Jump to content

Recommended Posts

Posted (edited)

Hi all! I am new here and have some troubles with English. I've got strange error when JUST try include au3 file called "Adfunctions" in my script. For example

CODE
#include<Adfunctions.au3>

MsgBox(4096, "Test", "This box will time out in 10 seconds", 10)

>"C:\Program Files\AutoIt3\SciTE\AutoIt3Wrapper\AutoIt3Wrapper.exe" /run /prod /ErrorStdOut /in "C:\Users\my.au3" /autoit3dir "C:\Program Files\AutoIt3" /UserParams

+> Starting AutoIt3Wrapper v.1.7.3

! *** AU3CHECK Error: *** Skipping AU3Check: C:\Program Files\AutoIt3\au3check.exe Not Found !

>Running:(3.1.1.0):C:\Program Files\AutoIt3\autoit3.exe "C:\Users\my.au3"

C:\Program Files\AutoIt3\Include\Adfunctions.au3 (135) : ==> Unable to parse line.:

$objRecordSet = $objConnection.Execute ($strQuery) ; Retrieve the FQDN for the user

$objRecordSet = $objConnection.E^ ERROR

->AutoIT3.exe ended.rc:1

>Exit code: 1 Time: 1.244

Edited by asUwant
Posted

Ok,

I managed to find the downloads :) .

I played around with differnet functions. Unfortunately I cannot get delete a group object using function _ADDeleteObject(<groupname>). How can I find the error itself? Looking at other ADSI scripts and e.g. adsi scriptomatic they use code like this:

strContainer = ""
strName = "EzAdGroup"

'***********************************************
'*       Connect to a container           *
'***********************************************
Set objRootDSE = GetObject("LDAP://rootDSE")
If strContainer = "" Then
  Set objContainer = GetObject("LDAP://" & _
    objRootDSE.Get("defaultNamingContext"))
Else
  Set objContainer = GetObject("LDAP://" & strContainer & "," & _
    objRootDSE.Get("defaultNamingContext"))
End If
'***********************************************
'*     End connect to a container           *
'***********************************************

objContainer.Delete "group", "cn=" & strName

Especially .Delete has two options. Is that a required difference compared to adfunctions.au3 code?

Thanks

---egonle

PS: Would you add a function to copy users from templates?

I have attached the latest version of the ADFunction.au3 file. There are a couple of things that have changed (most notably the return array from GetUserGroups) and a few new functions.

You are correct that the .delete function requires a 'type' and a 'name'. The function in the current version looks like this;

; _ADDeleteObject

; $object = SamAccountName of object to delete. Returns 0 if object doesn't exist, otherwise Returns 1

Func _ADDeleteObject($ou, $object, $type)

$objcn = "CN=" & StringReplace($object, ",", "\,")

$ObjOU = ObjGet("LDAP://" & $strHostServer & "/" & $ou)

$objOU.Delete ($type, $objcn)

Return 1

EndFunc ;==>_ADDeleteObject

This allows the deletion of groups, using a $type="group". It should also work for users, contacts and other categories of object, but I haven't tested this.

Hope this helps.

  • 2 weeks later...
Posted

Hey Johny

Great work on this - perhaps you can see if you can get this added to the current release as a UDF cause its fricken helpful for those that work with ADUC

cheers

Craig

  • 2 weeks later...
Posted

This is great work!

Except that I'm running into a problem when including adfunctions.au3 in a script:

When running an AutoIt script in AutoIt v3.2.2.0 with

#include <GUIConstants.au3>

#include <adfunctions.au3>

The following error message appears:

E:\Apps\AutoIt-v3.2.2.0\Include\adfunctions.au3 (78) : ==> Variable must be of type "Object".:

Global $strDNSDomain = $objRootDSE.Get ("defaultNamingContext")

Global $strDNSDomain = $objRootDSE^ ERROR

Does anyone else have this problem?

Also I could use a function to add one group as a member of another group.

  • 2 weeks later...
Posted

Hi all. very nice script! my login script used to call a vb script to do all those AD queries. Never really had time to code it in autoit.

One thing I'm wondering: with my vb script I was able to modify it a bit to get the Recursive group list of a Computer object.

So when my login script start I can perform action based on the group membership of the user and the computer. Best example of this use is if a user log in computer A he will have Printer A connected, but if he login to computer B he should have printer B connected, because there are not at the same place.

Just an idea: adding a func to return the group membership of a computer.

  • 2 weeks later...
Posted (edited)

Hi all. very nice script! my login script used to call a vb script to do all those AD queries. Never really had time to code it in autoit.

One thing I'm wondering: with my vb script I was able to modify it a bit to get the Recursive group list of a Computer object.

So when my login script start I can perform action based on the group membership of the user and the computer. Best example of this use is if a user log in computer A he will have Printer A connected, but if he login to computer B he should have printer B connected, because there are not at the same place.

Just an idea: adding a func to return the group membership of a computer.

This is my first time trying to use the ADFunctions.au3. It's nice however how do you pass admin credentials into the functions. Runasset does not work to pass the credentials or either I'm not using it right with the ADFunctions. Has someone used the ADFunctions with domain admin rights? I need to be able to do this if I am using an account that doesn't belong to a group with admin rights.

Thanks in advance.

