#32655 - 2002-11-16 11:04 PM
Re: Pulling info from AD
|
Howard Bullock
KiX Supporter
Registered: 2000-09-15
Posts: 5809
Loc: Harrisburg, PA USA
|
Use the ADSI LDAP:// provider via COM.
$obj = GetObject(LDAP://domain/DN) $Office = $obj.Get("Office")
Something close to this should work.
|
Top
|
|
|
|
#32656 - 2002-11-16 11:25 PM
Re: Pulling info from AD
|
Howard Bullock
KiX Supporter
Registered: 2000-09-15
Posts: 5809
Loc: Harrisburg, PA USA
|
Start with this code: code:
$sysinfo = CreateObject("adsysteminfo") if vartypename($sysinfo)='object'
; Get user's distinguished name (DN) ... $username = $sysinfo.username
?"ADsPath = $username"
; Bind directly to user's active directory object ... $user = GetObject("LDAP://" + $username)
if vartypename($user)='object'
; Get the path of the parent container ... $parentpath = $user.parent
; Get the parent ... $parent = GetObject($parentpath)
if vartypename($parent)='object' $ou = $parent.name
?"OrganizationalUnit = $ou" else ? "Error creating parent object: @error @serror" endif else ? "Error creating user object: @error @serror" endif else ? "Error creating adsysteminfo object: @error @serror" endif exit
You haven't stated what your client OS is. That could be very important if the client is not AD aware. [ 16. November 2002, 23:26: Message edited by: Howard Bullock ]
|
Top
|
|
|
|
#32657 - 2002-11-16 11:37 PM
Re: Pulling info from AD
|
Howard Bullock
KiX Supporter
Registered: 2000-09-15
Posts: 5809
Loc: Harrisburg, PA USA
|
Now I am really confused. You stated that the user is NOT using a domain account. How do think you will get the "Office" from the account property if the user is not using the account?
|
Top
|
|
|
|
#32660 - 2002-11-16 11:50 PM
Re: Pulling info from AD
|
Howard Bullock
KiX Supporter
Registered: 2000-09-15
Posts: 5809
Loc: Harrisburg, PA USA
|
That being the case you need to to use my TranslateName() UDF.
You can feed it the NT4 style "Domain\Account" and get back the distinguished name of the user account. With that, you can get the account properties using the first code I posted.
|
Top
|
|
|
|
#32662 - 2002-11-17 06:05 AM
Re: Pulling info from AD
|
Howard Bullock
KiX Supporter
Registered: 2000-09-15
Posts: 5809
Loc: Harrisburg, PA USA
|
Add: ? "@error @serror"
after each of the two lines. What is the error messages are returned? [ 17. November 2002, 06:06: Message edited by: Howard Bullock ]
|
Top
|
|
|
|
#32664 - 2002-11-17 06:15 AM
Re: Pulling info from AD
|
Howard Bullock
KiX Supporter
Registered: 2000-09-15
Posts: 5809
Loc: Harrisburg, PA USA
|
Checking the ADSI help file yield a property name "OfficeLocations" not "Office".
|
Top
|
|
|
|
#32665 - 2002-11-17 06:23 AM
Re: Pulling info from AD
|
KIXKicks
Starting to like KiXtart
Registered: 2002-07-26
Posts: 177
Loc: Vancouver, WA
|
Still no luck...
Here is my code
code:
$DOMAINUSER="NTCMI\"+$USER $DN=TranslateName (2, NTCOMM.CONMET.DOM, 3, "$DOMAINUSER", 1) ? $DN[0] $LDAPVALUE="LDAP://NTCOMM.CONMET.DOM/"+$DN[0] $USERDETAILS=GETOBJECT("$LDAPVALUE") ? "@error @serror"
$USEROFFICE=$USERDETAILS.GET("OfficeLocations") ? "@error @serror"
? "Office" $USEROFFICE
The line: $USEROFFICE=$USERDETAILS.GET("OfficeLocations") is still returning the error:
CN=MGorretta,CN=Users,DC=conmet,DC=dom 0 The operation completed successfully. -2147352567 COM exception error "GET" (Active Directory - The Active Directory property cannot be found in the cache. ) [-2147352567/80020009]
|
Top
|
|
|
|
#32666 - 2002-11-17 06:34 AM
Re: Pulling info from AD
|
Howard Bullock
KiX Supporter
Registered: 2000-09-15
Posts: 5809
Loc: Harrisburg, PA USA
|
Try: using GetEx
$USEROFFICE=$USERDETAILS.GetEx("OfficeLocations") ? "@error @serror" ? VarTypeName ($USEROFFICE)
|
Top
|
|
|
|
#32668 - 2002-11-17 06:43 AM
Re: Pulling info from AD
|
Howard Bullock
KiX Supporter
Registered: 2000-09-15
Posts: 5809
Loc: Harrisburg, PA USA
|
At this point I do not know why you are having this problem. Are you sure that the data you want is located in the OfficeLocations property?
As a secondary thought, have you considered creating an OU for each site and moving the account into a "Site" OU? Since you can now get the DN, you can parse it to obtain the Site.
