|
|
|||||||
Hi Guys, I'm new here. I would like to know, how to validate if a user has a certain nested group. Has anyone ever been in this situation? |
||||||||
|
|
|||||||
Check out this post: http://www.kixtart.org/forums/ubbthreads...true#Post197339 Glenn |
||||||||
|
|
|||||||
Thank You Glenn, I Try use this code, but i'm don't know how make a validation. =( exemple: I need validate if the User Quintela have a subgroup TEST. my incomplete code is: Code: ;SERVERS $server1="\\BRSP03001A" $server2="\\BRSP03017A" Break ON $objSysInfo = CreateObject("ADSystemInfo") "User is a member of the following: "+@CRLF For Each $sGroup in GetGroups("LDAP://"+$objSysInfo.username,">") $sGroup+@CRLF Next @CRLF @CRLF @CRLF IF "GG_BRSP03017A_EMPRESA_MAP_DRIVE" IN $sGroup USE J: $server2+"\empresas$" ENDIF Function GetGroups($vStart,Optional $sIndent) Dim $sGroupList, $sGroup If Not (9 = VarType($vStart)) $vStart=GetObject($vStart) EndIf If Not (9 = VarType($vStart)) Exit 87 EndIf $sGroupList=$vStart.GetEx("memberOf") If @ERROR Exit 0 EndIf For Each $sGroup in $sGroupList If Not(ASCan($GetGroups,$sGroup)+1) OR $sIndent $GetGroups=Split(Join($GetGroups,Chr(10))+Chr(10)+SubStr($sIndent,2)+$sGroup,Chr(10)) EndIf For Each $sChain in GetGroups("LDAP://"+$sGroup,$sIndent+Left($sIndent,1)) If Not(ASCan($GetGroups,$sChain)+1) OR $sIndent $GetGroups=Split(Join($GetGroups,Chr(10))+Chr(10)+$sChain,Chr(10)) EndIf Next Next $GetGroups=Split(SubStr(Join($GetGroups,Chr(10)),2),Chr(10)) EndFunction Function SplitNE($String, Optional $SplitChar) Dim $Array[0],$NumMembers,$NewMember,$MemberFound,$LenStr,$i,$ChkChr $String = "" + $String $SplitChar = "" + $SplitChar If $SplitChar = "" $SplitChar = " " EndIf $LenStr = Len($String) $NumMembers = 0 $NewMember = "" $MemberFound = 0 For $i = 1 To $LenStr $ChkChr = SubStr($String,$i,1) If InStr($SplitChar,$ChkChr) If $NewMember ; If member contains text, add to array ReDim Preserve $Array[$NumMembers] $Array[$NumMembers] = $NewMember $NewMember = "" $NumMembers = $NumMembers + 1 $MemberFound = 1 EndIf Else $NewMember = $NewMember + $ChkChr EndIf Next If $NewMember ; If only one (last) member ReDim Preserve $Array[$NumMembers] $Array[$NumMembers] = $NewMember $MemberFound = 1 EndIf If $MemberFound $SplitNE = $Array Else $SplitNE = 0 ; No members found EndIf EndFunction Function StrReverse($strInput) Dim $sc $sc = CreateObject("ScriptControl") $sc.Language = "VBScript" $StrReverse=$sc.Eval('StrReverse("'+$strInput+'")') EndFunction The error: ERROR : unexpected command! Script: C:\Windows\SYSVOL\sysvol\cmnet.cloud\scripts\testegrupo.src Line : 18 it's just validation error: IF "GG_BRSP03017A_EMPRESA_MAP_DRIVE" IN $sGroup USE J: $server2+"\empresas$" ENDIF |
||||||||
|
|
|||||||
Line 18 is invalid code indeed. Running the code below gives me "member" even if I'm in a nested group. No need for fancy coding, simple is better most of the times. Code: Break on $group = "Groupname" If InGroup($group) ? "member" ;Map drive Else ? "not a member" ;Do not map drive EndIf Sleep 5 |
||||||||
|
|
|||||||
Quote: Break ON $objSysInfo = CreateObject("ADSystemInfo") ? "User is a member of the following: " For Each $sGroup in GetGroups("LDAP://"+$objSysInfo.username,">") ? $sGroup Next @CRLF @CRLF @CRLF @CRLF $group = "GG_BRSP03017A_EMPRESA_MAP_DRIVE" If InGroup($group) ? "member" ;Map drive Else ? "not a member" ;Do not map drive EndIf @CRLF @CRLF @CRLF @CRLF ;"Computer is a member of the following: "+@CRLF ;For Each $sGroup in GetGroups("LDAP://"+$objSysInfo.computername,">") ; $sGroup+@CRLF ;Next Function GetGroups($vStart,Optional $sIndent) Dim $sGroupList, $sGroup If Not (9 = VarType($vStart)) $vStart=GetObject($vStart) EndIf If Not (9 = VarType($vStart)) Exit 87 EndIf $sGroupList=$vStart.GetEx("memberOf") If @ERROR Exit 0 EndIf For Each $sGroup in $sGroupList If Not(ASCan($GetGroups,$sGroup)+1) OR $sIndent $GetGroups=Split(Join($GetGroups,Chr(10))+Chr(10)+SubStr($sIndent,2)+$sGroup,Chr(10)) EndIf For Each $sChain in GetGroups("LDAP://"+$sGroup,$sIndent+Left($sIndent,1)) If Not(ASCan($GetGroups,$sChain)+1) OR $sIndent $GetGroups=Split(Join($GetGroups,Chr(10))+Chr(10)+$sChain,Chr(10)) EndIf Next Next $GetGroups=Split(SubStr(Join($GetGroups,Chr(10)),2),Chr(10)) EndFunction ; Sub-Function for returning nested groups Function GetNested($objGroup) Dim $_colMembers, $_strMember, $_strPath, $_objNestedGroup, $_ERR ; init the return value to a null string $GetNested = '' ; get the collection $_colMembers = $objGroup.GetEx("memberOf") ; enumerate the collection For Each $_strMember in $_colMembers $_strPath = "LDAP://" + $_strMember $_objNestedGroup = GetObject($_strPath) $GetNested = $_objNestedGroup.CN Next Exit 0 EndFunction If I use this code, doesn't work, InGroup don't see nested groups. C:\Windows\SYSVOL\sysvol\cmnet.cloud\scripts>kix32 grouptest.src User is a member of the following: CN=MAPFAITEC,OU=Faitec,OU=USUARIOS,OU=ACCOR,DC=cmnet,DC=cloud >CN=GG_BRSP03017A_EMPRESAS_08BELASARTES_MODIFY,OU=008-HB289-BELAS ARTES,OU=EMPRESAS,OU=BRSP03017A,OU=GRUPOS,OU=ACCOR,DC=cmnet,DC=cloud >>CN=GG_BRSP03017A_EMPRESAS_08BELASARTES_READ,OU=008-HB289-BELAS ARTES,OU=EMPRESAS,OU=BRSP03017A,OU=GRUPOS,OU=ACCOR,DC=cmnet,DC=cloud >>>CN=DL_BRSP03017A_EMPRESAS_08BELASARTES_READ,OU=008-HB289-BELAS ARTES,OU=EMPRESAS,OU=BRSP03017A,OU=GRUPOS,OU=ACCOR,DC=cmnet,DC=cloud >>>CN=GG_BRSP03017A_EMPRESA_MAP_DRIVE,OU=EMPRESAS,OU=BRSP03017A,OU=GRUPOS,OU=ACCOR,DC=cmnet,DC=cloud >>>>CN=Citrix Fileshare ArquivosCMNet,OU=CITRIX,OU=GRUPOS,OU=ACCOR,DC=cmnet,DC=cloud >>>>CN=DL_BRSP03017A_EMPRESA_LIST,OU=EMPRESAS,OU=BRSP03017A,OU=GRUPOS,OU=ACCOR,DC=cmnet,DC=cloud >>CN=DL_BRSP03017A_EMPRESAS_08BELASARTES_MODIFY,OU=008-HB289-BELAS ARTES,OU=EMPRESAS,OU=BRSP03017A,OU=GRUPOS,OU=ACCOR,DC=cmnet,DC=cloud CN=Domain Admins,CN=Users,DC=cmnet,DC=cloud >CN=SophosAdministrator,CN=Users,DC=cmnet,DC=cloud >CN=Denied RODC Password Replication Group,CN=Users,DC=cmnet,DC=cloud >CN=Administrators,CN=Builtin,DC=cmnet,DC=cloud not a member Quote: Quote: |
||||||||
|
|
|||||||
What version of KiXtart are you using? |
||||||||
|
|
|||||||
Hi Mart, I'm using KiXtart 2010 4.67 / Copyright Ruud van Velsen 2016 Finally I Win! kkkkkkk I made the validation in the loop structure Code: CLS Break ON $objSysInfo = CreateObject("ADSystemInfo") $groupemp = "GG_BRSP03017A_EMPRESA_MAP_DRIVE" $groupfisc = "GG_BRSP03017A_PORTALFISCAL_MAP_DRIVE" For Each $sGroup in GetGroups("LDAP://"+$objSysInfo.username) IF substr($sGroup,4,IofSubStr($sGroup, ',OU=' , 1)-4) = $groupemp ? "MAP DRIVE EMP" EndIf IF substr($sGroup,4,IofSubStr($sGroup, ',OU=' , 1)-4) = $groupfisc ? "MAP DRIVE FISCAL" EndIf Next Function GetGroups($vStart,Optional $sIndent) Dim $sGroupList, $sGroup If Not (9 = VarType($vStart)) $vStart=GetObject($vStart) EndIf If Not (9 = VarType($vStart)) Exit 87 EndIf $sGroupList=$vStart.GetEx("memberOf") If @ERROR Exit 0 EndIf For Each $sGroup in $sGroupList If Not(ASCan($GetGroups,$sGroup)+1) OR $sIndent $GetGroups=Split(Join($GetGroups,Chr(10))+Chr(10)+SubStr($sIndent,2)+$sGroup,Chr(10)) EndIf For Each $sChain in GetGroups("LDAP://"+$sGroup,$sIndent+Left($sIndent,1)) If Not(ASCan($GetGroups,$sChain)+1) OR $sIndent $GetGroups=Split(Join($GetGroups,Chr(10))+Chr(10)+$sChain,Chr(10)) EndIf Next Next $GetGroups=Split(SubStr(Join($GetGroups,Chr(10)),2),Chr(10)) EndFunction function IofSubStr($Str,$Find,$Start) dim $ $=split(substr($Str,$Start),$Find) $IofSubStr=iif(0=ubound($),0,len($[0])+$Start) endfunction Thanks Glen and Mart!!! |