DrewC45 Posted May 28, 2009 Share Posted May 28, 2009 Could you please run the following code and post the results?#include <adfunctions.au3> Global $asUsergroups _ADGetUserGroups($asUsergroups) _ArrayDisplay($asUsergroups) Thanks, that worked for what I was trying to do. I was trying to actually pull the command out and put it in a new script. I am sorry just starting out with the software. I didn't think to do the include with the entire .au3 file. Link to comment Share on other sites More sharing options...
water Posted May 29, 2009 Share Posted May 29, 2009 You can't copy just a single function from adfunctions.au3. When you look at the UDF you see that some statements are beeing executed before you can call the first function (create the COM object, install the error handler ...). To reduce the size of your compiled exe just run the obfuscator to remove all unused functions. Ctrl-F7 in Scite tab Obfuscator. My UDFs and Tutorials: Spoiler UDFs: Active Directory (NEW 2024-07-28 - Version 1.6.3.0) - Download - General Help & Support - Example Scripts - Wiki ExcelChart (2017-07-21 - Version 0.4.0.1) - Download - General Help & Support - Example Scripts OutlookEX (2021-11-16 - Version 1.7.0.0) - Download - General Help & Support - Example Scripts - Wiki OutlookEX_GUI (2021-04-13 - Version 1.4.0.0) - Download Outlook Tools (2019-07-22 - Version 0.6.0.0) - Download - General Help & Support - Wiki PowerPoint (2021-08-31 - Version 1.5.0.0) - Download - General Help & Support - Example Scripts - Wiki Task Scheduler (2022-07-28 - Version 1.6.0.1) - Download - General Help & Support - Wiki Standard UDFs: Excel - Example Scripts - Wiki Word - Wiki Tutorials: ADO - Wiki WebDriver - Wiki  Link to comment Share on other sites More sharing options...
DrewC45 Posted June 2, 2009 Share Posted June 2, 2009 I have ran into another problem trying to get this script to work for me. It does display the list on groups, but they are all jumbled up with the CM=, OU= and DC= in front of each word. I tried to run the _ArrayTrim function to pull the first 3 letters off the front, but It doesn't seem to be doing that. I also do not know the placement of that specific command if it makes a difference. #include <adfunctions.au3> #include <array.au3> Global $asUsergroups Global $iTrimNum = 3 Global $iDirection = 1 Global $iStart = 0 Global $iEnd = 3 _ADGetUserGroups($asUsergroups) _ArrayTrim($asUsergroups, $iTrimNum, $iDirection, $iStart, $iEnd) _Arraydisplay($asUsergroups) Link to comment Share on other sites More sharing options...
water Posted June 2, 2009 Share Posted June 2, 2009 To get the CN (common name) from the distinguished name (CN=group_name,OU=Organizational Unit,DC=company,DC=com) you could use something like:#include <adfunctions.au3> #include <array.au3> Global $asUsergroups _ADGetUserGroups($asUsergroups) For $i = 1 To $asUsergroups[0] $Zf = Stringsplit($asUsergroups[$i],"=") $Zf = Stringsplit($Zf[2],",") $asUsergroups[$i] = $Zf[1] Next _Arraydisplay($asUsergroups) My UDFs and Tutorials: Spoiler UDFs: Active Directory (NEW 2024-07-28 - Version 1.6.3.0) - Download - General Help & Support - Example Scripts - Wiki ExcelChart (2017-07-21 - Version 0.4.0.1) - Download - General Help & Support - Example Scripts OutlookEX (2021-11-16 - Version 1.7.0.0) - Download - General Help & Support - Example Scripts - Wiki OutlookEX_GUI (2021-04-13 - Version 1.4.0.0) - Download Outlook Tools (2019-07-22 - Version 0.6.0.0) - Download - General Help & Support - Wiki PowerPoint (2021-08-31 - Version 1.5.0.0) - Download - General Help & Support - Example Scripts - Wiki Task Scheduler (2022-07-28 - Version 1.6.0.1) - Download - General Help & Support - Wiki Standard UDFs: Excel - Example Scripts - Wiki Word - Wiki Tutorials: ADO - Wiki WebDriver - Wiki  Link to comment Share on other sites More sharing options...
supahfly Posted June 16, 2009 Share Posted June 16, 2009 Hi Guys, Did anyone tried to create a mailbox? With_ ADUserCreateMailbox function? Seems not working... no errors are shown.. #include <adfunctions.au3> $user = "firstname.lastname" $mdbstore = "Hosted Exchange" $store = "Shared Customers (MAPI)" $server = "server11.network.local" $admingroup = "First Administrative Group" $domain = "Customer1.com" _ADUserCreateMailbox($user, $mdbstore, $store, $server, $admingroup, $domain) Link to comment Share on other sites More sharing options...
