG) _AD_Close() Thank you that has worked with the 16.
water Posted April 29, 2013 Author Posted April 29, 2013 Glad to hear that the problem could be solved My UDFs and Tutorials: Spoiler UDFs: Active Directory (NEW 2024-07-28 - Version 1.6.3.0) - Download - General Help & Support - Example Scripts - Wiki ExcelChart (2017-07-21 - Version 0.4.0.1) - Download - General Help & Support - Example Scripts OutlookEX (2021-11-16 - Version 1.7.0.0) - Download - General Help & Support - Example Scripts - Wiki OutlookEX_GUI (2021-04-13 - Version 1.4.0.0) - Download Outlook Tools (2019-07-22 - Version 0.6.0.0) - Download - General Help & Support - Wiki PowerPoint (2021-08-31 - Version 1.5.0.0) - Download - General Help & Support - Example Scripts - Wiki Task Scheduler (2022-07-28 - Version 1.6.0.1) - Download - General Help & Support - Wiki Standard UDFs: Excel - Example Scripts - Wiki Word - Wiki Tutorials: ADO - Wiki WebDriver - Wiki
jp10558 Posted May 2, 2013 Posted May 2, 2013 Is it possible to get the RID from AD in Autoit? Unfortunately, doing $SIDhex = _AD_GetObjectAttribute($user,"objectSid") returns hexadecimal rather than the usual display SID. $SID = _HexToString($SIDhex) doesn't seem to convert to the usual display format... I was going to take the SID and do StringRegExpReplace($SID,"-([0-9]*)\Z","\1") but if I can't get the info in a format I expect, mmm. I could go out to powershell maybe, but I'm not sure if I can capture the output of a powershell snippet.
water Posted May 2, 2013 Author Posted May 2, 2013 _AD_GetObjectAttribute returns a single attribute UNTRANSLATED. Use _AD_GetObjectProperties to get TRANSLATED attributes. My UDFs and Tutorials: Spoiler UDFs: Active Directory (NEW 2024-07-28 - Version 1.6.3.0) - Download - General Help & Support - Example Scripts - Wiki ExcelChart (2017-07-21 - Version 0.4.0.1) - Download - General Help & Support - Example Scripts OutlookEX (2021-11-16 - Version 1.7.0.0) - Download - General Help & Support - Example Scripts - Wiki OutlookEX_GUI (2021-04-13 - Version 1.4.0.0) - Download Outlook Tools (2019-07-22 - Version 0.6.0.0) - Download - General Help & Support - Wiki PowerPoint (2021-08-31 - Version 1.5.0.0) - Download - General Help & Support - Example Scripts - Wiki Task Scheduler (2022-07-28 - Version 1.6.0.1) - Download - General Help & Support - Wiki Standard UDFs: Excel - Example Scripts - Wiki Word - Wiki Tutorials: ADO - Wiki WebDriver - Wiki
WLZAdmin Posted May 7, 2013 Posted May 7, 2013 FYI Just dropping a note as it might be useful to others/I might have missed something. I've modified _AD_RecursiveGetMemberOf as it returned an empty array if a cn contained a forward slash, which in turn is escaped by a backslash, ie "name\/noname". It seems the ADODB query doesn't like backslashes. It's therefor probably true for other 'to be escaped' characters as well (didn't test them). After this line: If StringMid($sAD_Object, 3, 1) <> "=" Then $sAD_Object = _AD_SamAccountNameToFQDN($sAD_Object) ; sAMAccountName provided I added this code: $sAD_Object = StringReplace($sAD_Object, "\", "") to remove the escaping backslash. It looks like this is the only function which uses the query with '(member=' $__oAD_Command.CommandText = "<LDAP://" & $sAD_HostServer & "/" & $sAD_DNSDomain & ">;(member=" & $sAD_Object & ");" & $sAD_Field & ";subtree"
water Posted May 7, 2013 Author Posted May 7, 2013 You mean the result of a call to _AD_RecursiveGetMemberOf is an escaped string (e.g. "name/noname") but _AD_RecursiveGetMemberOf itself needs the $sAD_object parameter unescaped? In this case I would use$sAD_Object = _AD_FixSpecialChars($sAD_Object, 1)to unescape all characters. My UDFs and Tutorials: Spoiler UDFs: Active Directory (NEW 2024-07-28 - Version 1.6.3.0) - Download - General Help & Support - Example Scripts - Wiki ExcelChart (2017-07-21 - Version 0.4.0.1) - Download - General Help & Support - Example Scripts OutlookEX (2021-11-16 - Version 1.7.0.0) - Download - General Help & Support - Example Scripts - Wiki OutlookEX_GUI (2021-04-13 - Version 1.4.0.0) - Download Outlook Tools (2019-07-22 - Version 0.6.0.0) - Download - General Help & Support - Wiki PowerPoint (2021-08-31 - Version 1.5.0.0) - Download - General Help & Support - Example Scripts - Wiki Task Scheduler (2022-07-28 - Version 1.6.0.1) - Download - General Help & Support - Wiki Standard UDFs: Excel - Example Scripts - Wiki Word - Wiki Tutorials: ADO - Wiki WebDriver - Wiki
