#85226 - 2002-08-20 02:35 PM
Re: Kixforms: Manage User Details - Here`s MUD in your eye !
|
Bonji
Starting to like KiXtart
Registered: 2001-09-28
Posts: 169
Loc: Virginia
|
Richard,
Good point on expiring the password. I'm currently looking into it. I found all the information on Users, Domains, Computers, Groups, etc. at http://msdn.microsoft.com/library/en-us/netdir/adsi/iadsuser.asp
Shawn, Including the script sounds great. Hopefully it will be a useful training tool as well as a useful utility. I'm planning on writing a much more extensive tool that can perform most administrative functions (that ADSI will allow and that I use). I'll post that one if I ever get it finished.
Thanks, Ben
|
Top
|
|
|
|
#85227 - 2002-08-20 02:47 PM
Re: Kixforms: Manage User Details - Here`s MUD in your eye !
|
Peter Fry
Getting the hang of it
Registered: 2001-07-23
Posts: 95
Loc: Bristol UK
|
Richard
I wanted to do simular here is what i did just add the following line after it sets the password
$adsUser.put("PasswordExpired", 1)
this will force the user to change password when he logs in
hope this helps
Pete
|
Top
|
|
|
|
#85229 - 2002-08-20 04:02 PM
Re: Kixforms: Manage User Details - Here`s MUD in your eye !
|
Peter Fry
Getting the hang of it
Registered: 2001-07-23
Posts: 95
Loc: Bristol UK
|
ok here goes
this is what i've done so it makes it nice and simple, i wanted a new gui interface that would allow key users (VERY limited admin access) to complete 2 things
1) reset passwords 2) unlock accounts
here is my code (yes i based this on shawns code)
code:
; Used to hide the command window when complied into an .exe using kixcrypt.exe and kixforms ; Set at the top so that is it the first command used SETCONSOLE("hide")
; Created by Peter Fry ; Created on "8 August 2002" ; ; REQUIRES: ; KIXTART 4.10 - Kix32.exe in %windir%\system32 ; KIXFORMS BUILD 21 - kixforms.dll in %windir%\system32 and registered with "regsvr32 kixforms.dll" ; An active directory enabled machine
; Version $VERSION = "V2 Beta"
; Version History ; ; V1 beta = Text based only - small progress bar - Filename: key_beta_1.kix ; V2 beta = GUI Interface added - Filename: key_beta_2.kix
; Enable Logging (1 = enabled and 0 = disabled) $LOGGING = 1
; Name of Program : Key User Scripts ; ; Use of the Program ; ; This program is intened to allow key users (apart of the account operator group) ; It will allow them to do the following ; ; 1) Reset a given users password to the string set in the variable $PASSWORD ; ; 2) Unlock a locked account
BREAK ON ; enables canceling of the script without auto rebooting. ; DEBUG ON ; uncomment this to enable debuging
; SET Variables $FILE_SERVER = "SH1391" $PASSWORD = "123456" $NOTAUTHORISED ="\\$FILE_SERVER\keyuser$\notauthorised.csv" ;file 1 $RUNLOG = "\\$FILE_SERVER\keyuser$\runlog.csv" ;file 2 $UNLOCKLOG = "\\$FILE_SERVER\keyuser$\unlocklog.csv" ;file 3 $PASSWORDLOG = "\\$FILE_SERVER\keyuser$\passwordlog.csv" ;file 4
