Jump to content

Active Directory UDF - Help & Support (III)


water
 Share

Recommended Posts

Which version of AutoIt did you install?
WinAPIConv.au3 is needed for AutoIt >= 3.3.14.3
 

My UDFs and Tutorials:

Spoiler

UDFs:
Active Directory (NEW 2024-07-28 - Version 1.6.3.0) - Download - General Help & Support - Example Scripts - Wiki
ExcelChart (2017-07-21 - Version 0.4.0.1) - Download - General Help & Support - Example Scripts
OutlookEX (2021-11-16 - Version 1.7.0.0) - Download - General Help & Support - Example Scripts - Wiki
OutlookEX_GUI (2021-04-13 - Version 1.4.0.0) - Download
Outlook Tools (2019-07-22 - Version 0.6.0.0) - Download - General Help & Support - Wiki
PowerPoint (2021-08-31 - Version 1.5.0.0) - Download - General Help & Support - Example Scripts - Wiki
Task Scheduler (2022-07-28 - Version 1.6.0.1) - Download - General Help & Support - Wiki

Standard UDFs:
Excel - Example Scripts - Wiki
Word - Wiki

Tutorials:
ADO - Wiki
WebDriver - Wiki

 

Link to comment
Share on other sites

Correct.
Or remove the include for WinAPIConv.au3 from the AD UDF for AutoIt 3.3.12.0.

Edited by water

My UDFs and Tutorials:

Spoiler

UDFs:
Active Directory (NEW 2024-07-28 - Version 1.6.3.0) - Download - General Help & Support - Example Scripts - Wiki
ExcelChart (2017-07-21 - Version 0.4.0.1) - Download - General Help & Support - Example Scripts
OutlookEX (2021-11-16 - Version 1.7.0.0) - Download - General Help & Support - Example Scripts - Wiki
OutlookEX_GUI (2021-04-13 - Version 1.4.0.0) - Download
Outlook Tools (2019-07-22 - Version 0.6.0.0) - Download - General Help & Support - Wiki
PowerPoint (2021-08-31 - Version 1.5.0.0) - Download - General Help & Support - Example Scripts - Wiki
Task Scheduler (2022-07-28 - Version 1.6.0.1) - Download - General Help & Support - Wiki

Standard UDFs:
Excel - Example Scripts - Wiki
Word - Wiki

Tutorials:
ADO - Wiki
WebDriver - Wiki

 

Link to comment
Share on other sites

  • 1 month later...

Hello Water,

 

When I use _AD_IsAccountExpired to check if an account is expired, I get the error message error = 2 @extended = -2147352567

When I use _AD_GetObjectProperties for the same user I'm able to see  the details , and I look at the accountExpires field is see 1601/01/01 00:00:00

Any ideas what I missing when using the AD_IsAccountExpired function that would generate the extended error 

UDF Version and windows version details below

UDF Version ...: 1.6.2.0

Windows 10 21H2 x64 

Error details when setting _AD_ErrorNotify(1)

COM Error Encountered in search.au3
AD UDF version = 1.6.2
@AutoItVersion = 3.3.16.0
@AutoItX64 = 1
@Compiled = 0
@OSArch = X64
@OSVersion = WIN_10
Scriptline = 3319
NumberHex = 0x80020009
Number = -2147352567
WinDescription = Exception occurred.
Description = 
Source = 
HelpFile = 
HelpContext = 0
LastDllError = 0

Link to comment
Share on other sites

Seems that the property that is queried by _AD_IsAccountExpired does not exist. Means the expiration date has not been set for this user.

Quote

NumberHex = 0x80020009

This is a general exception so the function can't distinguish between "no expiration set" and other exceptions.

My UDFs and Tutorials:

Spoiler

UDFs:
Active Directory (NEW 2024-07-28 - Version 1.6.3.0) - Download - General Help & Support - Example Scripts - Wiki
ExcelChart (2017-07-21 - Version 0.4.0.1) - Download - General Help & Support - Example Scripts
OutlookEX (2021-11-16 - Version 1.7.0.0) - Download - General Help & Support - Example Scripts - Wiki
OutlookEX_GUI (2021-04-13 - Version 1.4.0.0) - Download
Outlook Tools (2019-07-22 - Version 0.6.0.0) - Download - General Help & Support - Wiki
PowerPoint (2021-08-31 - Version 1.5.0.0) - Download - General Help & Support - Example Scripts - Wiki
Task Scheduler (2022-07-28 - Version 1.6.0.1) - Download - General Help & Support - Wiki

Standard UDFs:
Excel - Example Scripts - Wiki
Word - Wiki

Tutorials:
ADO - Wiki
WebDriver - Wiki

 

Link to comment
Share on other sites

  • 5 weeks later...

