water Posted November 7, 2013 Author Posted November 7, 2013 Glad you like my work I hope to soon release a new version with a few new functions and some bugs removed. My UDFs and Tutorials: Spoiler UDFs: Active Directory (NEW 2024-07-28 - Version 1.6.3.0) - Download - General Help & Support - Example Scripts - Wiki ExcelChart (2017-07-21 - Version 0.4.0.1) - Download - General Help & Support - Example Scripts OutlookEX (2021-11-16 - Version 1.7.0.0) - Download - General Help & Support - Example Scripts - Wiki OutlookEX_GUI (2021-04-13 - Version 1.4.0.0) - Download Outlook Tools (2019-07-22 - Version 0.6.0.0) - Download - General Help & Support - Wiki PowerPoint (2021-08-31 - Version 1.5.0.0) - Download - General Help & Support - Example Scripts - Wiki Task Scheduler (2022-07-28 - Version 1.6.0.1) - Download - General Help & Support - Wiki Standard UDFs: Excel - Example Scripts - Wiki Word - Wiki Tutorials: ADO - Wiki WebDriver - Wiki
lewisg Posted November 12, 2013 Posted November 12, 2013 Water: Just found out my Password Changer script doesn't set the "the password has to be changed at next logon" even though I set the third parameter of "_AD_SetPassword" to one (1). A debug to console show a one(1) being passed. It was working at development time on my home sandbox AD Rasara server.............thoughts?
water Posted November 12, 2013 Author Posted November 12, 2013 What's the return code and @error after you called the function? What's the password policy of your company? Do passwords expire? My UDFs and Tutorials: Spoiler UDFs: Active Directory (NEW 2024-07-28 - Version 1.6.3.0) - Download - General Help & Support - Example Scripts - Wiki ExcelChart (2017-07-21 - Version 0.4.0.1) - Download - General Help & Support - Example Scripts OutlookEX (2021-11-16 - Version 1.7.0.0) - Download - General Help & Support - Example Scripts - Wiki OutlookEX_GUI (2021-04-13 - Version 1.4.0.0) - Download Outlook Tools (2019-07-22 - Version 0.6.0.0) - Download - General Help & Support - Wiki PowerPoint (2021-08-31 - Version 1.5.0.0) - Download - General Help & Support - Example Scripts - Wiki Task Scheduler (2022-07-28 - Version 1.6.0.1) - Download - General Help & Support - Wiki Standard UDFs: Excel - Example Scripts - Wiki Word - Wiki Tutorials: ADO - Wiki WebDriver - Wiki
lewisg Posted November 12, 2013 Posted November 12, 2013 The return code is 1 and both the @error and @extended are 0. The student's password policy (this is a k-12 school district) is minimum 3 characters, never expire.
water Posted November 12, 2013 Author Posted November 12, 2013 This article describes what's going on: You can't have both. Either "Change password at next logon" or "Password never expires". My UDFs and Tutorials: Spoiler UDFs: Active Directory (NEW 2024-07-28 - Version 1.6.3.0) - Download - General Help & Support - Example Scripts - Wiki ExcelChart (2017-07-21 - Version 0.4.0.1) - Download - General Help & Support - Example Scripts OutlookEX (2021-11-16 - Version 1.7.0.0) - Download - General Help & Support - Example Scripts - Wiki OutlookEX_GUI (2021-04-13 - Version 1.4.0.0) - Download Outlook Tools (2019-07-22 - Version 0.6.0.0) - Download - General Help & Support - Wiki PowerPoint (2021-08-31 - Version 1.5.0.0) - Download - General Help & Support - Example Scripts - Wiki Task Scheduler (2022-07-28 - Version 1.6.0.1) - Download - General Help & Support - Wiki Standard UDFs: Excel - Example Scripts - Wiki Word - Wiki Tutorials: ADO - Wiki WebDriver - Wiki
lewisg Posted November 12, 2013 Posted November 12, 2013 Thanks Water that explains it. I'll hide that control.
