|
|
|||||||
I have tried several variants on this and can't seem to find the exact syntax needed. I continually get error -2147352567 for both @error printouts. $User is passed earlier in the code I know that it is getting translated correctly. Using KiX 4.60 Windows Server 2003 SP2 KiXForms .Net Version 1 Code: $WS = GetObject("LDAP://CN=UPM_Test,OU=Login Script,OU=!Development,DC=MyDomain,DC=SubDomain,DC=SubDomain2,DC=TopLevel") $Nul = TranslateName(3,"",3,@domain+"\"+$User,1)[0] $WS.add ($nul.ADsPath) @ERROR + @SERROR + @CRLF $WS.Setinfo @ERROR + @SERROR Version 2 Code: $WS = GetObject("LDAP://CN=UPM_Test,OU=Login Script,OU=!Development,DC=MyDomain,DC=subdomain,DC=subdomain2,DC=toplevel") $Nul = TranslateName(3,"",3,@domain+"\"+$User,1)[0] $WS.PutEx (3,"member",$Nul) $WS.Setinfo |
||||||||
|
|
|||||||
I think I remember seeing a post or two from Shawn saying that there are COM issuses with 4.60.. Can you try 4.53? Thanks, Kent |
||||||||
|
|
|||||||
I've not done this so this may be off base, but doesn't the group and the user have to be an object? Maybe this will work? Code: $WS = GetObject("LDAP://CN=UPM_Test,OU=Login Script,OU=!Development,DC=MyDomain,DC=SubDomain,DC=SubDomain2,DC=TopLevel") $User =Getobject(TranslateName(3,"",3,@domain+"\"+$User,1)[0]) $WS.add ($User.ADsPath) @ERROR + @SERROR + @CRLF $WS.Setinfo @ERROR + @SERROR I don't know what Translatename returns, so its possible you will need something like $User=getobject("LDAP://" + TranslateName... ) |
||||||||
|
|
|||||||
Not sure that you need translate name do you? Here is the Microsoft VB rendition of it. I went and looked and I don't currently have any KiX code for it either. I've always used the WinNT for most user/group management. Code: Set objOU = GetObject("LDAP://OU=Management,dc=fabrikam,dc=com") Set objGroup = objOU.Create("Group", "cn=atl-users") objGroup.Put "sAMAccountName", "atl-users" objGroup.SetInfo objGroup.Add objUser.ADSPath |
||||||||
|
|
|||||||
Or perhaps this link Add a User to Two Security Groups |
||||||||
|
|
|||||||
@ Doc, As to the link you provided, that is what I started with, and what lead to the second version. However if you could give me an example with WinNT I am open to using it as well, just everything that I found had to do with LDAP. @ Allen / Kyder - I will try those solutions and see what happens. I will update probably tomorrow. |
||||||||
|
|
|||||||
4.53 Did not make a diffence. Declaring both as Objects worked for the ADD, but what is the command for delete. WS.ADD - This worked as expected WS.Delete - Not so well same error as before. I am sure it is just me. |
||||||||
|
|
|||||||
See How Can I Remove Group Members Whose User Accounts Reside in a Specific OU? http://www.microsoft.com/technet/scriptcenter/resources/qanda/jan08/hey0102.mspx Below is probably the important part... just not sure how the user/array part would go without some testing Code: $ADS_PROPERTY_DELETE=4 $objGroup.PutEx $ADS_PROPERTY_DELETE, "member", array(strUser) $objGroup.SetInfo |
||||||||
|
|
|||||||
Allen as you can tell I tried that with Version 2 of my code (exchange the 3 and 4) I got the syntax from other examples I found here. Who knows.... |
||||||||
|
|
|||||||
Can't promise, but if I get some time tomorrow I'll try and see if I can get it to work Garg. |
||||||||
|
|
|||||||
Garg, so what did the final "add" code look like? |
||||||||
|
|
|||||||
Here is the entire snippet Code: If $Checks[2] = -1 ;VPN ADD $Nul = WriteLine($FH,"Function Requested = VPN ADD"+@CRLF) UpdateProgress(25) $Label3.Text = "Adding VPN - Telecommute to user "+$User $WS = GetObject("LDAP://CN=UPM_Test,OU=Login Script,OU=!Development,DC=Fabrikom,DC=Microsoft,DC=Com") $Usr = GetObject("LDAP://"+ TranslateName(3,"",3,@domain+"\"+$User,1)[0]) $WS.add ($Usr.ADsPath) $WS.Setinfo If @Error = 0 $Nul = WriteLine($FH,"Added user "+$user+" to TermTelecom "+@Date+"-"+@Time+@CRLF) Else $Label3.Text = "Add User failed, please open a ticket!" EndIf ClearForm() EndIf Just have to get the delete to work now. |
||||||||
|
|
|||||||
I havent tried the following code, but based on the examples from MS Code: dim $usr[0] $WS = GetObject("LDAP://CN=UPM_Test,OU=Login Script,OU=!Development,DC=MyDomain,DC=subdomain,DC=subdomain2,DC=toplevel") $usr[0] = TranslateName(3,"",3,@domain+"\"+$User,1)[0] $WS.PutEx (4,"member",$usr) $WS.Setinfo |
||||||||
|
|
|||||||
Thanks Allen, I will look into this on Monday. |
||||||||
|
|
|||||||
Hey Garg, I just finished working on a couple of UDFs and I'm pretty sure the code I posted previously was wrong on the split. So... I updated my code above to what I think will work. Let me know. |
||||||||
|
|
|||||||
Thanks Allen, haven't had a chance to get back to this as of yet. So many projects, so little people to work on them. |
||||||||
|
|
|||||||
Allen, I am very happy to report that did the trick. So the big change was to convert the $usr to an Array? I appreciate all the help. Now on to more added features for this. |
||||||||
|
|
|||||||
Cool... I learned quite a bit about LDAP between your's and Mart's requests this week. Thanks. |
||||||||
|
|
|||||||
When I get done with this script I am going to attempt the clean up / sanitization of it and will post it here for those that want to play with some of the same features. Once I have the GUI flushed out I will post it so everone gets the idea of what I have done as well. But it is a ways off as it is project 12 of 32 that I am assigned to right now. |
||||||||
|
|
|||||||
I know I am late to react but this I used for the longest time and always works (2000,2003 and even in 2008) Code: $WS = GetObject("LDAP://CN=UPM_Test,OU=Login Script,OU=!Development,DC=MyDomain,DC=SubDomain,DC=SubDomain2,DC=TopLevel") $Nul = TranslateName(3,"",3,@domain+"\"+$User,1) $Nul = GetObject("LDAP://"+$Nul[0]) $WS.Add($nul.ADsPath) @ERROR + @SERROR + @CRLF $WS.Setinfo @ERROR + @SERROR |
||||||||
|
|
|||||||
Apronk, that is basically the code that I used for ADDING, and the stuff that Allen helped devolop was to DELETE (that was a bit trickier). I will convert my code to an UDF and post it in the future. |
||||||||
|
|
|||||||
What is trickier ? replace .Add with .Remove |
||||||||
|
|
|||||||
Ah see there is the issue, I did not know what the method was, I tried .Delete and few other variants of that, but not .Remove When searching the MS site, I did not find anything other than the use of putex. |
||||||||
|
|
|||||||
PutEx in LDAP scripting is basically by rule of thumb (not neccesarily true) only used when you the the value "nothing". For instance remove a description, can only be done by PutEx. |