Page 1 of 2 12>
Topic Options
#32653 - 2002-11-16 10:51 PM Pulling info from AD
KIXKicks Offline
Starting to like KiXtart

Registered: 2002-07-26
Posts: 177
Loc: Vancouver, WA
How can one pull the "Office" value from a User in Active Directory using KIX? I have look around here but not finding anything that can help or works.
Top
#32654 - 2002-11-16 11:03 PM Re: Pulling info from AD
KIXKicks Offline
Starting to like KiXtart

Registered: 2002-07-26
Posts: 177
Loc: Vancouver, WA
More info...

I am trying to determine which server to attach the user to. The user would be attaching via VPN.

All users are part of one domain. All users have the Office field fill-in.

Site1 is the default location in the current script.

For example, Joe Blow (JBlow) belongs to the Site2 location. When he connects via VPN, it doesn't know that he belongs to Site2 and maps his network drives to Site1. Since he is using a non-domain account, I can't use the INGROUP feature.

I would just like some code that could return the Office value for a given user.

Top
#32655 - 2002-11-16 11:04 PM Re: Pulling info from AD
Howard Bullock Offline
KiX Supporter
*****

Registered: 2000-09-15
Posts: 5809
Loc: Harrisburg, PA USA
Use the ADSI LDAP:// provider via COM.

$obj = GetObject(LDAP://domain/DN)
$Office = $obj.Get("Office")

Something close to this should work.
_________________________
Home page: http://www.kixhelp.com/hb/

Top
#32656 - 2002-11-16 11:25 PM Re: Pulling info from AD
Howard Bullock Offline
KiX Supporter
*****

Registered: 2000-09-15
Posts: 5809
Loc: Harrisburg, PA USA
Start with this code:
code:
$sysinfo = CreateObject("adsysteminfo")
if vartypename($sysinfo)='object'

; Get user's distinguished name (DN) ...
$username = $sysinfo.username

?"ADsPath = $username"

; Bind directly to user's active directory object ...
$user = GetObject("LDAP://" + $username)

if vartypename($user)='object'

; Get the path of the parent container ...
$parentpath = $user.parent

; Get the parent ...
$parent = GetObject($parentpath)

if vartypename($parent)='object'
$ou = $parent.name

?"OrganizationalUnit = $ou"
else
? "Error creating parent object: @error @serror"
endif
else
? "Error creating user object: @error @serror"
endif
else
? "Error creating adsysteminfo object: @error @serror"
endif
exit

You haven't stated what your client OS is. That could be very important if the client is not AD aware.

[ 16. November 2002, 23:26: Message edited by: Howard Bullock ]
_________________________
Home page: http://www.kixhelp.com/hb/

Top
#32657 - 2002-11-16 11:37 PM Re: Pulling info from AD
Howard Bullock Offline
KiX Supporter
*****

Registered: 2000-09-15
Posts: 5809
Loc: Harrisburg, PA USA
Now I am really confused. You stated that the user is NOT using a domain account. How do think you will get the "Office" from the account property if the user is not using the account?
_________________________
Home page: http://www.kixhelp.com/hb/

Top
#32658 - 2002-11-16 11:38 PM Re: Pulling info from AD
KIXKicks Offline
Starting to like KiXtart

Registered: 2002-07-26
Posts: 177
Loc: Vancouver, WA
Clients are running Windows 2000 with SP3 and Windows XP Pro with SP1.

I am getting "An invalid Active Directory pathname was passed"

Is there some values I need to fill in? Any functions I need to add or define?

Top
#32659 - 2002-11-16 11:46 PM Re: Pulling info from AD
KIXKicks Offline
Starting to like KiXtart

Registered: 2002-07-26
Posts: 177
Loc: Vancouver, WA
Howard,

They are not using a domain account because they are connecting via VPN. Their computer is configured as a WORKGROUP.