Recently I lost access to Office 365 (never edit your TLS settings, and if you do, change them back!), so I decided to fix a dependency I had on Outlook. I was previously looking up users based on their username and trying to match it to their email. I could do this by resolving both their username and email in Outlook and getting the Exchange user. Correct username/email combinations would result in a two copies of the exchange user.

I learned that this is actually related to Active Directory and tried out this UDF (amazing by the way!). I've come up with the following filters for _AD_GetObjectsInOU:

$sFilter = "(&(objectcategory=person)(objectclass=user)(userPrincipalName=" & $sUserName & "@<domain>.net))"
; or ...
$sFilter = "(&(objectcategory=person)(objectclass=user)(mail=" & $sEmail & "))"

This seems to work so far and I've replaced it in my script. I'm mostly wondering if there's any way that this might fail or if there's a better search that I could be using

All my code provided is Public Domain... but it may not work. ;) Use it, change it, break it, whatever you want.

Spoiler

My Humble Contributions:
Personal Function Documentation - A personal HelpFile for your functions
Acro.au3 UDF - Automating Acrobat Pro
ToDo Finder - Find #ToDo: lines in your scripts
UI-SimpleWrappers UDF - Use UI Automation more Simply-er
KeePass UDF - Automate KeePass, a password manager
InputBoxes - Simple Input boxes for various variable types

Link to comment
Share on other sites

Looks good to me :)

My UDFs and Tutorials:

Spoiler

UDFs:
Active Directory (NEW 2024-07-28 - Version 1.6.3.0) - Download - General Help & Support - Example Scripts - Wiki
ExcelChart (2017-07-21 - Version 0.4.0.1) - Download - General Help & Support - Example Scripts
OutlookEX (2021-11-16 - Version 1.7.0.0) - Download - General Help & Support - Example Scripts - Wiki
OutlookEX_GUI (2021-04-13 - Version 1.4.0.0) - Download
Outlook Tools (2019-07-22 - Version 0.6.0.0) - Download - General Help & Support - Wiki
PowerPoint (2021-08-31 - Version 1.5.0.0) - Download - General Help & Support - Example Scripts - Wiki
Task Scheduler (2022-07-28 - Version 1.6.0.1) - Download - General Help & Support - Wiki

Standard UDFs:
Excel - Example Scripts - Wiki
Word - Wiki

Tutorials:
ADO - Wiki
WebDriver - Wiki

 

Link to comment
Share on other sites

  • 4 weeks later...

Hi Water,
 

I want to modify 'msExchDelegateListLink' attribute.

Attribute has 2 values : 'AAA' and 'BBB'.

I want to remove 'BBB' value

 

I create an array $aDelete with 1 value : ['BBB']

If I use _AD_ModifyAttribute($sObject, 'msExchDelegateListLink', $aDelete, 4) the attribute value is now 'BBB' instead of 'AAA'.

 

I used your function _AD_ModifyAttributeEX found on

I get the same result.

 

With $aDelete = 'CCC', the attribute value is not modified (function don't try to CLEAR, UPDATE or APPEND)

 

Link to comment
Share on other sites

What is the value of @error and @extended after calling the _AD_* function?

My UDFs and Tutorials:

Spoiler

UDFs:
Active Directory (NEW 2024-07-28 - Version 1.6.3.0) - Download - General Help & Support - Example Scripts - Wiki
ExcelChart (2017-07-21 - Version 0.4.0.1) - Download - General Help & Support - Example Scripts
OutlookEX (2021-11-16 - Version 1.7.0.0) - Download - General Help & Support - Example Scripts - Wiki
OutlookEX_GUI (2021-04-13 - Version 1.4.0.0) - Download
Outlook Tools (2019-07-22 - Version 0.6.0.0) - Download - General Help & Support - Wiki
PowerPoint (2021-08-31 - Version 1.5.0.0) - Download - General Help & Support - Example Scripts - Wiki
Task Scheduler (2022-07-28 - Version 1.6.0.1) - Download - General Help & Support - Wiki