; Authorise the user $AUTH = CreateObject("Kixtart.Form") ; Create a form called $AUTH $AUTH.Caption = "Authorising @USERID, Please Wait" $AUTH.ScaleWidth = 500 $AUTH.ScaleHeight = 100 $AUTH.FontSize = 14 $AUTH.FontName = "Arial" $AUTH.PrintXY(30,30,"Please Wait......") $AUTH.Center $AUTH.show
IF ingroup("Account Operators") = 1 $= $AUTH.MsgBox("You are Authorised to run this program", "Authorised") $AUTHORISED = "YES" ELSE $= $AUTH.MsgBox("You are NOT Authorised to run this program", "NOT Authorised") $AUTHORISED = "NO" IF $LOGGING = 1 $NUL=Open(1,$NOTAUTHORISED,5) $NUL=writeline (1,"@USERID,@DATE,@TIME,$AUTHORISED" + Chr(13) + Chr(10)) $NUL=CLOSE(1) ENDIF quit() ENDIF
$AUTH = 0 ;Close the form called $AUTH
; Runlog IF $LOGGING = 1 $NUL=Open(2,$RUNLOG,5) $NUL=writeline (2,"@USERID,@DATE,@TIME,$AUTHORISED" + Chr(13) + Chr(10)) $NUL=CLOSE(2) ENDIF
; Form Vars $FORM = CreateObject("Kixtart.Form") ; Create form called $FORM $FORM.Caption = "Key User Commands $VERSION" $FORM.ScaleHeight = 300 $FORM.ScaleWidth = 425 $FORM.FontName = "Arial" $FORM.FontSize = 9 $FORM.Center $FRABANNER = $FORM.PictureBox $FRABANNER.BackColor = $FORM.RGB(255,255,255) $FRABANNER.Height = 137 $FRABANNER.Left = 8 $FRABANNER.Top = 10 $FRABANNER.Width = 410 $FRADETAILS = $FORM.Frame("Details") $FRADETAILS.Height = 140 $FRADETAILS.Left = 8 $FRADETAILS.Top = 152 $FRADETAILS.Width = 410
$CMDEXIT = $FRADETAILS.CommandButton("Exit!") $CMDEXIT.FontName = "Comic Sans MS" $CMDEXIT.FontSize = 12 $CMDEXIT.FontBold = 1 $CMDEXIT.Top = 114 $CMDEXIT.Width = 129 $CMDEXIT.Left = 272 $CMDEXIT.HEIGHT = 22 $CMDEXIT.OnClick = "quit()"
$TXTUSERNAME = $FRADETAILS.TextBox $TXTUSERNAME.Height = 25 $TXTUSERNAME.Left = 104 $TXTUSERNAME.Top = 24 $TXTUSERNAME.Text = "" $TXTUSERNAME.Width = 161
$CMDFINDUSER = $FRADETAILS.CommandButton("Find User!") $CMDFINDUSER.Default = 1 ; True $CMDFINDUSER.FontName = "Comic Sans MS" $CMDFINDUSER.FontSize = 12 $CMDFINDUSER.FontBold = 1 $CMDFINDUSER.Left = 272 $CMDFINDUSER.Top = 24 $CMDFINDUSER.Width = 129 $CMDFINDUSER.HEIGHT = 22 $CMDFINDUSER.OnClick = "cmdFindUser_Click()"
$LABEL_USERNAME = $FRADETAILS.Label $LABEL_USERNAME.Caption = "Username:" $LABEL_USERNAME.Height = $TXTUSERNAME.Height $LABEL_USERNAME.Width = 75 $LABEL_USERNAME.Left = $TXTUSERNAME.Left - $LABEL_USERNAME.Width $LABEL_USERNAME.Top = $TXTUSERNAME.Top
$CMDRESET_PASSWORD = $FRADETAILS.CommandButton("Reset Password") $CMDRESET_PASSWORD.Default = 0 ; True $CMDRESET_PASSWORD.FontName = "Comic Sans MS" $CMDRESET_PASSWORD.FontSize = 12 $CMDRESET_PASSWORD.FontBold = 1 $CMDRESET_PASSWORD.Left = 104 $CMDRESET_PASSWORD.Top = 90 $CMDRESET_PASSWORD.Width = 129 $CMDRESET_PASSWORD.HEIGHT = 22 $CMDRESET_PASSWORD.Enabled = 0 ; Disabled / False $CMDRESET_PASSWORD.OnClick = "Reset_Password()"
