Active Directory with Kixtart - KiXtart.org - official site

You are not logged in. [Log In] KiXtart.org website » Forums » KiXtart » Basic Scripting » Active Directory with Kixtart

Page 1 of 2

1

Topic Options

#206270 - 2012-11-26 05:43 PM Active Directory with Kixtart
kelp7 kelp7 Starting to like KiXtart Registered: 2002-08-12 Posts: 124 Loc: UK	Hi, Just a quick question about the feasibility of a script before I start any work on writing it. I gather from some quick searches of the bulletin board that it's possible to use Kixtart to interface with AD and therefore possible to read user's attributes (phone numbers etc). Would it also be possible to write back some information to those fields? If a user changed their phone number, it'd be useful if they could handle the admin of that task rather than I.T. handling it. Any advice much appreciated. Thanks!
Top

#206273 - 2012-11-26 06:20 PM Re: Active Directory with Kixtart [Re: kelp7]
Lonkero Lonkero KiX Master Guru Registered: 2001-06-05 Posts: 22346 Loc: OK	yes, it is possible. there is a neat UDF available that actually makes this really simple: http://www.kixtart.org/forums/ubbthreads.php?ubb=showflat&Number=206272 _________________________ ! download KiXnet
Top

#206276 - 2012-11-27 10:19 AM Re: Active Directory with Kixtart [Re: Lonkero]
kelp7 kelp7 Starting to like KiXtart Registered: 2002-08-12 Posts: 124 Loc: UK	That's fantastic, thanks for that. Are there any pre-requisites? I would presume you need to be able to have the rights to change the info, but i guess if it's your own user info that you're changing then you already have the correct permissions for this script to work...?
Top

#206277 - 2012-11-27 11:15 AM Re: Active Directory with Kixtart [Re: kelp7]
kelp7 kelp7 Starting to like KiXtart Registered: 2002-08-12 Posts: 124 Loc: UK	Also, do I have to customise the UDF at all? For instance putting in our DC / Domain Name anywhere? Or does it pick up all that sort of info by default?
Top

#206278 - 2012-11-27 11:26 AM Re: Active Directory with Kixtart [Re: kelp7]
kelp7 kelp7 Starting to like KiXtart Registered: 2002-08-12 Posts: 124 Loc: UK	Don't worry $\:\)$ I have run the script (with no parameters) and, as you say, it's very simple and has returned exactly my distinguished name. Thanks again for the help. Brilliant UDF.
Top

#206279 - 2012-11-27 11:33 AM Re: Active Directory with Kixtart [Re: kelp7]
Mart Mart KiX Supporter Registered: 2002-03-27 Posts: 4673 Loc: The Netherlands	A regular user does not have the privileges to change details in AD so if you want them to set their phone number for example they need to get the correct permissions to do this even if it is their own account. The UDF comes ready for use. The script calling it should pass any required info to the UDF for processing using at least the required UDF parameters. Example: Code: ADSIUserInfo("User", "Attribute", "Value") Do not forget to include the UDF code. _________________________ Mart - Chuck Norris once sold ebay to ebay on ebay.
Top

#206280 - 2012-11-27 11:58 AM Re: Active Directory with Kixtart [Re: Mart]
kelp7 kelp7 Starting to like KiXtart Registered: 2002-08-12 Posts: 124 Loc: UK	Thanks for that, I made a short script that retrieved my DN and then passed that back to the UDF again with a change to my telephone number. This worked as expected. I guess I'll have to do some research on how to get this working for a regular user.
Top

#206281 - 2012-11-27 12:56 PM Re: Active Directory with Kixtart [Re: kelp7]
kelp7 kelp7 Starting to like KiXtart Registered: 2002-08-12 Posts: 124 Loc: UK	I also believed, as you stated above, that a user would need elevated rights of some kind to make some changes to AD but I have just logged in as a standard user in our domain and exectued this following code: Code: Break on $x = ADSIUserInfo() $x sleep 2 ? "Set the telephone number attribute" $y = ADSIUserInfo($x,"telephoneNumber","12345678") sleep 2 Exit via Kix32.exe and it seems that the telephone number has been updated on this standard user, as expected! (not sure if that highlights a problem with our domain, or whether this is expected behaviour for this particular attribute). Cheers
Top

#206282 - 2012-11-27 01:57 PM Re: Active Directory with Kixtart [Re: kelp7]
Lonkero Lonkero KiX Master Guru Registered: 2001-06-05 Posts: 22346 Loc: OK	most likely not. I am pretty sure SELF token has more rights in AD than just read. _________________________ ! download KiXnet
Top

#206283 - 2012-11-27 02:41 PM Re: Active Directory with Kixtart [Re: Lonkero]
Glenn Barnas Glenn Barnas KiX Supporter Registered: 2003-01-28 Posts: 4401 Loc: New Jersey	OK, now I've seen it all! $\:\)$ Lonk increases his already astronomical post count by posting my UDF and then referencing it? I have to say I almost fell out of my chair laughing when I saw that! $\:D$ I'm also shocked that I never posted that before as I certainly referenced it several times... Thanks for correcting my oversight! I'll update the post with the v2.0 code in a bit. Glenn _________________________ Actually I am a Rocket Scientist! $\:D$
Top