Standard UDFs:
Excel - Example Scripts - Wiki
Word - Wiki

Tutorials:
ADO - Wiki
WebDriver - Wiki

 

Link to comment
Share on other sites

First of all thanks for the useful UDF,
Second there are two questions that need help:
I have two computers, one is windows server 2019 and the other is windows 10. I want to run a script through windows 10 to modify the settings on windows server 2019。

1.Function _AD_DisablePasswordChange,It runs perfectly and takes effect on windows server 2019, and shows success when it runs perfectly on windows 10, but it does not actually take effect.
(PS:_AD_EnablePasswordExpire & _AD_SetPasswordExpire & _AD_DisableObject when it runs perfectly and takes effect on windows 10)

2.How to get "user cannot change password"?

Thank you for support

Link to comment
Share on other sites

Error : 0 / Extended : 0

This is my test code :
 

#include <AD.au3> ; 1.6.2.0


_AD_Open()

Global $g_aUserOrg = ['xxx']

Global $g_sUser = 'xxx'
Global $g_aUserToAdd = [$g_sUser]
Global $g_aUserToDelete = [$g_sUser]
;~ Global $g_aUserToDelete = ['ZZZ']
Global $g_sObject = 'xxx'
Global $g_sAttribute = 'msExchDelegateListLink'

_AD_ModifyAttribute($g_sObject, $g_sAttribute, $g_aUserOrg, 3) ; APPEND

$Attribute = _AD_GetObjectAttribute($g_sObject, $g_sAttribute)
If IsArray($Attribute) Then
;~  _ArrayDisplay($Attribute, "Before mod")
Else
    ConsoleWrite("Before mod : " & $Attribute & @CRLF)
EndIf

AddUser()
DeleteUser()

_AD_Close()


Func AddUser()
    _AD_ModifyAttribute($g_sObject, $g_sAttribute, $g_aUserToAdd, 3) ; APPEND
    If @error Then ConsoleWrite("Add error" & @CRLF)

    $Attribute = _AD_GetObjectAttribute($g_sObject, $g_sAttribute)
    If IsArray($Attribute) Then
        _ArrayDisplay($Attribute, "After add")
    Else
        ConsoleWrite("After add : " & $Attribute & @CRLF)
    EndIf
EndFunc   ;==>AddUser

Func DeleteUser()
    _AD_ModifyAttribute($g_sObject, $g_sAttribute, $g_aUserToDelete, 4) ; DELETE
;~  _AD_ModifyAttributeEX($g_sObject, $g_sAttribute, $g_aUserToDelete, 4)
    ;If @error Then ConsoleWrite('Delete error' & @CRLF)
    ConsoleWrite('Error ' & @error & ' / Extended ' & @extended & @CRLF)


    $Attribute = _AD_GetObjectAttribute($g_sObject, $g_sAttribute)
    If IsArray($Attribute) Then
        _ArrayDisplay($Attribute, "After delete")
    Else
        ConsoleWrite("After delete : " & $Attribute & @CRLF)
    EndIf
EndFunc   ;==>DeleteUser

 

Link to comment
Share on other sites

On 2/17/2023 at 4:40 PM, MWIProd said:

With $aDelete = 'CCC', the attribute value is not modified (function don't try to CLEAR, UPDATE or APPEND)

@MWIProd
That's a bug in function _AD_ModifyAttribute in the AD UDF.

Which version from this thead did you test? From post #1 or post #5?
Did you modify the function name you call in your script to _AD_ModifyAttributeEX?

 

Edited by water

My UDFs and Tutorials:

Spoiler

UDFs:
Active Directory (NEW 2024-07-28 - Version 1.6.3.0) - Download - General Help & Support - Example Scripts - Wiki
ExcelChart (2017-07-21 - Version 0.4.0.1) - Download - General Help & Support - Example Scripts
OutlookEX (2021-11-16 - Version 1.7.0.0) - Download - General Help & Support - Example Scripts - Wiki
OutlookEX_GUI (2021-04-13 - Version 1.4.0.0) - Download
Outlook Tools (2019-07-22 - Version 0.6.0.0) - Download - General Help & Support - Wiki
PowerPoint (2021-08-31 - Version 1.5.0.0) - Download - General Help & Support - Example Scripts - Wiki
Task Scheduler (2022-07-28 - Version 1.6.0.1) - Download - General Help & Support - Wiki

Standard UDFs:
Excel - Example Scripts - Wiki
Word - Wiki

Tutorials:
ADO - Wiki
WebDriver - Wiki

 

Link to comment
Share on other sites

@guaikahenguai

Question 1: It could take some time before the property change is propagated to all domain controllers. Depends on the complexity of your AD infrastructure.
Did you logoff/logon after calling _AD_DisablePasswordChange?