gcue Posted November 15, 2013 Posted November 15, 2013 hello. an interesting yet annoying issue - and i blame our network admins! ok so there are several groups im querying for its members. example group ARS Support LA i think the udf looks at what the "group name pre-windows 2000" is called right? because in the ad tool it lists it as ARS Support LA but the pre-windows 2000 name is ARSSupportLA so my query fails unless i use the pre-windows 2000 name i am also seeing it named ARS_Support_LA anyway to catch all? thanks
water Posted November 15, 2013 Author Posted November 15, 2013 Correct. The functions accept either the sAMAccountName (pre-Windows 2000 name) or the FQDN (Fully qualified domain name). Which property is "ARS Support LA" if you run _AD_GetObjectProperties("ARSSupportLA") and display the resulting array? My UDFs and Tutorials: Spoiler UDFs: Active Directory (NEW 2024-07-28 - Version 1.6.3.0) - Download - General Help & Support - Example Scripts - Wiki ExcelChart (2017-07-21 - Version 0.4.0.1) - Download - General Help & Support - Example Scripts OutlookEX (2021-11-16 - Version 1.7.0.0) - Download - General Help & Support - Example Scripts - Wiki OutlookEX_GUI (2021-04-13 - Version 1.4.0.0) - Download Outlook Tools (2019-07-22 - Version 0.6.0.0) - Download - General Help & Support - Wiki PowerPoint (2021-08-31 - Version 1.5.0.0) - Download - General Help & Support - Example Scripts - Wiki Task Scheduler (2022-07-28 - Version 1.6.0.1) - Download - General Help & Support - Wiki Standard UDFs: Excel - Example Scripts - Wiki Word - Wiki Tutorials: ADO - Wiki WebDriver - Wiki
gcue Posted November 15, 2013 Posted November 15, 2013 cn displayname name they have it so how can i query the group knowing only the displayname?
gcue Posted November 15, 2013 Posted November 15, 2013 (edited) ooo getobjectsinou ? let me try Edited November 15, 2013 by gcue
gcue Posted November 15, 2013 Posted November 15, 2013 having trouble when i get more than 1 match ie: ARS Support LA Test
water Posted November 15, 2013 Author Posted November 15, 2013 To directory access a group (fast) you need a unique identifier: sAMAccountname or FQDN. To scan through the AD (slower if an index property is used, much slower if no index porperty is used): Use _AD_GetObjectsInOU. My UDFs and Tutorials: Spoiler UDFs: Active Directory (NEW 2024-07-28 - Version 1.6.3.0) - Download - General Help & Support - Example Scripts - Wiki ExcelChart (2017-07-21 - Version 0.4.0.1) - Download - General Help & Support - Example Scripts OutlookEX (2021-11-16 - Version 1.7.0.0) - Download - General Help & Support - Example Scripts - Wiki OutlookEX_GUI (2021-04-13 - Version 1.4.0.0) - Download Outlook Tools (2019-07-22 - Version 0.6.0.0) - Download - General Help & Support - Wiki PowerPoint (2021-08-31 - Version 1.5.0.0) - Download - General Help & Support - Example Scripts - Wiki Task Scheduler (2022-07-28 - Version 1.6.0.1) - Download - General Help & Support - Wiki Standard UDFs: Excel - Example Scripts - Wiki Word - Wiki Tutorials: ADO - Wiki WebDriver - Wiki
gcue Posted November 15, 2013 Posted November 15, 2013 actually i think i got it _AD_Open() $member = "John_Smith" $group = "ARS Support LA" $array = _AD_GetObjectsInOU("", "(ANR=" & $group & ")", 2, "displayName,sAMAccountName") for $x = 1 to UBound($array)-1 if $group = $array[$x][0] Then $group = $array[$x][1] EndIf Next $group_member_check = _AD_IsMemberOf($group, $member) _AD_Close()
water Posted November 15, 2013 Author Posted November 15, 2013 Small enhancement: _AD_Open() $member = "John_Smith" $group = "ARS Support LA" $array = _AD_GetObjectsInOU("", "(ANR=" & $group & ")", 2, "displayName,sAMAccountName") for $x = 1 to UBound($array)-1 if $group = $array[$x][0] Then $group = $array[$x][1] ExitLoop ; <== Enhances speed EndIf Next $group_member_check = _AD_IsMemberOf($group, $member) _AD_Close() My UDFs and Tutorials: Spoiler UDFs: Active Directory (NEW 2024-07-28 - Version 1.6.3.0) - Download - General Help & Support - Example Scripts - Wiki ExcelChart (2017-07-21 - Version 0.4.0.1) - Download - General Help & Support - Example Scripts OutlookEX (2021-11-16 - Version 1.7.0.0) - Download - General Help & Support - Example Scripts - Wiki OutlookEX_GUI (2021-04-13 - Version 1.4.0.0) - Download Outlook Tools (2019-07-22 - Version 0.6.0.0) - Download - General Help & Support - Wiki PowerPoint (2021-08-31 - Version 1.5.0.0) - Download - General Help & Support - Example Scripts - Wiki Task Scheduler (2022-07-28 - Version 1.6.0.1) - Download - General Help & Support - Wiki Standard UDFs: Excel - Example Scripts - Wiki Word - Wiki Tutorials: ADO - Wiki WebDriver - Wiki
gcue Posted November 15, 2013 Posted November 15, 2013 i think some people like myself assume the displayname is the samaccount so we are getting false results. doh
