#198217 - 2010-03-26 10:35 PM
LDAP queries
|
BOM
Just in Town
Registered: 2010-03-26
Posts: 4
Loc: Boston, MA, USA
|
I need to pull a lot of info from AD for a login script. I am an average Kix scripter but little LDAP experience. I want to do the following:
- Get a list of groups in an specific OU and put into an array - For each group get the Notes attribute. I can get the Description below but I need the Notes. $A = GetObject("WinNT://xenlab/printcomputers,group") ? $A.Description
I would appreciate any help on this! Thanks
|
Top
|
|
|
|
#198219 - 2010-03-27 11:48 AM
Re: LDAP queries
[Re: BOM]
|
ChristopheM
Hey THIS is FUN
Registered: 2002-05-13
Posts: 309
Loc: STRASBOURG, France
|
have a look at fnLDAPQuery function.
fnLDAPQuery(WHAT, Optional FROM, Optional FILTER, Optional ORDER BY, Optional SCOPE, Optional USER, Optional PASSWORD) - WHAT is a list of attributes to get value
- FROM is the root container from which you start the search. This can be the root of your ad but it can also be a specific OU (give the full ldap name)
- FILTER is a string to specify what you are looking for (this is the Where clause in a select query)
- ORDER By to sort the result on a specific attribute
- SCOPE specify if the search is only in the container, only in all containers one-level under the base container (but not in the base container) or in the base container and all sub-containers.
example:
$what = "displayname", "description", "admindescription"
$from = "LDAP://CN=Users,DC=Fabrikam,DC=COM"
$filter = "(&(objectCategory=group)(objectClass=group))"
$sort = "displayname"
$base = "BASE"
$arrResult = fnLDAPQuery( $what, $from, $filter, $sort, $base )
if @error
;-- error --
else
for $i = 0 to UBound( $arrResult,1 )
"object n°" $i ?
for $j = 0 to UBound( $arrResult,2 )
" " $what[$j] " : "
if vartype($arrResult[$i, $j]) & 8192
?
for each $item in $arrResult[$i, $j]
" " $item ?
next
else
$arrResult[$i, $j] ?
endif
next
next
endif
This code is not tested because i am at home without AD or LDAP server. You may change $what and $from
Edited by ChristopheM (2010-03-27 11:58 AM)
_________________________
Christophe
|
Top
|
|
|
|
#198224 - 2010-03-28 12:54 AM
Re: LDAP queries
[Re: Glenn Barnas]
|
BOM
Just in Town
Registered: 2010-03-26
Posts: 4
Loc: Boston, MA, USA
|
Thanks guys, Much appreciated. I am in the process of setting up an AD lab to test this. I will post my final tested scripts when done.
|
Top
|
|
|
|
#198284 - 2010-03-30 09:58 PM
Re: LDAP queries
[Re: BOM]
|
BOM
Just in Town
Registered: 2010-03-26
Posts: 4
Loc: Boston, MA, USA
|
This scrips below works for me but I need to pupulate the array from AD or worst case a file.
#### $printerlist = "\\wburdc01\bur_lj_ss1","\\wburdc01\bur_lj_im2","\\wburdc01\bur_lj_im3","\\wburdc01\bur_lj_im4","\\wburdc01\bur_lj_im5","\\wburdc01\bur_lj_im6" ;$a = GetObject("WinNT://HEALTHONE/BurIMZone1,group") ;? $a.Description ;$printerlist = $a.Notes ; $printerlist = $a.Description $printerlist = ReadFile('C:\Installs\Scripts\PrinterGroups') ; ? $printerlist[1]
If ComputerInGroup("BurImZone2")=1 ? "Computer in group BurImZone2" for $i = 0 to UBound($printerlist) If AddPrinterConnection ($printerlist[$i]) = 0 ? "Successfully mapped printer " + $printerlist[$i] Endif Next Else ? "Computer NOT in group BurImZone2" Endif ####
I need support folks to be able to manipulate the list of printers mapped for the group and not have to mofify the script. Ideally if I could add the list of printers from an AD group description or info attribute I can pull the list from there into the $printerlist array. Any ideas?
What is wrong with this script? I keep getting the error " ERROR : unexpected command! Script: C:\Installs\Scripts\LDAPQuery.kix Line : 63 "
;The Script ;=================================== $what = "description" $from = "LDAP://OU=MapPrinterGroups,OU=Computers,OU=HVMA,DC=companyname,DC=com" $filter = "(&(objectCategory=group)(objectClass=group))" $sort = "description" $base = "BASE"
DIM $arrResult[] $arrResult = fnLDAPQuery( $what, $from, $filter, $sort, $base ) ? $arrResult[0] ? $arrResult[1]
Function fnLDAPQuery($What,Optional $From,Optional $Filter,Optional $OrderBy,Optional $Scope, Optional $User,Optional $Pswd) Dim $oCon,$oCMD,$oRS,$sQ,$aR,$C,$R $sQ="<"+Iif($From="","LDAP://"+GetObject("LDAP://rootDSE").Get("defaultNamingContext"), $From)+">;"+$Filter+";"+Iif(VarType($What)>8192,Join($What,','),$What)+";"+ Iif($Scope<>"base" AND $Scope<>"onelevel","subtree",$Scope) $oCon=CreateObject("ADODB.Connection") $oCon.Provider="ADsDSOObject" $oCon.Properties("Encrypt Password").Value=1 $oCon.Properties("ADSI Flag").Value=1 If $User AND $Pswd $oCon.Properties("User ID").Value=$User $oCon.Properties("Password").Value=$Pswd EndIf $oCon.Open("Active Directory Provider") $oCMD=CreateObject("ADODB.Command") $oCMD.ActiveConnection=$oCon $oCMD.CommandText=$sQ $oCMD.Properties("Page Size").Value=1000 $oCMD.Properties("Timeout").Value=30 $oCMD.Properties("Cache Results").Value=0 If InStr($OrderBy,"distinguishedName") $oRS=CreateObject("ADODB.Recordset") $oRS.CursorLocation=3 $oRS.Sort=$OrderBy $oRS.Open($sQ,$oCon,0,1,1) Else If $OrderBy $oCMD.Properties("Sort On").Value=$OrderBy EndIf $oRS=$oCMD.Execute EndIf If @ERROR Exit @ERROR EndIf If $oRS.BOF AND $oRS.EOF Exit @ERROR EndIf $aR = $oRS.GetRows() Dim $aFR[Ubound($aR,2),Ubound($aR,1)] For $R=0 to Ubound($aR,2) For $C=0 to Ubound($aR,1) $aFR[$R,$C]=$aR[$C,$R] Next Next $fnLDAPQuery=$aFR EndFunction
|
Top
|
|
|
|
Moderator: Jochen, Allen, Radimus, Glenn Barnas, ShaneEP, Ruud van Velsen, Arend_, Mart
|
0 registered
and 507 anonymous users online.
|
|
|