WLZAdmin Posted May 10, 2013 Posted May 10, 2013 As it turns out, comma's should be escaped, but forward slashes should not. After I had put the modification in production the function didn't work anymore for users who had a comma in their cn. ("Hoover\, J.E."). _AD_FixSpecialChars is therefor too 'aggressive'.To only remove the escaping backslash for forward slashes I changed the code to:$sAD_Object = StringReplace($sAD_Object, "\/", "/")Which seems to work better for our environment (2003 AD BTW with mostly XP clients).I haven't found any documentation which describe what characters are allowed in the ADO LDAP query CommandText... (yet). Especially when cn is used.
water Posted May 10, 2013 Author Posted May 10, 2013 As it turns out, comma's should be escaped, but forward slashes should not. After I had put the modification in production the function didn't work anymore for users who had a comma in their cn. ("Hoover\, J.E."). _AD_FixSpecialChars is therefor too 'aggressive'.Modify the call and it will be less "aggressive": $sAD_Object = _AD_FixSpecialChars($sAD_Object, 1, ",")I haven't found any documentation which describe what characters are allowed in the ADO LDAP query CommandText... (yet). Especially when cn is used.Good reading can be found here. My UDFs and Tutorials: Spoiler UDFs: Active Directory (NEW 2024-07-28 - Version 1.6.3.0) - Download - General Help & Support - Example Scripts - Wiki ExcelChart (2017-07-21 - Version 0.4.0.1) - Download - General Help & Support - Example Scripts OutlookEX (2021-11-16 - Version 1.7.0.0) - Download - General Help & Support - Example Scripts - Wiki OutlookEX_GUI (2021-04-13 - Version 1.4.0.0) - Download Outlook Tools (2019-07-22 - Version 0.6.0.0) - Download - General Help & Support - Wiki PowerPoint (2021-08-31 - Version 1.5.0.0) - Download - General Help & Support - Example Scripts - Wiki Task Scheduler (2022-07-28 - Version 1.6.0.1) - Download - General Help & Support - Wiki Standard UDFs: Excel - Example Scripts - Wiki Word - Wiki Tutorials: ADO - Wiki WebDriver - Wiki
WLZAdmin Posted May 10, 2013 Posted May 10, 2013 Better still: $sAD_Object = _AD_FixSpecialChars($sAD_Object, 1, "/") which makes _AD_RecursiveGetMemberOf look like this: Func _AD_RecursiveGetMemberOf($sAD_Object, $iAD_Depth = 10, $bAD_ListInherited = True, $bAD_FQDN = True) If _AD_ObjectExists($sAD_Object) = 0 Then Return SetError(1, 0, "") If StringMid($sAD_Object, 3, 1) <> "=" Then $sAD_Object = _AD_SamAccountNameToFQDN($sAD_Object) ; sAMAccountName provided $sAD_Object = _AD_FixSpecialChars($sAD_Object, 1, "/") ; <<---- Code added to fix query when cn has a forward slash in it Local $iCount1, $iCount2 Local $sAD_Field = "distinguishedName" If Not $bAD_FQDN Then $sAD_Field = "samaccountname" $__oAD_Command.CommandText = "<LDAP://" & $sAD_HostServer & "/" & $sAD_DNSDomain & ">;(member=" & $sAD_Object & ");" & $sAD_Field & ";subtree" ; ConsoleWrite("Debug: " & "$__oAD_Command.CommandText=" & $__oAD_Command.CommandText & @CRLF) Local $oAD_RecordSet = $__oAD_Command.Execute Local $aAD_Groups[$oAD_RecordSet.RecordCount + 1] = [0] <snip> I use this line of code to call the function: Global $GroupMemberOf = _AD_RecursiveGetMemberOf(@UserName, 10, True, False) _AD_SamAccountNameToFQDN($sAD_Object) returns something like "CN=La\/Dida,OU=TheOther,OU=Or,OU=One,DC=domain,DC=nl" which can't be used as input to the query as it returns 0 records. Using "CN=La/Dida,OU=TheOther,OU=Or,OU=One,DC=domain,DC=nl" however does return data. Hence the StringReplace.