Question 2: Use _AD_GetPasswordInfo

My UDFs and Tutorials:

Spoiler

UDFs:
Active Directory (NEW 2024-07-28 - Version 1.6.3.0) - Download - General Help & Support - Example Scripts - Wiki
ExcelChart (2017-07-21 - Version 0.4.0.1) - Download - General Help & Support - Example Scripts
OutlookEX (2021-11-16 - Version 1.7.0.0) - Download - General Help & Support - Example Scripts - Wiki
OutlookEX_GUI (2021-04-13 - Version 1.4.0.0) - Download
Outlook Tools (2019-07-22 - Version 0.6.0.0) - Download - General Help & Support - Wiki
PowerPoint (2021-08-31 - Version 1.5.0.0) - Download - General Help & Support - Example Scripts - Wiki
Task Scheduler (2022-07-28 - Version 1.6.0.1) - Download - General Help & Support - Wiki

Standard UDFs:
Excel - Example Scripts - Wiki
Word - Wiki

Tutorials:
ADO - Wiki
WebDriver - Wiki

 

Link to comment
Share on other sites

Yes,I did logoff/logon after calling _AD_DisablePasswordChange,And I called _AD_DisablePasswordChange thirty minutes later it still didn't take effect.

_AD_GetPasswordInfo only returns the Password expires,Password last changed and Password properties, but cannot return the "user cannot change password".

Link to comment
Share on other sites

@guaikahenguai

For which account do you want to change this setting? For yourself? For another user?
What permissions does the user have with which you run the script?
Can you run the script with admin permissions?

N.B.: Please test only in the AD development or test system to ensure that no damage occurs if the script or the UDF is faulty!

My UDFs and Tutorials:

Spoiler

UDFs:
Active Directory (NEW 2024-07-28 - Version 1.6.3.0) - Download - General Help & Support - Example Scripts - Wiki
ExcelChart (2017-07-21 - Version 0.4.0.1) - Download - General Help & Support - Example Scripts
OutlookEX (2021-11-16 - Version 1.7.0.0) - Download - General Help & Support - Example Scripts - Wiki
OutlookEX_GUI (2021-04-13 - Version 1.4.0.0) - Download
Outlook Tools (2019-07-22 - Version 0.6.0.0) - Download - General Help & Support - Wiki
PowerPoint (2021-08-31 - Version 1.5.0.0) - Download - General Help & Support - Example Scripts - Wiki
Task Scheduler (2022-07-28 - Version 1.6.0.1) - Download - General Help & Support - Wiki

Standard UDFs:
Excel - Example Scripts - Wiki
Word - Wiki

Tutorials:
ADO - Wiki
WebDriver - Wiki

 

Link to comment
Share on other sites

I have two computers, one Windows2019 Active Directory, another development computer Windows10. Create a new domain administrator account (username: admin) on Windows2019, and the scripts developed are all using _AD_Open("admin","xxx" , "", "win19-ad.com") to run the script. 
The current situation is: I use this script to modify settings for a domain user (username: Boy). I run the script in the Windows2019 Active Directory to set the Boy account to take effect normally, but this script will not take effect when the script is set for the Boy account in the development computer Windows10. 
In Windows 10, using other functions(_AD_DisablePasswordExpire & _AD_SetPasswordExpire & _AD_DisableObject) to set Boy account can take effect normally, but this function(_AD_DisablePasswordChange &  _AD_EnablePasswordChange) does not take effect.

I also found this problem in a long time ago post on the forum。

 

Link to comment
Share on other sites

@water

Functions in Post 1 & 5 are same code.

I thought I used function from Post 8 before posting here but it seems I didn't. 😞

I made new try and it's ok now. 👍

Why don't you include this corrected function into UDF ?

