Page 1 of 2 12>
Topic Options
#138406 - 2005-04-21 08:19 PM TranslateName() & InContainer() - What OU am I in?
jdogg Offline
Getting the hang of it

Registered: 2003-09-11
Posts: 91
Loc: RTP, North Cakalaka, USA
Hi,
I am trying out the excellent UDF's TranslateName() and InContainer() to get away from basing everything off of global group membership.

I am pretty sure I have the OU structure written out right, but InContainer() still reports that my machine is not a member of the OU I am specifying or a child of it... even though I know my machine IS a member.

Using these UDF's, how do I output the name of the OU that it THINKS my machine is in so that I can see where I'm wrong?

Thanks!

Code:

$rc = InContainer ("OU=US-RTP,OU=Admin US-RTP,OU=Clients,DC=na,DC=agrogroup,DC=net", "Computer")
Select
Case $rc[0]=1 $lblThree.text="object is a member of the specified container."
Case $rc[0]=2 $lblThree.text="object is a member of a child container lower in the hierarchy."
Case $rc[0]=0 $lblThree.text="object is NOT a member of this container or a child of this container."
Case $rc[0]=-1 $lblThree.text="InContainer() Error - Invalid input for $NameType "
Case $rc[0]=-2 $lblThree.text="TranslateName() Error"
Case 1 $lblThree.text="Unknown return code"
EndSelect


Top
#138407 - 2005-04-21 09:16 PM Re: TranslateName() & InContainer() - What OU am I in?
Les Offline
KiX Master
*****

Registered: 2001-06-11
Posts: 12734
Loc: fortfrances.on.ca
It is probably that hyphen in the OU name "US-RTP" that needs to be escaped.
_________________________
Give a man a fish and he will be back for more. Slap him with a fish and he will go away forever.

Top
#138408 - 2005-04-21 09:20 PM Re: TranslateName() & InContainer() - What OU am I in?
NTDOC Administrator Offline
Administrator
*****

Registered: 2000-07-28
Posts: 11603
Loc: CA
Well I'm sure someone will come along with the code to do it, but since I don't have it right off hand and don't feel like searching for it.

Try this cool little KiXform script written by Chris S.
It will allow you to copy the OU as a string needed by KiX.

KiXforms - Active Directory Browser

It could also be that you have some other invalid code somewhere else in your script.

Top
#138409 - 2005-04-21 09:30 PM Re: TranslateName() & InContainer() - What OU am I in?
jdogg Offline
Getting the hang of it

Registered: 2003-09-11
Posts: 91
Loc: RTP, North Cakalaka, USA
Thanks I will try that and let you guys know what happens.
Les... "escaped"? "US-RTP" is the OU name...
Maybe I don't understand. I will try what NTDOC suggested.
You guys are the best!!
-Jdogg

Top
#138410 - 2005-04-21 09:32 PM Re: TranslateName() & InContainer() - What OU am I in?
maciep Offline
Korg Regular
*****

Registered: 2002-06-14
Posts: 947
Loc: Pittsburgh
I don't think hyphens(-) need to be escaped. What do you get if you run

Code:
  
break on

? getOU(@wksta)

function getOU($computer)
dim $objRootDSE,$strDomain,$objConnection
dim $objCommand,$objRecordSet,$dn

$getOU = "Not Found"
$objRootDSE = GetObject("LDAP://RootDSE")
$strDomain = $objRootDSE.Get("DefaultNamingContext")
$objConnection = CreateObject("ADODB.Connection")
$objConnection.Open("Provider=ADsDSOObject;")
$objCommand = CreateObject("ADODB.Command")
$objCommand.ActiveConnection = $objConnection
$objCommand.CommandText = "SELECT distinguishedName FROM 'LDAP://" + $strDomain +
"' WHERE objectCategory='computer' and cn='" + $computer + "'"
$objRecordSet = $objCommand.Execute()
While Not $objRecordSet.EOF
$dn = $objRecordSet.Fields("distinguishedName").Value
$getOU = right($dn, len($dn) - instr($dn, ","))
$objRecordSet.MoveNext
loop
endfunction


Top
#138411 - 2005-04-21 10:00 PM Re: TranslateName() & InContainer() - What OU am I in?
Les Offline
KiX Master
*****

Registered: 2001-06-11
Posts: 12734
Loc: fortfrances.on.ca
I get "Not Found"

What is this line supposed to do?
$objCommand.CommandText = " ";distinguishedName,name,distinguishedName;subtree"
_________________________
Give a man a fish and he will be back for more. Slap him with a fish and he will go away forever.