mkdd Posted May 10, 2013 Posted May 10, 2013 Hi, I'm looking for similar functionality to _AD_DeleteObject but then a _AD_CreateObject. I want to be able to create custom objects based on a schema class. Any idea where to start? the basic insert/create functions don't let me do this. Thanks in advance.
water Posted May 10, 2013 Author Posted May 10, 2013 Welcome to AutoIt and the forum! Looks like you need to write your own function. _AD_CreateOU is a good starting point. Replace "organizationalUnit" with your class and set the RDN properly. My UDFs and Tutorials: Spoiler UDFs: Active Directory (NEW 2024-07-28 - Version 1.6.3.0) - Download - General Help & Support - Example Scripts - Wiki ExcelChart (2017-07-21 - Version 0.4.0.1) - Download - General Help & Support - Example Scripts OutlookEX (2021-11-16 - Version 1.7.0.0) - Download - General Help & Support - Example Scripts - Wiki OutlookEX_GUI (2021-04-13 - Version 1.4.0.0) - Download Outlook Tools (2019-07-22 - Version 0.6.0.0) - Download - General Help & Support - Wiki PowerPoint (2021-08-31 - Version 1.5.0.0) - Download - General Help & Support - Example Scripts - Wiki Task Scheduler (2022-07-28 - Version 1.6.0.1) - Download - General Help & Support - Wiki Standard UDFs: Excel - Example Scripts - Wiki Word - Wiki Tutorials: ADO - Wiki WebDriver - Wiki
mkdd Posted May 13, 2013 Posted May 13, 2013 (edited) Hi, I'm looking for similar functionality to _AD_DeleteObject but then a _AD_CreateObject. I want to be able to create custom objects based on a schema class. Any idea where to start? the basic insert/create functions don't let me do this. Thanks in advance. Welcome to AutoIt and the forum! Looks like you need to write your own function. _AD_CreateOU is a good starting point. Replace "organizationalUnit" with your class and set the RDN properly. Thanks for helping out water! Here's the bit of code i used to get it working. ; #FUNCTION# ==================================================================================================================== ; Name...........: _AD_CreateOBject ; Description ...: Creates an Object in the specified OU. ; Syntax.........: _AD_CreateObject($sAD_ParentOU, $sAD_Object, $sAD_Class) ; Parameters ....: $sAD_ParentOU - Parent OU where the new OU will be created (FQDN) ; $sAD_Ojbect - Object name ; $sAD_Class - Class for the new object ; Return values .: Success - 1 ; Failure - 0, sets @error to: ; |1 - $sAD_ParentOU does not exist ; |2 - $sAD_Object in $sAD_ParentOU already exists ; |3 - $sAD_Object is missing ; |x - Error returned by SetInfo function (Missing permission etc.) ; Author ........: Jonathan Clelland ; Modified.......: mkdd ; Remarks .......: This does not create any attributes for the Object. Use function _AD_ModifyAttribute. ; Related .......: _AD_CreateUser, _AD_CreateGroup, _AD_AddUserToGroup, _AD_RemoveUserFromGroup ; Link ..........: ; Example .......: Yes ; =============================================================================================================================== Func _AD_CreateObject($sAD_ParentOU, $sAD_Object, $sAD_Class) If Not _AD_ObjectExists($sAD_ParentOU, "distinguishedName") Then Return SetError(1, 0, 0) If _AD_ObjectExists("CN=" & $sAD_Object & "," & $sAD_ParentOU, $sAD_Class) Then Return SetError(2, 0, 0) If $sAD_Object = "" Then Return SetError(3, 0, 0) Local $oAD_ParentOU = __AD_ObjGet("LDAP://" & $sAD_HostServer & "/" & $sAD_ParentOU) Local $oAD_Object = $oAD_ParentOU.Create($sAD_Class, "CN=" & $sAD_Object) $oAD_Object.SetInfo If @error <> 0 Then Return SetError(@error, 0, 0) Return 1 EndFunc ;==>_AD_CreateObject Edited May 13, 2013 by mkdd
Recommended Posts