#include <AD.au3> ; 1.6.2.0


_AD_Open()

Global $g_sUserOrg = 'xxx'
Global $g_aUserOrg = [$g_sUserOrg]
Global $g_sUser = 'xxx'
Global $g_aUserToAdd = [$g_sUser]
Global $g_aUserToDelete = [$g_sUser]
;~ Global $g_aUserToDelete = ['ZZZ']
Global $g_sObject = 'xxx'
Global $g_sAttribute = 'msExchDelegateListLink'

_AD_ModifyAttribute($g_sObject, $g_sAttribute, $g_aUserOrg, 3) ; APPEND

$Attribute = _AD_GetObjectAttribute($g_sObject, $g_sAttribute)
If IsArray($Attribute) Then
;~  _ArrayDisplay($Attribute, "Before mod")
Else
    ConsoleWrite("Before mod : " & $Attribute & @CRLF)
EndIf

AddUser()
DeleteUser()

_AD_Close()


Func AddUser()
    _AD_ModifyAttribute($g_sObject, $g_sAttribute, $g_aUserToAdd, 3) ; APPEND
    If @error Then ConsoleWrite("Add error" & @CRLF)

    $Attribute = _AD_GetObjectAttribute($g_sObject, $g_sAttribute)
    If IsArray($Attribute) Then
        _ArrayDisplay($Attribute, "After add")
    Else
        ConsoleWrite("After add : " & $Attribute & @CRLF)
        Sleep(5000)
    EndIf
EndFunc   ;==>AddUser

Func DeleteUser()
;~  _AD_ModifyAttribute($g_sObject, $g_sAttribute, $g_aUserToDelete, 4) ; BAD
    _AD_ModifyAttributeEX($g_sObject, $g_sAttribute, $g_aUserToDelete, 4) ; OK
    If @error Then ConsoleWrite('Delete error' & @CRLF)
    ConsoleWrite('Error ' & @error & ' / Extended ' & @extended & @CRLF)


    $Attribute = _AD_GetObjectAttribute($g_sObject, $g_sAttribute)
    If IsArray($Attribute) Then
        _ArrayDisplay($Attribute, "After delete")
    Else
        ConsoleWrite("After delete : " & $Attribute & @CRLF)
    EndIf
EndFunc   ;==>DeleteUser



; #FUNCTION# ====================================================================================================================
; Name...........: _AD_ModifyAttribute
; Description ...: Modifies an attribute of the given object to the value specified.
; Syntax.........: _AD_ModifyAttribute($sObject, $sAttribute[, $vValue = ""[, $iOption = 1]])
; Parameters ....: $sObject - Object (user, group ...) to add/delete/modify an attribute (sAMAccountName or FQDN)
;                  $sAttribute - Attribute to add/delete/modify
;                  $vValue - Optional: Value(s) to modify the attribute with. Use a blank string ("") to remove all values (default).
;                  +$vValue can be a string for a single value attribute (e.g. description) or
;                  +a zero-based one-dimensional array for a multi value attribute (e.g. PostalAdresses).
;                  $iOption - Optional: Indicates the mode of modification: Clear, Update, Append, Delete.
;                  |1 - CLEAR: remove all value(s) from the attribute (default when $vValue = "" or Default)
;                  |2 - UPDATE: replace the current value(s) with the specified value(s)
;                  |3 - APPEND: append the specified value(s) to the existing values(s)
;                  |4 - DELETE: delete the specified value(s) from the object
; Return values .: Success - 1
;                  Failure - 0, sets @error to:
;                  |1 - $sObject does not exist
;                  |2 - Parameter $iOption is invalid. Needs to be in the range1 to 4.
;                  |3 - Parameter $iOption is invalid for a single value attribute. Needs to be 1 or 2.
;                  |x - Error returned by SetInfo method (Missing permission etc.)
; Author ........: Jonathan Clelland
; Modified.......: water
; Remarks .......: For a single value attribute the function only supports $iOption 1 and 2.
; Related .......: _AD_GetObjectAttribute, _AD_GetObjectProperties, _AD_AddEmailAddress
; Link ..........: https://support.microsoft.com/en-us/help/260251/how-to-use-adsi-to-set-ldap-directory-attributes
; Example .......: Yes
; ===============================================================================================================================
Func _AD_ModifyAttributeEX($sObject, $sAttribute, $vValue = "", $iOption = 1)