Yorn Posted June 23, 2009 Share Posted June 23, 2009 Someone needs to redo or start maintaining this UDF to support Windows Server 2008 Active Directory. It's from 2007 and the original author is gone, if someone else picked it up that'd be a good thing. There's so many changes/patches and addons like GrayWalker's above that it needs to be a new UDF managed by a regular on the forums. Link to comment Share on other sites More sharing options...
water Posted June 23, 2009 Share Posted June 23, 2009 Someone needs to redo or start maintaining this UDF to support Windows Server 2008 Active Directory. It's from 2007 and the original author is gone, if someone else picked it up that'd be a good thing.That's a very good idea!Is there a single person out there with very good AD knowledge, a W2K8 server and a little bit of spare time?What do you want to achieve? An UDF that is part of the AutoIt installation package (I think this would take a lot of time) or just another post in the example Scripts where the latest version if the udf is located and some discussion on how to improve it?I have done some scripts with the adfunctions library but am no AD guru - just a bit of "learning by doing".Whatever we do, I can offer (little) time and (limited) knowledge My UDFs and Tutorials: Spoiler UDFs: Active Directory (NEW 2024-07-28 - Version 1.6.3.0) - Download - General Help & Support - Example Scripts - Wiki ExcelChart (2017-07-21 - Version 0.4.0.1) - Download - General Help & Support - Example Scripts OutlookEX (2021-11-16 - Version 1.7.0.0) - Download - General Help & Support - Example Scripts - Wiki OutlookEX_GUI (2021-04-13 - Version 1.4.0.0) - Download Outlook Tools (2019-07-22 - Version 0.6.0.0) - Download - General Help & Support - Wiki PowerPoint (2021-08-31 - Version 1.5.0.0) - Download - General Help & Support - Example Scripts - Wiki Task Scheduler (2022-07-28 - Version 1.6.0.1) - Download - General Help & Support - Wiki Standard UDFs: Excel - Example Scripts - Wiki Word - Wiki Tutorials: ADO - Wiki WebDriver - Wiki  Link to comment Share on other sites More sharing options...
Johny Clelland Posted June 24, 2009 Author Share Posted June 24, 2009 (edited) Someone needs to redo or start maintaining this UDF to support Windows Server 2008 Active Directory. It's from 2007 and the original author is gone, if someone else picked it up that'd be a good thing.There's so many changes/patches and addons like GrayWalker's above that it needs to be a new UDF managed by a regular on the forums.Yorn,I'm sorry I haven't been around for a while (hadn't realised it had been quite so long...)The function that GrayWalker wrote looks very similar to __ADSamAccountNameToFQDN, only with a restriction that it only works for computers.I have attached the version of ADFunctions that I currently use. I'm not sure how different it is from the original versions, I suspect it may cause some problems with people's existing code. I've tried to include what's been updated, but to be honest I haven't been great at keeping track of changes in this particular script.The most notable changes recently were to the Recursive GroupMembers and MemberOf functions, as they return slightly different data now (the results are still DNs, with inherited groups after '|' chars, but the list contains all of them now, not just the 'first' inherited group)Unfortunately I do not have access to W2k8 yet, so i can't develop anything in that direction. I am more than happy for someone else to take that particular task on ;-)Please feel free to play with this latest version and let me know if you have any problems.I promise I will try to respond to anything on this forum a little quicker this time.Cheers,Johny.Latest Version -- Link Edited June 24, 2009 by Johny Clelland Link to comment Share on other sites More sharing options...