For example, Joe Blow is NTCMI\JBlow on the domain. At home he logs into his computer as \\HOMEPC\JBlow. He connects to the VPN and run the Login Script I have written. The login script looks at his IP Address and knows that he is using a VPN Login. It checks his username and creates a variable $NTCMIUSER that equals NTCMI\JBlow. Then it passes this to the USE command to map his network drives. In reference to my previous post, Site1 users have always been the VPN users. Joe Blow is the first Site2. The Server value is hardcoded to Site1. I don't want to have to hardcoded Joe Blow into using Site2. I wanted to see if there is a way to pull any information from AD.

Top
#32660 - 2002-11-16 11:50 PM Re: Pulling info from AD
Howard Bullock Offline
KiX Supporter
*****

Registered: 2000-09-15
Posts: 5809
Loc: Harrisburg, PA USA
That being the case you need to to use my TranslateName() UDF.

You can feed it the NT4 style "Domain\Account" and get back the distinguished name of the user account. With that, you can get the account properties using the first code I posted.
_________________________
Home page: http://www.kixhelp.com/hb/

Top
#32661 - 2002-11-17 06:02 AM Re: Pulling info from AD
KIXKicks Offline
Starting to like KiXtart

Registered: 2002-07-26
Posts: 177
Loc: Vancouver, WA
Howard,

I have use the TranslateName UDF and it is returning the correct values. However, the two line code you gave me is not returning anything. I think the first line is fine.

It is this line that I am wondering about...

$Office = $obj.Get("Office")

Any ideas?

Top
#32662 - 2002-11-17 06:05 AM Re: Pulling info from AD
Howard Bullock Offline
KiX Supporter
*****

Registered: 2000-09-15
Posts: 5809
Loc: Harrisburg, PA USA
Add:
? "@error @serror"

after each of the two lines. What is the error messages are returned?

[ 17. November 2002, 06:06: Message edited by: Howard Bullock ]
_________________________
Home page: http://www.kixhelp.com/hb/

Top
#32663 - 2002-11-17 06:12 AM Re: Pulling info from AD
KIXKicks Offline
Starting to like KiXtart

Registered: 2002-07-26
Posts: 177
Loc: Vancouver, WA
First line - no error - successful

Second line
-2147352567 COM exception error "GET" (Active Directory - The Active Directory property cannot be found in the cache.
) [-2147352567/80020009]

Top
#32664 - 2002-11-17 06:15 AM Re: Pulling info from AD
Howard Bullock Offline
KiX Supporter
*****

Registered: 2000-09-15
Posts: 5809
Loc: Harrisburg, PA USA
Checking the ADSI help file yield a property name "OfficeLocations" not "Office".
_________________________
Home page: http://www.kixhelp.com/hb/

Top
#32665 - 2002-11-17 06:23 AM Re: Pulling info from AD
KIXKicks Offline
Starting to like KiXtart

Registered: 2002-07-26
Posts: 177
Loc: Vancouver, WA
Still no luck...

Here is my code

code:
$DOMAINUSER="NTCMI\"+$USER
$DN=TranslateName (2, NTCOMM.CONMET.DOM, 3, "$DOMAINUSER", 1)
? $DN[0]

$LDAPVALUE="LDAP://NTCOMM.CONMET.DOM/"+$DN[0]

$USERDETAILS=GETOBJECT("$LDAPVALUE")
? "@error @serror"

$USEROFFICE=$USERDETAILS.GET("OfficeLocations")
? "@error @serror"

? "Office" $USEROFFICE

The line: $USEROFFICE=$USERDETAILS.GET("OfficeLocations") is still returning the error:

CN=MGorretta,CN=Users,DC=conmet,DC=dom
0 The operation completed successfully.
-2147352567 COM exception error "GET" (Active Directory - The Active Directory property cannot be found in the cache.
) [-2147352567/80020009]

Top
#32666 - 2002-11-17 06:34 AM Re: Pulling info from AD
Howard Bullock Offline
KiX Supporter
*****

Registered: 2000-09-15
Posts: 5809
Loc: Harrisburg, PA USA
Try:
using GetEx

$USEROFFICE=$USERDETAILS.GetEx("OfficeLocations")
? "@error @serror"
? VarTypeName ($USEROFFICE)
_________________________
Home page: http://www.kixhelp.com/hb/

Top
#32667 - 2002-11-17 06:37 AM Re: Pulling info from AD
KIXKicks Offline
Starting to like KiXtart

Registered: 2002-07-26
Posts: 177
Loc: Vancouver, WA
Same error...but now Empty is returned...