Edited by EndFunc
EndFuncAutoIt is the shiznit. I love it.
Posted

little fix to _ADIsMemberOf:

If you try to check a group and the group don't exist, you end up with a object error like this:

C:\test.au3 (28) : ==> Variable must be of type "Object".: 
$ismember = $objgroup.IsMember ("LDAP://" & $strHostServer & "/" & _ADSamAccountNameToFQDN($user)) 
$ismember = $objgroup^ ERROR

to fix this change the function to:

Func _ADIsMemberOf($group, $user)
    $ObjGroup = ObjGet("LDAP://" & $strHostServer & "/" & _ADSamAccountNameToFQDN($group))
    ;check if there is and object to check, else return 0 as the group does not exist
    If IsObj($objgroup) Then
        $ismember = $objgroup.IsMember ("LDAP://" & $strHostServer & "/" & _ADSamAccountNameToFQDN($user))
        Return -$ismember
    Else
        Return 0
    EndIf
EndFunc   ;==>_ADIsMemberOf

 -

Posted

I need to be able to search AD with either a "displayName" or "sAMAccountName".

The idea is a user will type into an input field either of the above names and click a search button. The rest of my script finds either the "displayName" or "sAMAccountName" in AD and returns various attributes of the object.

I know how to search AD with the "sAMAccountName", but can someone give me an example of how to do so with the "displayName".

  • 4 weeks later...
Posted

I am getting an error on line 78 from adfunctions.au3

Global $strDNSDomain = $objRootDSE.Get("defaultNamingContext")
Global $strDNSDomain = $objRootDSE^ ERROR

Error: Variable must be of type "Object".

Now granted, the machine I'm running it on is not part of a domain but I will eventually be running this from PE so it won't run from a domain anyway.

Any ideas guys?

THANKS!

-Redfive

Posted

I am getting an error on line 78 from adfunctions.au3

Global $strDNSDomain = $objRootDSE.Get("defaultNamingContext")
Global $strDNSDomain = $objRootDSE^ ERROR

Error: Variable must be of type "Object".

Now granted, the machine I'm running it on is not part of a domain but I will eventually be running this from PE so it won't run from a domain anyway.

Any ideas guys?

THANKS!

-Redfive

  • 2 weeks later...
Posted

Johny:

Since I've downloaded the most current version of adfunctions.au3, I've started getting 'Object referenced outside a "With" statement' errors. I'm not sure if my implementation of your "_ADGetGroupMembers" UDF is flawed or if something else is going on. Any help would be appreciated.

#include <Array.au3>
#include <File.au3>
#include <adfunctions.au3>

$TextFile = ""
$Members = ""

While 1
    $GroupName = InputBox("Group Name", "Enter the Active Directory Group name")
    If @error <> 0 Then
        Exit
    Else
        If $GroupName <> "" Then
            ExitLoop
        EndIf
    EndIf
WEnd

$TextFile = $GroupName & ".txt"

If _ADGetGroupMembers($Members, $GroupName, 0) == 1 Then
    _FileWriteFromArray($TextFile, $members)
Else
    MsgBox(4096,"Error", "The group specified doesn't exist.")
EndIf
Posted

I'd just like to praise you since you made the creation of standard-signatures so much easier for me. :(

Got about 380 email-accounts here, so I thought it'd be a pain in the *** but thanks to you reading out names & numbers and all that stuff went great...

:shocked:

Posted

I am getting an error on line 78 from adfunctions.au3

Global $strDNSDomain = $objRootDSE.Get("defaultNamingContext")
Global $strDNSDomain = $objRootDSE^ ERROR

Error: Variable must be of type "Object".

Now granted, the machine I'm running it on is not part of a domain but I will eventually be running this from PE so it won't run from a domain anyway.

Any ideas guys?

THANKS!

-Redfive

It must be part of a domain for it to work. That's why it's called ADFuntions, you will get that type of error if its not.
EndFuncAutoIt is the shiznit. I love it.
Posted

'Object referenced outside a "With" statement' errors

Is no one else getting this error with version 3 of adfunctions' _ADGetGroupMembers? Version 2 didn't have the same issue.

Posted (edited)

Global $strDNSDomain = $objRootDSE.Get("defaultNamingContext")
Global $strDNSDomain = $objRootDSE^ ERROR

Error: Variable must be of type "Object".

It must be part of a domain for it to work. That's why it's called ADFuntions, you will get that type of error if its not.

My machine is member of a domain and i will get the same error when i log on with the local administrator account.

Edited by FeReNGi
  • 1 month later...
Posted

I need to download a CRL (Certificate Revocation List) from my LDAP (SunONE Directory Server v. 5.2).

The code below doesn't work:

Dim $objConnection, $oUsr,$crl
    
    $objConnection = ObjCreate("ADODB.Connection")  ; Create COM object to AD
    $objConnection.Provider = "ADsDSOObject"
    $objConnection.Open ("Active Directory Provider")  ; Open connection to AD
    $strQuery = "<LDAP://**.*.***.**/c=**/o=****/ou=***/cn=***>;objectClass=*);certificaterevocationlist;binary;subtree"
    $objRecordSet = $objConnection.Execute ($strQuery)  ; Retrieve the FQDN for the logged on user
    if $objRecordSet.eof then
        MsgBox(0,"Error","EOF")
    Else
        $crl = $objRecordSet.fields(0).value
    EndIf

Any help?

Thanks in advance

Peppe

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!

Register a new account

Sign in

Already have an account? Sign in here.

Sign In Now
  • Recently Browsing   0 members

    • No registered users viewing this page.
×
×
  • Create New...