Top
#138412 - 2005-04-21 10:02 PM Re: TranslateName() & InContainer() - What OU am I in?
Howard Bullock Offline
KiX Supporter
*****

Registered: 2000-09-15
Posts: 5809
Loc: Harrisburg, PA USA
If you just use TranslateName() to return your distinguished name what does it return? How does that compare to your string you submit to InContainer()? Please post the DN returned from TRanslateName().

Edited by Howard Bullock (2005-04-21 10:03 PM)
_________________________
Home page: http://www.kixhelp.com/hb/

Top
#138413 - 2005-04-21 10:29 PM Re: TranslateName() & InContainer() - What OU am I in?
maciep Offline
Korg Regular
*****

Registered: 2002-06-14
Posts: 947
Loc: Pittsburgh
That's odd, i can't seem to put the LDAP query part itself in the post. Anyway, it searches AD for the machine and reports back the OU the machines in. But it's no good without that part...

Changed the query structure and updated the original code.


Edited by maciep (2005-04-21 10:44 PM)

Top
#138414 - 2005-04-21 10:44 PM Re: TranslateName() & InContainer() - What OU am I in?
Les Offline
KiX Master
*****

Registered: 2001-06-11
Posts: 12734
Loc: fortfrances.on.ca
Maybe I should have been more precise... it's just that the line has 3 quotes... sort of an odd number. Wondered if I hade to tweak it or something.
_________________________
Give a man a fish and he will be back for more. Slap him with a fish and he will go away forever.

Top
#138415 - 2005-04-21 10:47 PM Re: TranslateName() & InContainer() - What OU am I in?
Les Offline
KiX Master
*****

Registered: 2001-06-11
Posts: 12734
Loc: fortfrances.on.ca
K, got your edit and tried it... returns:

OU=Laptops,OU=Computers,OU=FF,OU=CACC,DC=cacc,DC=local
_________________________
Give a man a fish and he will be back for more. Slap him with a fish and he will go away forever.

Top
#138416 - 2005-04-21 10:51 PM Re: TranslateName() & InContainer() - What OU am I in?
maciep Offline
Korg Regular
*****

Registered: 2002-06-14
Posts: 947
Loc: Pittsburgh
The CommandText property was orginally similar to how it is HERE

But i can't seem to post the less than sign (<) followed by "LDAP" or any letter(s) for that matter.

But that's far enough off topic, back to the subject at hand...

Top
#138417 - 2005-04-21 10:56 PM Re: TranslateName() & InContainer() - What OU am I in?
jdogg Offline
Getting the hang of it

Registered: 2003-09-11
Posts: 91
Loc: RTP, North Cakalaka, USA
Weird!!
It is reporting an OLD OU that I had my machine in some time ago:
CN=AUSRESC0200,OU=Computers,OU=US-RTP-Test,DC=na,DC=agrogroup,DC=net
This OU does not even exist anymore.
When I look at my machine in Active Directory Users and Computers, it shows in the correct OU.

Any quick suggestions? (I know this is not Kix related at this point)

Thanks Howard... that was what I needed!!

Top
#138418 - 2005-04-21 11:37 PM Re: TranslateName() & InContainer() - What OU am I in?
NTDOC Administrator Offline
Administrator
*****

Registered: 2000-07-28
Posts: 11603
Loc: CA
Just move your system to a different OU then back to the OU you want it to belong to. That should correct the issue. Troubleshooting why one system is not where you thought it should be could potentially be quite time consuming.
Top
#138419 - 2005-04-21 11:37 PM Re: TranslateName() & InContainer() - What OU am I in?
kholm Offline
Korg Regular
*****

Registered: 2000-06-19
Posts: 714
Loc: Randers, Denmark
jdogg,

This could be alarming. As I read it Your DC's are out of sync, so You get the LDAP-information from another DC than the one You made the changes on.

-Erik

Top
#138420 - 2005-04-22 12:04 AM Re: TranslateName() & InContainer() - What OU am I in?
jdogg Offline
Getting the hang of it

Registered: 2003-09-11
Posts: 91
Loc: RTP, North Cakalaka, USA
Erik,
Good point... as you said I was alarmed by this.
Especially since the last time my computer was in that OU was over a month ago when I was test out a group policy (as indicated by the word "test" in the OU name).
I will forward this "item of mention" to the uplevel domain admins.
If I am going to use this awesome script, I will need the LDAP to stay in sync.

Thanks again!