rogerd2u Posted June 24, 2009 Share Posted June 24, 2009 Here are a "few" things I would love to have added to this GREAT script:1.) Ability to check AD to see if user account is locked out (due to too many unsuccessful log in attempts); If locked out, ability to unlock the account2.) Take a specific (disabled) AD user account and check to see if the user is in any security or distribution groups. If so, remove them from all those groups3.) Create a list of all disabled AD user accounts and check to see if the users are in any security or distribution groups. If so, remove them from all those groups (mass update for request #2)4.) Create a function that will force a password change for a specified user -- sets the "User must change password at next login" checkbox.5.) Create a function that will force a password change (at next login) for a specified OU -- sets the "User must change password at next login" checkbox. (OU mass update for request #4)6.) Create a function that will force a password change for all users within a specified OU -- giving the ability to set the password to a variable callout.Thank you in advance for your consideration!Yorn,I'm sorry I haven't been around for a while (hadn't realised it had been quite so long...)The function that GrayWalker wrote looks very similar to __ADSamAccountNameToFQDN, only with a restriction that it only works for computers.I have attached the version of ADFunctions that I currently use. I'm not sure how different it is from the original versions, I suspect it may cause some problems with people's existing code. I've tried to include what's been updated, but to be honest I haven't been great at keeping track of changes in this particular script.The most notable changes recently were to the Recursive GroupMembers and MemberOf functions, as they return slightly different data now (the results are still DNs, with inherited groups after '|' chars, but the list contains all of them now, not just the 'first' inherited group)Unfortunately I do not have access to W2k8 yet, so i can't develop anything in that direction. I am more than happy for someone else to take that particular task on ;-)Please feel free to play with this latest version and let me know if you have any problems.I promise I will try to respond to anything on this forum a little quicker this time.Cheers,Johny. Roger O."When people show you who they are, believe them.” --Mark Twain Link to comment Share on other sites More sharing options...
water Posted June 24, 2009 Share Posted June 24, 2009 Before we start adding new functions I would suggest to reunite the extended code written by Johny (version 3.3) and the current version available from this forum (3.1.6). Starting with this new code base we can incorporate new functions and changes made necessary by W2K8 Active Directory. If time doesn't matter I would be happy to start working on this new code base. My UDFs and Tutorials: Spoiler UDFs: Active Directory (NEW 2024-07-28 - Version 1.6.3.0) - Download - General Help & Support - Example Scripts - Wiki ExcelChart (2017-07-21 - Version 0.4.0.1) - Download - General Help & Support - Example Scripts OutlookEX (2021-11-16 - Version 1.7.0.0) - Download - General Help & Support - Example Scripts - Wiki OutlookEX_GUI (2021-04-13 - Version 1.4.0.0) - Download Outlook Tools (2019-07-22 - Version 0.6.0.0) - Download - General Help & Support - Wiki PowerPoint (2021-08-31 - Version 1.5.0.0) - Download - General Help & Support - Example Scripts - Wiki Task Scheduler (2022-07-28 - Version 1.6.0.1) - Download - General Help & Support - Wiki Standard UDFs: Excel - Example Scripts - Wiki Word - Wiki Tutorials: ADO - Wiki WebDriver - Wiki  Link to comment Share on other sites More sharing options...
Johny Clelland Posted June 24, 2009 Author Share Posted June 24, 2009 Any chance you could point me in the direction of a link to the latest version on the forum? The search doesn't seem to find 3.1.6 anywhere :-(Before we start adding new functions I would suggest to reunite the extended code written by Johny (version 3.3) and the current version available from this forum (3.1.6). Starting with this new code base we can incorporate new functions and changes made necessary by W2K8 Active Directory.If time doesn't matter I would be happy to start working on this new code base. Link to comment Share on other sites More sharing options...
water Posted June 24, 2009 Share Posted June 24, 2009 Here it is: Link My UDFs and Tutorials: Spoiler UDFs: Active Directory (NEW 2024-07-28 - Version 1.6.3.0) - Download - General Help & Support - Example Scripts - Wiki ExcelChart (2017-07-21 - Version 0.4.0.1) - Download - General Help & Support - Example Scripts OutlookEX (2021-11-16 - Version 1.7.0.0) - Download - General Help & Support - Example Scripts - Wiki OutlookEX_GUI (2021-04-13 - Version 1.4.0.0) - Download Outlook Tools (2019-07-22 - Version 0.6.0.0) - Download - General Help & Support - Wiki PowerPoint (2021-08-31 - Version 1.5.0.0) - Download - General Help & Support - Example Scripts - Wiki Task Scheduler (2022-07-28 - Version 1.6.0.1) - Download - General Help & Support - Wiki Standard UDFs: Excel - Example Scripts - Wiki Word - Wiki Tutorials: ADO - Wiki WebDriver - Wiki  Link to comment Share on other sites More sharing options...