    Local $aValue[1]
    If $vValue = Default Then $vValue = ""
    If $iOption = Default Then $iOption = 1
    If $iOption < 1 Or $iOption > 4 Then Return SetError(2, 0, 0)
    If IsArray($vValue) Then
        $aValue = $vValue
    Else ; Move the string value to the array
        If $iOption > 2 Then SetError(3, 0, 0)
        $aValue[0] = $vValue
    EndIf
    If Not _AD_ObjectExists($sObject) Then Return SetError(1, 0, 0)
    Local $sProperty = "sAMAccountName"
    If StringMid($sObject, 3, 1) = "=" Then $sProperty = "distinguishedName" ; FQDN provided
    $__oAD_Command.CommandText = "<LDAP://" & $sAD_HostServer & "/" & $sAD_DNSDomain & ">;(" & $sProperty & "=" & $sObject & ");ADsPath;subtree"
    Local $oRecordSet = $__oAD_Command.Execute ; Retrieve the ADsPath for the object
    Local $sLDAPEntry = $oRecordSet.fields(0).Value
    Local $oObject = __AD_ObjGet($sLDAPEntry) ; Retrieve the COM Object for the object
    $oObject.GetInfo
    Switch $iOption
        Case 1
            $oObject.PutEx($ADS_PROPERTY_CLEAR, $sAttribute, 0) ; CLEAR: remove all the property value(s) from the object
        Case 2
            $oObject.PutEx($ADS_PROPERTY_UPDATE, $sAttribute, $aValue) ; UPDATE: replace the current value(s) with the specified value(s)
        Case 3
            $oObject.PutEx($ADS_PROPERTY_APPEND, $sAttribute, $aValue) ; APPEND: append the specified value(s) to the existing values(s)
        Case 4
            $oObject.PutEx($ADS_PROPERTY_DELETE, $sAttribute, $aValue) ; DELETE: delete the specified value(s) from the object
    EndSwitch
    $oObject.SetInfo
    If @error Then Return SetError(@error, 0, 0)
    Return 1

EndFunc   ;==>_AD_ModifyAttributeEX

 

Link to comment
Share on other sites

The function will be added to the next release of the UDF. 
I asked users to test but there wasn’t much feedback so the tests could never be finished. 

My UDFs and Tutorials:

Spoiler

UDFs:
Active Directory (NEW 2024-07-28 - Version 1.6.3.0) - Download - General Help & Support - Example Scripts - Wiki
ExcelChart (2017-07-21 - Version 0.4.0.1) - Download - General Help & Support - Example Scripts
OutlookEX (2021-11-16 - Version 1.7.0.0) - Download - General Help & Support - Example Scripts - Wiki
OutlookEX_GUI (2021-04-13 - Version 1.4.0.0) - Download
Outlook Tools (2019-07-22 - Version 0.6.0.0) - Download - General Help & Support - Wiki
PowerPoint (2021-08-31 - Version 1.5.0.0) - Download - General Help & Support - Example Scripts - Wiki
Task Scheduler (2022-07-28 - Version 1.6.0.1) - Download - General Help & Support - Wiki

Standard UDFs:
Excel - Example Scripts - Wiki
Word - Wiki

Tutorials:
ADO - Wiki
WebDriver - Wiki

 

Link to comment
Share on other sites

  • 2 months later...
On 2/23/2023 at 5:08 PM, water said:

@guaikahenguai

For which account do you want to change this setting? For yourself? For another user?
What permissions does the user have with which you run the script?
Can you run the script with admin permissions?

N.B.: Please test only in the AD development or test system to ensure that no damage occurs if the script or the UDF is faulty!

Here is my script, which is run in the gg.com domain controller to set the specified user account: Boy,the setting will take effect.
If the same script is run on another computer in the domain member to set the same user account: Boy, the setting will not take effect.