water Posted November 15, 2013 Author Posted November 15, 2013 (edited) As you have seen some properties can have the same value. Some others need to be unique to identify the object. It's sensible to set the displayname to the sAMAccountname to not have too many different "names" for the same object. Edited November 25, 2013 by water My UDFs and Tutorials: Spoiler UDFs: Active Directory (NEW 2024-07-28 - Version 1.6.3.0) - Download - General Help & Support - Example Scripts - Wiki ExcelChart (2017-07-21 - Version 0.4.0.1) - Download - General Help & Support - Example Scripts OutlookEX (2021-11-16 - Version 1.7.0.0) - Download - General Help & Support - Example Scripts - Wiki OutlookEX_GUI (2021-04-13 - Version 1.4.0.0) - Download Outlook Tools (2019-07-22 - Version 0.6.0.0) - Download - General Help & Support - Wiki PowerPoint (2021-08-31 - Version 1.5.0.0) - Download - General Help & Support - Example Scripts - Wiki Task Scheduler (2022-07-28 - Version 1.6.0.1) - Download - General Help & Support - Wiki Standard UDFs: Excel - Example Scripts - Wiki Word - Wiki Tutorials: ADO - Wiki WebDriver - Wiki
Kovacic Posted November 25, 2013 Posted November 25, 2013 Not sure if anyone else has seen this, but I have an application that involves removing people from groups, and I have had 2 accounts crash the app with the following error: C:Program Files (x86)AutoIt3IncludeAD.au3 (666) : ==> Error in expression.: Local $iAD_Result = ^ ERROR The line of code that was being run was local $worked = _AD_RemoveUserFromGroup("First Level Review R/W", $user) The actual code goes through multiple groups, and therefore "First Level Review R/W" is one of many specified in a loop. Is there something that I can do with the UDF, or a method to add a line to my code to accept the '/' character? Thanks! C0d3 is P0etry( ͡° ͜ʖ ͡°)
water Posted November 25, 2013 Author Posted November 25, 2013 I can't test at the moment but I think if you escape the slash the problem should be solved: local $worked = _AD_RemoveUserFromGroup("First Level Review R\/W", $user) The AD UDF provides a function to escape/unescape such characters: _AD_FixSpecialChars Kovacic 1 My UDFs and Tutorials: Spoiler UDFs: Active Directory (NEW 2024-07-28 - Version 1.6.3.0) - Download - General Help & Support - Example Scripts - Wiki ExcelChart (2017-07-21 - Version 0.4.0.1) - Download - General Help & Support - Example Scripts OutlookEX (2021-11-16 - Version 1.7.0.0) - Download - General Help & Support - Example Scripts - Wiki OutlookEX_GUI (2021-04-13 - Version 1.4.0.0) - Download Outlook Tools (2019-07-22 - Version 0.6.0.0) - Download - General Help & Support - Wiki PowerPoint (2021-08-31 - Version 1.5.0.0) - Download - General Help & Support - Example Scripts - Wiki Task Scheduler (2022-07-28 - Version 1.6.0.1) - Download - General Help & Support - Wiki Standard UDFs: Excel - Example Scripts - Wiki Word - Wiki Tutorials: ADO - Wiki WebDriver - Wiki
Kovacic Posted November 25, 2013 Posted November 25, 2013 I can't test at the moment but I think if you escape the slash the problem should be solved: local $worked = _AD_RemoveUserFromGroup("First Level Review R\/W", $user) The AD UDF provides a function to escape/unescape such characters: _AD_FixSpecialChars Excellent! I will give this a try tonight and post the results! Thanks! C0d3 is P0etry( ͡° ͜ʖ ͡°)
Kovacic Posted November 25, 2013 Posted November 25, 2013 (edited) Ok so it looks like it still errored out, but heres what I found.. I looked for the line that was supposed to fix the special char in _AD_FixSpecialChars and found this: If StringInStr($sAD_EscapeChar, '/') Then $sAD_Text = StringReplace($sAD_Text, '\/', '/') I looked up the StringReplace function and based on what I saw StringReplace ( "string", "searchstring/start", "replacestring" [, occurrence [, casesense]] ) I changed the line to this: If StringInStr($groupz[$c], '/') Then $fixedgroupz = StringReplace($groupz[$c], '/','\/') [ignore the variable changes, the change was the string replace order of slashes] This time the program did not crash, but the log file from the prog I wrote shows it turned "CN=First Level Review R/W access" into "CN=First Level Review R/W access". the actual group is "First Level Review R/W access", but its being turned into "First Level Review R/W access". The reason I cant change the group in the code is because the program goes through a list of usernames and removes all groups except for domain user. It works flawlessly for everyone else, but when it went to process this user, it crashed the entire app. So all in all, now it doesn't crash, but when trying to process "First Level Review R/W access", the error comes back and says it can not remove the user from "First Level Review R/W access", so I am a step closer. Edited November 25, 2013 by Kovacic C0d3 is P0etry( ͡° ͜ʖ ͡°)
Recommended Posts