Top
#138421 - 2005-04-22 08:44 PM Re: TranslateName() & InContainer() - What OU am I in?
Howard Bullock Offline
KiX Supporter
*****

Registered: 2000-09-15
Posts: 5809
Loc: Harrisburg, PA USA
When you got the bad data, to which object type was Translatename() binding? Did you try binding to other object types (GC, Domain, Server)? This may also give you more information for the upper level domain admins to trouble shoot with as they will then know where you were getting your data?
_________________________
Home page: http://www.kixhelp.com/hb/

Top
#138422 - 2005-04-22 08:46 PM Re: TranslateName() & InContainer() - What OU am I in?
NTDOC Administrator Offline
Administrator
*****

Registered: 2000-07-28
Posts: 11603
Loc: CA
Microsoft has a lot of tools to confirm and verify how the AD is operating. I'm suprised other issues have not popped up if there really that far out of sync.
Top
#138423 - 2005-04-26 10:27 PM Re: TranslateName() & InContainer() - What OU am I in?
jdogg Offline
Getting the hang of it

Registered: 2003-09-11
Posts: 91
Loc: RTP, North Cakalaka, USA
Ugh! The uplevel Domain Admins looked at LDAP, and they don't even see the OU that my script is reporting on any of our three DC's.
They cannot find it anywhere in LDAP, and they can't tell where the script is looking for the information.
Is there somewhere specifically they can check that might show the inaccurate info?
This script works GREAT 90% of the time, but sometimes it reports a OU that does not exist anymore (and has not for some time now)

Thanks again!!
-jdogg

Top
#138424 - 2005-04-26 10:32 PM Re: TranslateName() & InContainer() - What OU am I in?
Howard Bullock Offline
KiX Supporter
*****

Registered: 2000-09-15
Posts: 5809
Loc: Harrisburg, PA USA
You have not answered my previous questions? Have you used TranslateName and tried to bind to each object type and tested the results.
_________________________
Home page: http://www.kixhelp.com/hb/

Top
#138425 - 2005-04-26 10:59 PM Re: TranslateName() & InContainer() - What OU am I in?
jdogg Offline
Getting the hang of it

Registered: 2003-09-11
Posts: 91
Loc: RTP, North Cakalaka, USA
I hate to do this but I am going to plead n00b here.
I would gladly do what you asked, but I don't know where to begin.
I don't even know what your UDF's do, honestly, but it seems to work for me so I used it.
Perhaps this code would help (to show you exactly how I am using it and what I am looking for)
Thanks!
-jdogg
Code:
 Function LANDESK()
If $Client = "Windows 2000 Workstation" OR $Client = "Windows XP Workstation"
If InGroup("\\@wksta\administrators")=0
Return
EndIf
If Exist ("%SYSTEMDRIVE%\NWSUTIL\ldesk81installed.txt")
Return
EndIf
If Exist ("%SYSTEMDRIVE%\NWSUTIL\NoLanDesk.txt")
$JUNK=RedirectOutput("\\ausress0001\groups\workstation list\ExcludedFromLanDesk.log")
?"@WKSTA,@Userid,$Client,@Time,@Day,@Date,@IPaddress0,ExcludedFromLanDesk"
$JUNK=RedirectOutput("")
Return
EndIf
$rc = InContainer ("OU=Clients,OU=Admin US-RTP,OU=US-RTP,DC=na,DC=agrogroup,DC=net", "Computer")
Select
Case $rc[0]=1
$lblThree.ForeColor = 220,20,60
$lblThree.text="LanDesk will now be installed in the background."
Sleep 5
Run "\\AGRVA2.na.agrogroup.net\ldlogon\wscfg32 /IP /STATUS /SCRIPT /F /IP /NOUI /NOREBOOT /CONFIG=BCS_RTPstacfg.ini"
$JUNK=RedirectOutput("%SYSTEMDRIVE%\NWSUTIL\ldesk81installed.txt")
?"----------------------------------"
?"First install of LanDesk 8.1"
?"@Time,@Day,@Date"
? "(@Userid) is logging onto @WKSTA, running $Client."
$JUNK=RedirectOutput("")
$lblThree.text=""
$lblThree.ForeColor = 0,0,0
Case $rc[0]=2
$lblThree.text="object is a member of a child container lower in the hierarchy."
Case $rc[0]=0
$lblThree.text="object is NOT a member of this container or a child of this container."
Case $rc[0]=-1
$lblThree.text="InContainer() Error - Invalid input for $NameType "
Case $rc[0]=-2
$lblThree.text="TranslateName() Error"
Case 1
$lblThree.text="Unknown return code"
EndSelect
EndIf
EndFunction