#RequireAdmin
#include <AD.au3>
#include <ButtonConstants.au3>
#include <GUIConstantsEx.au3>
#include <WindowsConstants.au3>


Global $AD_user = "gg.com\admin" ;admin member of Domain Admins
Global $AD_pswd = "Asdf.123654"
Global $AD_domain = "gg.com"

Global $nMsg, $sUser, $sUser1, $sUser2

_AD_Open($AD_user,$AD_pswd,"",$AD_domain)
If @error Then Exit MsgBox(16, "Active Directory Example Skript", "Function _AD_Open encountered a problem. @error = " & @error & ", @extended = " & @extended)

Global $iReply = MsgBox(308, "Active Directory Functions - Example 1", "This script Enables/Disable the specified user to change their password." & @CRLF & @CRLF & _
        "Are you sure you want to change the Active Directory?")
If $iReply <> 6 Then Exit

#region ### START Koda GUI section ### Form=
Global $Form1 = GUICreate("Active Directory Functions - Example 1", 714, 124)
GUICtrlCreateLabel("User to change  (FQDN or sAMAccountName):", 8, 10, 231, 17)
Global $IUser = GUICtrlCreateInput("", 241, 10, 459, 21)
Global $BDisable = GUICtrlCreateButton( "Disable", 8, 72, 121, 33)
Global $BEnable = GUICtrlCreateButton( "Enable", 260, 72, 121, 33)
Global $BCancel = GUICtrlCreateButton("Cancel", 628, 72, 73, 33, BitOR($GUI_SS_DEFAULT_BUTTON, $BS_DEFPUSHBUTTON))
GUISetState(@SW_SHOW)
#endregion ### END Koda GUI section ###

While 1
    $nMsg = GUIGetMsg()
    Switch $nMsg
        Case $GUI_EVENT_CLOSE, $BCancel
            Exit
        Case $BDisable
            $sUser1 = GUICtrlRead($IUser)
            _DisablePasswordChange($sUser1)
            ExitLoop
            
        Case $BEnable
            $sUser2 = GUICtrlRead($IUser)
            _EnablePasswordChange($sUser2)
            ExitLoop    
    EndSwitch
WEnd

Func _DisablePasswordChange($sUser)
; Change user
Local $iValue1 = _AD_DisablePasswordChange($sUser)
ConsoleWrite("Result: " & $iValue1 & ", error: " & @error & ", extended: " & @extended)
If $iValue1 = 1 Then
    MsgBox(64, "Disable Password Change", "User '" & $sUser &  "' successfully changed")
ElseIf @error = 1 Then
    MsgBox(64, "Disable Password Change", "User '" & $sUser &   "' does not exist")
Else
    MsgBox(64, "Disable Password Change", "Return code '" & @error &   "' from Active Directory")
EndIf
EndFunc

Func _EnablePasswordChange($sUser)
Local $iValue2 = _AD_EnablePasswordChange($sUser)
ConsoleWrite("Result: " & $iValue2 & ", error: " & @error & ", extended: " & @extended)
If $iValue2 = 1 Then
    MsgBox(64, "Enable Password Change", "User '" & $sUser &  "' successfully changed")
ElseIf @error = 1 Then
    MsgBox(64, "Enable Password Change", "User '" & $sUser &   "' does not exist")
Else
    MsgBox(64, "Enable Password Change", "Return code '" & @error &    "' from Active Directory")
EndIf
EndFunc

_AD_Close()

 

Link to comment
Share on other sites

You could add _AD_ErrorNotify(1) at the top of your script so we get more detailed error information.

My UDFs and Tutorials:

Spoiler

UDFs:
Active Directory (NEW 2024-07-28 - Version 1.6.3.0) - Download - General Help & Support - Example Scripts - Wiki
ExcelChart (2017-07-21 - Version 0.4.0.1) - Download - General Help & Support - Example Scripts
OutlookEX (2021-11-16 - Version 1.7.0.0) - Download - General Help & Support - Example Scripts - Wiki
OutlookEX_GUI (2021-04-13 - Version 1.4.0.0) - Download
Outlook Tools (2019-07-22 - Version 0.6.0.0) - Download - General Help & Support - Wiki
PowerPoint (2021-08-31 - Version 1.5.0.0) - Download - General Help & Support - Example Scripts - Wiki
Task Scheduler (2022-07-28 - Version 1.6.0.1) - Download - General Help & Support - Wiki

Standard UDFs:
Excel - Example Scripts - Wiki
Word - Wiki

Tutorials:
ADO - Wiki
WebDriver - Wiki

 

Link to comment
Share on other sites

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!

Register a new account

Sign in

Already have an account? Sign in here.

Sign In Now
 Share

×
×
  • Create New...