Johny Clelland Posted June 24, 2009 Author Share Posted June 24, 2009 (edited) Thanks.Attached is my suggested vesion 3.3.1. UPDATE - Updated to 3.3.2 to remove a reference to an external include file (DoProgress.au3)It has the additions by KenE, and my recent updates. The only thing I haven't included is the _ADComputerExists function, as it is not required. The claim is that _ADObjectExists doesn't work for computer objects, but it does. You just need to note that the SamAccountName of a computer account is the computer's name with a '$' on the end, so to check for a computer you use;If _ADObjectExists("mycomputer$") Then MsgBox(0,"","MyComputer exists!")Else MsgBox(0,"","MyComputer doesn't exist :-(")EndifI've had a couple of requests about unlocks and password resets which i'm planning to add as well.Cheers,Johny.Here it is: Linkadfunctions.au3 Edited July 1, 2009 by Johny Clelland Link to comment Share on other sites More sharing options...
rogerd2u Posted June 25, 2009 Share Posted June 25, 2009 Thanks for picking this project back up, Johny! Having this utility has saved me countless hours. I look forward to the added requests, and appreciate your time and effort!I've had a couple of requests about unlocks and password resets which i'm planning to add as well.Cheers,Johny. Roger O."When people show you who they are, believe them.” --Mark Twain Link to comment Share on other sites More sharing options...
Yorn Posted June 26, 2009 Share Posted June 26, 2009 (edited) Yes, I appreciate maintaining this. I have limited Windows 2008 access. Most of the functionality works the same, it's just that there were some changes over the years (AutoIT code changes) that caused issues with several of the functions from 2006. I too had patched mine but after looking at Johnny's I think it's probably better to just use his with the later versions of AutoIT. Edited June 26, 2009 by Yorn Link to comment Share on other sites More sharing options...
Prophet Posted July 7, 2009 Share Posted July 7, 2009 Ive been working with the older/original version over the last couple of days myself. Its a really useful library, im gonna try this new version out. In the meantime, i have a couple of remarks/questions. I have been building a add computer to domain script. Now because of certain details in our organization, this script had to do more then just add a computer to a domain. So I ran into a little trouble with doing domain query's from the non domain machine. First of all the adfunctions lib errors in initialization, no surprise. Second it doesn't allow for query's with different credentials everywhere. Now ive been diving in ADODB.Connection, which is the object used for creating most of the connection used, and it does support it. The code i used is. Global $objConnection = ObjCreate("ADODB.Connection") ; Create COM object to AD $objConnection.ConnectionString = "Provider=ADsDSOObject" ; Set Service providertype $objConnection.Properties("User ID") = $Domain & "\" & $adUsername ; Authenticate User $objConnection.Properties("Password") = $adPassword ; Authenticate User $objConnection.Properties("Encrypt Password") = 1 ; Set encryption for passwords $objConnection.Properties("ADSI Flag") = 1 ; 1 = Use Kerbos for authentification $objConnection.Open("Active Directory Provider") ; Open connection Now this also made me realize that this library doesn't build secure connections to ad, ofcourse i cant find the freaking msdn page where i found all the info anymore!, but i remember it saying that default was without security. Now this may not be a problem from a domain machine as username and password are not needed, but it is something too watch out for. Ill keep trying to find the freaking msdn page. Im not sure how this would fit into the lib, i have copied the functions i need to my script, and changed them a little. The lib does support different credentials where object.functions support it, through $alt_userid. May not even be all that usefull, since its made to use on domain pc's. but you may wanna check the security settings. As a side note: $objConnection.Provider = "ADsDSOObject" seems to work just aswell as $objConnection.ConnectionString = "Provider=ADsDSOObject" im not sure what the difference is yet +==================================================================+| The Definition of Madness: Creating a GUI, with GUI automation scripts |+==================================================================+ Link to comment Share on other sites More sharing options...
Johny Clelland Posted July 9, 2009 Author Share Posted July 9, 2009 Hi Prophet, Always nice to hear good things about my scripts :-) On the note of alternative logon credentials, the Functions library has two ways of dealing with this. Firstly, look at _ADAlternativeLogon on line 1852. That does the equivalent of your code below, although as you have pointed out it is not secure (I'll add this to the next version). Secondly, to enable _ADObjGet to use alternative credentials, simply set the Global variables $alt_userid and $alt_password to the relevant ID. I'm not sure if this logon is secure or not, there's a BitOr in there which may or may not be for secure connections. It's that long since I wrote those bits of code I'm not certain what that last argument does. Hope this helps, and thanks for the suggestions about making it secure. I'm not sure what to do about running it on a non-domain PC, as I never thought you would need to use it outside of a domain. Cheers, Johny. Ive been working with the older/original version over the last couple of days myself. Its a really useful library, im gonna try this new version out. In the meantime, i have a couple of remarks/questions. I have been building a add computer to domain script. Now because of certain details in our organization, this script had to do more then just add a computer to a domain. So I ran into a little trouble with doing domain query's from the non domain machine. First of all the adfunctions lib errors in initialization, no surprise. Second it doesn't allow for query's with different credentials everywhere. Now ive been diving in ADODB.Connection, which is the object used for creating most of the connection used, and it does support it. The code i used is. Global $objConnection = ObjCreate("ADODB.Connection") ; Create COM object to AD $objConnection.ConnectionString = "Provider=ADsDSOObject" ; Set Service providertype $objConnection.Properties("User ID") = $Domain & "\" & $adUsername ; Authenticate User $objConnection.Properties("Password") = $adPassword ; Authenticate User $objConnection.Properties("Encrypt Password") = 1 ; Set encryption for passwords $objConnection.Properties("ADSI Flag") = 1 ; 1 = Use Kerbos for authentification $objConnection.Open("Active Directory Provider") ; Open connection Now this also made me realize that this library doesn't build secure connections to ad, ofcourse i cant find the freaking msdn page where i found all the info anymore!, but i remember it saying that default was without security. Now this may not be a problem from a domain machine as username and password are not needed, but it is something too watch out for. Ill keep trying to find the freaking msdn page. Im not sure how this would fit into the lib, i have copied the functions i need to my script, and changed them a little. The lib does support different credentials where object.functions support it, through $alt_userid. May not even be all that usefull, since its made to use on domain pc's. but you may wanna check the security settings. As a side note: $objConnection.Provider = "ADsDSOObject" seems to work just aswell as $objConnection.ConnectionString = "Provider=ADsDSOObject" im not sure what the difference is yet Link to comment Share on other sites More sharing options...