CN=MGorretta,CN=Users,DC=conmet,DC=dom
0 The operation completed successfully.
-2147352567 COM exception error "GetEx" (Active Directory - The Active Directory property cannot be found in the cache.
) [-2147352567/80020009]
Empty
Office

Top
#32668 - 2002-11-17 06:43 AM Re: Pulling info from AD
Howard Bullock Offline
KiX Supporter
*****

Registered: 2000-09-15
Posts: 5809
Loc: Harrisburg, PA USA
At this point I do not know why you are having this problem. Are you sure that the data you want is located in the OfficeLocations property?

As a secondary thought, have you considered creating an OU for each site and moving the account into a "Site" OU? Since you can now get the DN, you can parse it to obtain the Site.

I am ckecking my AD now to see why this is being such a pain.
_________________________
Home page: http://www.kixhelp.com/hb/

Top
#32669 - 2002-11-17 06:50 AM Re: Pulling info from AD
KIXKicks Offline
Starting to like KiXtart

Registered: 2002-07-26
Posts: 177
Loc: Vancouver, WA
Not sure what is happen...

If I use:

$USEROFFICE=$USERDETAILS.GetInfo

I get no error, but no data either!

I do know that other fields are filled out like First Name and Last Name, E-Mail Address, etc...maybe we should try one of them?

Top
#32670 - 2002-11-17 07:00 AM Re: Pulling info from AD
Howard Bullock Offline
KiX Supporter
*****

Registered: 2000-09-15
Posts: 5809
Loc: Harrisburg, PA USA
My EnumObjProps.kix script shows the following properties:

Class: user
GUID: {228D9A87-C302-11CF-9AA4-00AA004A5691}
Implemented by: {228D9A84-C302-11CF-9AA4-00AA004A5691}

Container Object
Class Contains:
nTFRSSubscriptions
classStore
Mandatory Properties in this Class:
cn
instanceType
nTSecurityDescriptor
objectCategory
objectClass
objectSid
sAMAccountName