FUNCTION INCONTAINER($Container, $NameType)
;ACTION Determines if the current NT4 account name type is a member of a specific container (OU, Computers, etc)
; in Active Directory
;PARAMETERS $Container (Required)
; - String value
; Dinstinghished name of the container to check. This must be the fully qualified DN to
; accurately make a determination.
; $NameType (Required)
; - String value
; "Computer" or "User" are currently the only valid values
;REMARKS This function returns true if the object being checked in the the specified container
; or a child container of that specified.
;
;RETURNS An ARRAY of three values:
; InContainer return code
; 1 = object is a member of the exact container specified.
; 2 = object is a member of the container hierarchy.
; 0 = object is not a member of the container hierarchy.
; -1 = Invalid input for $NameType
; -2 = Error in TranslateName
; TranslateName ErrorCode
; TranslateName ErrorText
;
;DEPENDENCIES OS: Active Directory aware client
; Other Functions: TranslateName()
;
;EXAMPLES $rc = InContainer ("OU=test,OU=9826,OU=NCS,OU=Machines,DC=us,DC=tycoelectronics,DC=com", "Computer")
; select
; case $rc[0]=1 ? "object is a member of the specified container."
; case $rc[0]=2 ? "object is a member of a child container lower in the hierarchy."
; case $rc[0]=0 ? "object is NOT a member of this container or a child of this container."
; case $rc[0]=-1 ? "InContainer() Error - Invalid input for $NameType "
; case $rc[0]=-2 ? "TranslateName() Error"
; case 1 ? "Unknown return code"
; endselect
;
;
Dim $CurrentContainer, $Name1, $Name2, $Found, $commaloc
Select
Case $NameType = "Computer" $Name1 = @Domain + "\" + @wksta + "$$"
Case $NameType = "User" $Name1 = @LDomain + "\" + @UserID
Case 1 $Name1 = ""
EndSelect
If $Name1 <> ""
$Name2 = TranslateName (3, "", 3, $Name1, 1)
If $Name2[1] = 0
$Found=0
While $Found=0
$commaloc = instr($Name2[0], ",")
If $commaloc > 1
If substr($Name2[0],$commaloc-1,1) = "\"
$Name2[0] = substr($Name2[0], $commaloc+1)
Else
$Found=1
$CurrentContainer = substr($Name2[0], $commaloc+1)
EndIf
Else
$Found=1
Endif
Loop
Select
Case $CurrentContainer=$Container $InContainer = 1, $Name2[1], $Name2[2]
Case instr($Name2[0], $Container) $InContainer = 2, $Name2[1], $Name2[2]
Case 1 $InContainer = 0, $Name2[1], $Name2[2]
EndSelect
Else
$InContainer = -2, $Name2[1], $Name2[2]
EndIf
Else
$InContainer = -1, 0, ""
Endif
EndFunction

Function TranslateName ($InitType, $BindName, $LookupNameType, $LookupName, $ReturnNameType)
Dim $InitType, $BindName, $LookupNameType, $LookupName, $ReturnNameType
Dim $NameTranslate, $ReturnName, $Error, $ErrorText
$Error = 0
$ErrorText = ""
$ReturnName = ""
$NameTranslate = CREATEOBJECT ("NameTranslate")
$Error = @error
$ErrorText = @serror
If $Error = 0
$NameTranslate.Init ($InitType, $BindName)
$Error = @error
$ErrorText = @serror
If $Error = 0
$NameTranslate.Set ($LookupNameType, $LookupName)
$Error = @error
$ErrorText = @serror
If $Error = 0
$ReturnName = $NameTranslate.Get($ReturnNameType)
$Error = @error
$ErrorText = @serror
Endif
Endif
EndIf
$TranslateName = $ReturnName, $Error, $ErrorText
Endfunction


Top
Page 1 of 2 12>


Moderator:  Jochen, Allen, Radimus, Glenn Barnas, ShaneEP, Ruud van Velsen, Arend_, Mart 
Hop to:
Shout Box

Who's Online
0 registered and 241 anonymous users online.
Newest Members
dimi575, Drecksnacken, Nlill, webtools321, multiman
17734 Registered Users

Generated in 0.043 seconds in which 0.011 seconds were spent on a total of 13 queries. Zlib compression enabled.

Search the board with:
superb Board Search
or try with google:
Google
Web kixtart.org