#206284 - 2012-11-27 02:47 PM Re: Active Directory with Kixtart [Re: Glenn Barnas]
kelp7 kelp7 Starting to like KiXtart Registered: 2002-08-12 Posts: 124 Loc: UK	V2? Interesting.... what's new? $\:\)$
Top

#206285 - 2012-11-27 02:49 PM Re: Active Directory with Kixtart [Re: kelp7]
Glenn Barnas Glenn Barnas KiX Supporter Registered: 2003-01-28 Posts: 4401 Loc: New Jersey	Kelp, The UDF returns the current user's DN string when called without args.. You can code something like this: Code: $MyDN = ADSIUserInfo() $PVal = ADSIUserInfo($MyDN, 'attrib') ; get current value $NVal = ADSIUserInfo($MyDN, 'attrib', 'NewVal') ; set new and then read If @ERROR Or $PVal = $NVal 'oops! something went horribly wrong!' @CRLF @SERROR @CRLF 'Prior: ' $PVal ' / New: ' $NVal @CRLF EndIf Also - the latest version of all the UDFs that I write or use are available from the Resources / Kix UDF Library of my web site. As we enhance these UDFs, the most current version is pulled from our dev library and formatted for display nightly. Version 2.0 can be downloaded, which allows you to use an array of attributes and values to get/set more than one. Glenn _________________________ Actually I am a Rocket Scientist! $\:D$
Top

#206287 - 2012-11-27 03:26 PM Re: Active Directory with Kixtart [Re: Glenn Barnas]
kelp7 kelp7 Starting to like KiXtart Registered: 2002-08-12 Posts: 124 Loc: UK	Glenn, Thanks very much for the full explanation. I'm going to be writing a small Kixforms-based compiled script to allow users to modify their Phone Number, Job Title and Dept in AD so this UDF is going to be very useful. It's interesting that if you google this kind of utility some companies are charging an awful lot of money for their tools to do this! Thanks again Ben
Top

#206288 - 2012-11-27 03:36 PM Re: Active Directory with Kixtart [Re: Lonkero]
Mart Mart KiX Supporter Registered: 2002-03-27 Posts: 4673 Loc: The Netherlands	Originally Posted By: Lonkero .... I am pretty sure SELF token has more rights in AD than just read. Sorry, my bad. Completely missed the SELF token _________________________ Mart - Chuck Norris once sold ebay to ebay on ebay.
Top

#206289 - 2012-11-27 04:24 PM Re: Active Directory with Kixtart [Re: Mart]
kelp7 kelp7 Starting to like KiXtart Registered: 2002-08-12 Posts: 124 Loc: UK	Just so I fully understand the thread, could you explain the SELF token? Presumably part of AD? Is this addressed / referenced in the UDF itself somewhere? I searched the UDF for 'SELF' but nothing found.
Top

#206290 - 2012-11-27 04:32 PM Re: Active Directory with Kixtart [Re: kelp7]
Glenn Barnas Glenn Barnas KiX Supporter Registered: 2003-01-28 Posts: 4401 Loc: New Jersey	"SELF" is an AD security attribute, somewhat akin to "owner" of a file. Run ADSIEdit on your DC, select your user object, and click Properties, then view the security tab and you'll see what we mean. Glenn _________________________ Actually I am a Rocket Scientist! $\:D$
Top

#206291 - 2012-11-27 04:49 PM Re: Active Directory with Kixtart [Re: Glenn Barnas]
kelp7 kelp7 Starting to like KiXtart Registered: 2002-08-12 Posts: 124 Loc: UK	Okay, that's excellent, found it $\:\)$ (you may realise at this point i'm not a sys admin $\:\)$ ) Thanks all for the help!
Top

#206293 - 2012-11-27 05:57 PM Re: Active Directory with Kixtart [Re: kelp7]
Lonkero Lonkero KiX Master Guru Registered: 2001-06-05 Posts: 22346 Loc: OK	oh no, the original question already revealed that. $\:\)$ _________________________ ! download KiXnet
Top

#206295 - 2012-11-28 04:20 AM Re: Active Directory with Kixtart [Re: Lonkero]
ShaneEP ShaneEP MM club member Registered: 2002-11-29 Posts: 2127 Loc: Tulsa, OK	Now you should find kixforms.org and write your own gui form to make it easier to make the property changes.
Top

#206299 - 2012-11-28 12:19 PM Re: Active Directory with Kixtart [Re: ShaneEP]
kelp7 kelp7 Starting to like KiXtart Registered: 2002-08-12 Posts: 124 Loc: UK	ShaneEP, yep exactly what I said I'm going to do a few posts above here. Will make it a lot more user friendly. Will also compile via kix2exe.
Top

Page 1 of 2

1

Previous Topic

Previous Topic View All Topics

View All Topics

Index Next Topic

Next Topic

Moderator: Jochen, Allen, Radimus, Glenn Barnas, ShaneEP, Ruud van Velsen, Arend_, Mart

Hop to:

Shout Box

Who's Online

0 registered and 874 anonymous users online.

Newest Members

StuTheCoder, M_Moore, BeeEm, min_seow, Audio
17884 Registered Users

Generated in 0.038 seconds in which 0.013 seconds were spent on a total of 14 queries. Zlib compression enabled.

click tracking