I am ckecking my AD now to see why this is being such a pain.
|
Top
|
|
|
|
#32670 - 2002-11-17 07:00 AM
Re: Pulling info from AD
|
Howard Bullock
KiX Supporter
Registered: 2000-09-15
Posts: 5809
Loc: Harrisburg, PA USA
|
My EnumObjProps.kix script shows the following properties:
Class: user GUID: {228D9A87-C302-11CF-9AA4-00AA004A5691} Implemented by: {228D9A84-C302-11CF-9AA4-00AA004A5691}
Container Object Class Contains: nTFRSSubscriptions classStore Mandatory Properties in this Class: cn instanceType nTSecurityDescriptor objectCategory objectClass objectSid sAMAccountName
Optional Properties in this Class: accountExpires accountNameHistory aCSPolicyName adminCount adminDescription adminDisplayName allowedAttributes allowedAttributesEffective allowedChildClasses allowedChildClassesEffective altSecurityIdentities assistant badPasswordTime badPwdCount bridgeheadServerListBL c canonicalName co codePage comment company controlAccessRights countryCode createTimeStamp dBCSPwd defaultClassStore department description desktopProfile destinationIndicator directReports displayName displayNamePrintable distinguishedName division dSASignature dSCorePropagationData dynamicLDAPServer employeeID extensionName facsimileTelephoneNumber flags fromEntry frsComputerReferenceBL fRSMemberReferenceBL fSMORoleOwner garbageCollPeriod generationQualifier givenName groupMembershipSAM groupPriority groupsToIgnore homeDirectory homeDrive homePhone homePostalAddress info initials internationalISDNNumber ipPhone isCriticalSystemObject isDeleted isPrivilegeHolder l lastKnownParent lastLogoff lastLogon legacyExchangeDN lmPwdHistory localeID lockoutTime logonCount logonHours logonWorkstation mail managedObjects manager masteredBy maxStorage memberOf mhsORAddress middleName mobile modifyTimeStamp mS-DS-ConsistencyChildCount mS-DS-ConsistencyGuid mS-DS-CreatorSID mSMQDigests mSMQDigestsMig mSMQSignCertificates mSMQSignCertificatesMig msNPAllowDialin msNPCallingStationID msNPSavedCallingStationID msRADIUSCallbackNumber msRADIUSFramedIPAddress msRADIUSFramedRoute msRADIUSServiceType msRASSavedCallbackNumber msRASSavedFramedIPAddress msRASSavedFramedRoute name netbootSCPBL networkAddress nonSecurityMemberBL ntPwdHistory o objectGUID objectVersion operatorCount otherFacsimileTelephoneNumber otherHomePhone otherIpPhone otherLoginWorkstations otherMailbox otherMobile otherPager otherTelephone otherWellKnownObjects ou pager partialAttributeDeletionList partialAttributeSet personalTitle physicalDeliveryOfficeName possibleInferiors postalAddress postalCode postOfficeBox preferredDeliveryMethod preferredOU primaryGroupID primaryInternationalISDNNumber primaryTelexNumber profilePath proxiedObjectName proxyAddresses pwdLastSet queryPolicyBL registeredAddress replPropertyMetaData replUpToDateVector repsFrom repsTo revision rid sAMAccountType scriptPath sDRightsEffective securityIdentifier seeAlso serverReferenceBL servicePrincipalName showInAddressBook showInAdvancedViewOnly sIDHistory siteObjectBL sn st street streetAddress subRefs subSchemaSubEntry supplementalCredentials systemFlags telephoneNumber teletexTerminalIdentifier telexNumber terminalServer textEncodedORAddress thumbnailLogo thumbnailPhoto title tokenGroups tokenGroupsGlobalAndUniversal tokenGroupsNoGCAcceptable unicodePwd url userAccountControl userCert userCertificate userParameters userPassword userPrincipalName userSharedFolder userSharedFolderOther userSMIMECertificate userWorkstations uSNChanged uSNCreated uSNDSALastObjRemoved USNIntersite uSNLastObjRem uSNSource wbemPath wellKnownObjects whenChanged whenCreated wWWHomePage x121Address
I do not see any Office* properties. Can you verify the data and property name? Use LDP.exe from the W2K support tools to browse the user object properties.
|
Top
|
|
|
|
#32671 - 2002-11-17 07:03 AM
Re: Pulling info from AD
|
KIXKicks
Starting to like KiXtart
Registered: 2002-07-26
Posts: 177
Loc: Vancouver, WA
|
Howard,
I got it...
code:
$USEROFFICE=$USERDETAILS.PhysicalDeliveryOfficeName ? "@error @serror" ? $USEROFFICE
Found it in a related post awhile back...
Thanks for all your help...It would not have possible without it...
KIXKicks
|
Top
|
|
|
|
#32672 - 2002-11-17 07:03 AM
Re: Pulling info from AD
|
Howard Bullock
KiX Supporter
Registered: 2000-09-15
Posts: 5809
Loc: Harrisburg, PA USA
|
Just found that Officelocations maps to physicalDeliveryOfficeName.
Use this property and let me know.
|
Top
|
|
|
|
Moderator: Jochen, Allen, Radimus, Glenn Barnas, ShaneEP, Ruud van Velsen, Arend_, Mart
|
0 registered
and 557 anonymous users online.
|
|
|