I spent around 10 hours on this yesterday and I still cannot understand why I cannot get this to work.

This is a bit of a complicated question as there are three parts to the question.

Question 1: Has a Kixtart update broken something?

The GetGroups Function - gives an Error in expression: this type of array not supported in expressions.

http://www.kixtart.org/forums/ubbthreads.php?ubb=showflat&Number=83438

I speak under correction, but if an UDF on the Kixtart is present, it has presumably been tested and working?

I have tried a couple of udf's similar to this one and got the same error message!

http://www.kixtart.org/forums/ubbthreads.php?ubb=showflat&Number=208912 This post highlights the problem as well. If I have understood what I have read correctly, either Kixtart or ldap is converting text to array or vice versa and you need to put a @crlf somewhere in the coding for udf's like GetGroups function. This I presume forces Kixtart to use a string instead of array I think.

Using the GetGroups function, I managed to modify the code to get rid of the array error message. But then I get a missing ) error message! I had the same result with another udf, getting rid of the array error message then resulted in a missing ) error message, despite the fact that there are no missing ) anywhere!

To me, this feels like a bug, given that a Kixtart UDF hosted on Kixtart, that presumably used to work no longer works, and given that the solution as shown in another post is to add a @crlf to break the line as it were!

A lot of of people seem to be having problems with this. It's not just me! Is this a Kixtart, Ldap or what? bug? Is

Question 2: What I was actually trying to do. How do I fix!

What I am trying to achieve (and so far cannot) is to lookup the list of Security Groups in a particular OU and then check if the currently logged on user is a member of any of those particular security groups and display the output to console.

I created this code to do this:

[code]
Function JobRole()

Dim $objADsPath, $obj, $userSecurityGroups

$objADsPath = GetObject("LDAP://OU=JobRole,DC=%Userdomain%,DC=internal")

$userSecurityGroups = $objADsPath.GetEx("member")

If @Error = 0
For Each $obj In $userSecurityGroups
If INGROUP(GetObject("LDAP://" + $obj).cn)
? "Job Role is: " + GetObject("LDAP://" + $obj).cn
EndIf
Next
Else
? "Error retrieving security groups: " + @Error
? "Error description: " + @SERROR
EndIf

EndFunction
/code]

Because I updated and changed this code so many times yesterday trying to get it to work, I can't guarantee it's accurate at the moment, but I have reached my limit.

The error message I get for this function (which I cannot resolve) is -Error description: com exception error "getex" (Active Directory - The directory property cannot be found in the cache.)

After hours of trying, I abandoned this script and started looking at the scripts on the Kixtart website, but then I kept running into this Error in expression: this type of array not supported in expressions. And when I manage to get rid of that message, I always end up with this stupid missing ) error message - which I can't fix.

My code doesn't work at all in the sense it returns nothing. The GetGroups Function does stop on the array not supported error, but it does at least correctly identify what groups the logged on user is in and displays the output. In my networks, I create a user and add them to a job role security group. Then I add that job role to other security groups which control access to mapped drives, printers etc. So I am quite happy to use the GetGroups function (providing I can fix the array message message and update to using LDAP instead of WinNT.

Question 3: Is there a better way than using Getobject LDAP?

95% of my kixtart scripts is checking and setting registry entries as well as using standard kixtart built in functions such as if ingroup etc. So I don't spend a lot of time, hardly any, working on LDAP queries or Getobject etc. However, I really struggled for hours yesterday using my own script as well as two scripts off Kixtart website and basically am going round in circles.

Is there a simpler and better way to get Kixtart to lookup a list of elements in active directory and do something with that information. I cannot believe how hard this is to do. Even Chatgpt could not fix the issue. I either cannot cache the result, or I get an error in array or I keep running into this missing ) problem! There has to be a simpler way?

Conclusion.

I don't mind how I get the information - using the GetGroups Function, my JobRole Function or some other Kixtart method. As long as it works and uses modern coding so LDAP instead of WinNT for example. As my network usually has a user added to one Security Group, it probably is better to go with that option because then it's easy to see if a user has been added to a group incorrectly if it shows all security groups. Would be nice to exclude domain users group from the results though!

But I would also like to know if there is some kind of bug!