Optional Properties in this Class:
accountExpires
accountNameHistory
aCSPolicyName
adminCount
adminDescription
adminDisplayName
allowedAttributes
allowedAttributesEffective
allowedChildClasses
allowedChildClassesEffective
altSecurityIdentities
assistant
badPasswordTime
badPwdCount
bridgeheadServerListBL
c
canonicalName
co
codePage
comment
company
controlAccessRights
countryCode
createTimeStamp
dBCSPwd
defaultClassStore
department
description
desktopProfile
destinationIndicator
directReports
displayName
displayNamePrintable
distinguishedName
division
dSASignature
dSCorePropagationData
dynamicLDAPServer
employeeID
extensionName
facsimileTelephoneNumber
flags
fromEntry
frsComputerReferenceBL
fRSMemberReferenceBL
fSMORoleOwner
garbageCollPeriod
generationQualifier
givenName
groupMembershipSAM
groupPriority
groupsToIgnore
homeDirectory
homeDrive
homePhone
homePostalAddress
info
initials
internationalISDNNumber
ipPhone
isCriticalSystemObject
isDeleted
isPrivilegeHolder
l
lastKnownParent
lastLogoff
lastLogon
legacyExchangeDN
lmPwdHistory
localeID
lockoutTime
logonCount
logonHours
logonWorkstation
mail
managedObjects
manager
masteredBy
maxStorage
memberOf
mhsORAddress
middleName
mobile
modifyTimeStamp
mS-DS-ConsistencyChildCount
mS-DS-ConsistencyGuid
mS-DS-CreatorSID
mSMQDigests
mSMQDigestsMig
mSMQSignCertificates
mSMQSignCertificatesMig
msNPAllowDialin
msNPCallingStationID
msNPSavedCallingStationID
msRADIUSCallbackNumber
msRADIUSFramedIPAddress
msRADIUSFramedRoute
msRADIUSServiceType
msRASSavedCallbackNumber
msRASSavedFramedIPAddress
msRASSavedFramedRoute
name
netbootSCPBL
networkAddress
nonSecurityMemberBL
ntPwdHistory
o
objectGUID
objectVersion
operatorCount
otherFacsimileTelephoneNumber
otherHomePhone
otherIpPhone
otherLoginWorkstations
otherMailbox
otherMobile
otherPager
otherTelephone
otherWellKnownObjects
ou
pager
partialAttributeDeletionList
partialAttributeSet
personalTitle
physicalDeliveryOfficeName
possibleInferiors
postalAddress
postalCode
postOfficeBox
preferredDeliveryMethod
preferredOU
primaryGroupID
primaryInternationalISDNNumber
primaryTelexNumber
profilePath
proxiedObjectName
proxyAddresses
pwdLastSet
queryPolicyBL
registeredAddress
replPropertyMetaData
replUpToDateVector
repsFrom
repsTo
revision
rid
sAMAccountType
scriptPath
sDRightsEffective
securityIdentifier
seeAlso
serverReferenceBL
servicePrincipalName
showInAddressBook
showInAdvancedViewOnly
sIDHistory
siteObjectBL
sn
st
street
streetAddress
subRefs
subSchemaSubEntry
supplementalCredentials
systemFlags
telephoneNumber
teletexTerminalIdentifier
telexNumber
terminalServer
textEncodedORAddress
thumbnailLogo
thumbnailPhoto
title
tokenGroups
tokenGroupsGlobalAndUniversal
tokenGroupsNoGCAcceptable
unicodePwd
url
userAccountControl
userCert
userCertificate
userParameters
userPassword
userPrincipalName
userSharedFolder
userSharedFolderOther
userSMIMECertificate
userWorkstations
uSNChanged
uSNCreated
uSNDSALastObjRemoved
USNIntersite
uSNLastObjRem
uSNSource
wbemPath
wellKnownObjects
whenChanged
whenCreated
wWWHomePage
x121Address

I do not see any Office* properties. Can you verify the data and property name? Use LDP.exe from the W2K support tools to browse the user object properties.
_________________________
Home page: http://www.kixhelp.com/hb/

Top
#32671 - 2002-11-17 07:03 AM Re: Pulling info from AD
KIXKicks Offline
Starting to like KiXtart

Registered: 2002-07-26
Posts: 177
Loc: Vancouver, WA
Howard,

I got it...

code:
$USEROFFICE=$USERDETAILS.PhysicalDeliveryOfficeName
? "@error @serror"
? $USEROFFICE

Found it in a related post awhile back...

Thanks for all your help...It would not have possible without it...

KIXKicks

Top
#32672 - 2002-11-17 07:03 AM Re: Pulling info from AD
Howard Bullock Offline
KiX Supporter
*****

Registered: 2000-09-15
Posts: 5809
Loc: Harrisburg, PA USA
Just found that Officelocations maps to physicalDeliveryOfficeName.

Use this property and let me know.
_________________________
Home page: http://www.kixhelp.com/hb/

Top
Page 1 of 2 12>


Moderator:  Jochen, Allen, Radimus, Glenn Barnas, ShaneEP, Ruud van Velsen, Arend_, Mart 
Hop to:
Shout Box

Who's Online
0 registered and 259 anonymous users online.
Newest Members
gespanntleuchten, DaveatAdvanced, Paulo_Alves, UsTaaa, xxJJxx
17864 Registered Users

Generated in 0.072 seconds in which 0.024 seconds were spent on a total of 13 queries. Zlib compression enabled.

Search the board with:
superb Board Search
or try with google:
Google
Web kixtart.org