Prophet Posted July 13, 2009 Share Posted July 13, 2009 Aah nice you already build that into the connection. About non domain machines You could initialize the UDF differently, by checking if $objRootDSE is a valid object, and choosing 2 ways of preceding. for example Global $objRootDSE = ObjGet("LDAP://RootDSE") If IsObj($objRootDSE) = 1 Then Global $strDNSDomain = $objRootDSE.Get("defaultNamingContext") ; Retrieve the current AD domain name Global $strHostServer = $objRootDSE.Get("dnsHostName") ; Retrieve the name of the connected DC Global $strConfiguration = $objRootDSE.Get("ConfigurationNamingContext") ; Retrieve the Configuration naming context Else ;set the variables by manually EndIf But im not sure its worth the effort, in most cases you wont need it. +==================================================================+| The Definition of Madness: Creating a GUI, with GUI automation scripts |+==================================================================+ Link to comment Share on other sites More sharing options...
devilman16 Posted August 21, 2009 Share Posted August 21, 2009 Hello Johny Clelland,first I want to thank you for your great work.I am using Autoit since a year I think, but just started with using it in AD.I am using your latest version 3.3.2 and started with a small script for changing our Users Out Of Office reply wich works like a charm.Now my new project is to work on an automated User creation, and there are my first problems.First I think the description for _ADCreateUser and _ADCreateGroup is wrong when it comes to the OU where the user has to be created.The format is described like: line 190 and 220: $userou = OU to create the group in. Form is "sampleou=ou, sampleparent=ou, sampledomain1=dc, sampledomain2=dc, sampledomain3=dc"But its not working for me, instead the description of _ADAudit seams to be the right one also for _ADCreate...:line 1928: Takes the ou, in the form "ou=Users, ou=Department, dc=mycompany, dc=com"But if I am trying this:$userou = "ou=Users, ou=Department, dc=mycompany, dc=com" $user = "josemair" $fname = "Josef" $lname = "Mair" $description = "this is a Autoit test" $result = _ADCreateUser($userou, $user, $fname, $lname, $description = "User")Then I get the user in the right OU with right username but the user is disabled with description "FALSE" and the fname and lname is not in the right field:Can you help me in this point?I am using Server 2003 as DC.Thanks a lot. Link to comment Share on other sites More sharing options...
Mcgruff30 Posted August 31, 2009 Share Posted August 31, 2009 Hi Guys, Did anyone tried to create a mailbox? With_ ADUserCreateMailbox function? Seems not working... no errors are shown.. #include <adfunctions.au3> $user = "firstname.lastname" $mdbstore = "Hosted Exchange" $store = "Shared Customers (MAPI)" $server = "server11.network.local" $admingroup = "First Administrative Group" $domain = "Customer1.com" _ADUserCreateMailbox($user, $mdbstore, $store, $server, $admingroup, $domain) Supahfly; Did you ever get this working? I'm trying to accomplish this and came across your post. Didn't know if you had solved the problem already. Any help would be greatly appreciated. Thanks. Link to comment Share on other sites More sharing options...
Recommended Posts
Create an account or sign in to comment
You need to be a member in order to leave a comment
Create an account
Sign up for a new account in our community. It's easy!
Register a new accountSign in
Already have an account? Sign in here.
Sign In Now