$CMDUNLOCK = $FRADETAILS.CommandButton("Unlock Account") $CMDUNLOCK.Default = 0 ; True $CMDUNLOCK.FontName = "Comic Sans MS" $CMDUNLOCK.FontSize = 12 $CMDUNLOCK.FontBold = 1 $CMDUNLOCK.Left = 272 $CMDUNLOCK.Top = 90 $CMDUNLOCK.Width = 129 $CMDUNLOCK.HEIGHT = 22 $CMDUNLOCK.Enabled = 0 ; Disabled / False $CMDUNLOCK.OnClick = "Unlock_Account()"
$TXTDISPLAYNAME = $FRADETAILS.TextBox $TXTDISPLAYNAME.Height = 25 $TXTDISPLAYNAME.Left = 104 $TXTDISPLAYNAME.TabStop = 0 ; False $TXTDISPLAYNAME.Top = 56 $TXTDISPLAYNAME.Width = 297 $TXTDISPLAYNAME.Enabled = 1 $TXTDISPLAYNAME.BackColor = $FORM.BackColor $LABEL_DISPLAYNAME = $FRADETAILS.Label("Full Name:") $LABEL_DISPLAYNAME.Width = 75 $LABEL_DISPLAYNAME.Left = $TXTDISPLAYNAME.Left - $LABEL_DISPLAYNAME.Width $LABEL_DISPLAYNAME.Top = $TXTDISPLAYNAME.Top
; Draw on the banner $FRABANNER.FontSize = 16 $FRABANNER.FontName = "verdana" $FRABANNER.FontSize = 28 $FRABANNER.ForeColor = $FORM.RGB(100,200,200) $FRABANNER.PrintXY(13,10,"Key User Commands") $FRABANNER.ForeColor = 0 $FRABANNER.PrintXY(10,7,"Key User Commands") $FRABANNER.FontSize = 12 $FRABANNER.ForeColor = $FORM.RGB(0,100,100) $FRABANNER.PrintXY(13,58,"Created By Peter Fry") $FRABANNER.FontBold = 1 $FRABANNER.PrintXY(13,80,"Welcome @USERID") $FRABANNER.FontBold = 0 $FRABANNER.FontSize = 10 $FRABANNER.ForeColor = $FORM.RGB(0,100,100)
DIM $STRUSERNAME DIM $STRUSERPATH $FORM.Show $TXTUSERNAME.SetFocus
WHILE $FORM.Visible $=Execute($FORM.DoEvents) LOOP
$FORM = 0 ;Close the form called $FORM
EXIT 1
FUNCTION cmdFindUser_Click()
DIM $WAIT $WAIT = CreateObject("Kixtart.Form") ; Create form called $WAIT $WAIT.Caption = "One moment please..." $WAIT.ScaleWidth = 425 $WAIT.ScaleHeight = 100 $WAIT.FontSize = 14 $WAIT.FontName = "Arial" $WAIT.PrintXY(30,30,"Searching for User, one moment please...") $WAIT.Center DIM $USERACCOUNT,$adsGroup IF $TXTUSERNAME.Text = "" $= $FORM.MsgBox("You must specIFy a username before clicking Find.", "Username invalid") $TXTUSERNAME.Text = $STRUSERNAME EXIT Sub ELSE $STRUSERNAME = $TXTUSERNAME.Text ENDIF $WAIT.Show $STRUSERPATH = "WinNT://@LDOMAIN/$STRUSERNAME,User" $USERACCOUNT = GetObject($STRUSERPATH) IF Not $USERACCOUNT ; User does not exist $= $FORM.MsgBox("A user called (" + $TXTUSERNAME.Text + ") does not exist.", "Username invalid") ELSE ; User exists so bind to it $USERACCOUNT.GetInfo $TXTDISPLAYNAME.Text = $USERACCOUNT.FullName $CMDRESET_PASSWORD.Enabled = 1 ; Enable the reset password button $CMDFINDUSER.Enabled = 0 ; Disable the finduser button IF $USERACCOUNT.IsAccountLocked $CMDUNLOCK.Enabled = 1 ; Enable the unlock button $CMDRESET_PASSWORD.Enabled = 0 ; disable the reset password button ENDIF ENDIF $FORM.Refresh $TXTUSERNAME.SetFocus
ENDFUNCTION
FUNCTION Unlock_Account()
$WAIT = CreateObject("Kixtart.Form") ; Create form called $WAIT $WAIT.Caption = "One moment please..." $WAIT.ScaleWidth = 425 $WAIT.ScaleHeight = 100 $WAIT.FontSize = 14 $WAIT.FontName = "Arial" $WAIT.PrintXY(30,30,"Unlocking Account, one moment please...") $WAIT.Center $WAIT.Show DIM $USERACCOUNT ; APPEND to $UNLOCKLOG IF $LOGGING = 1 $USERNAME = $TXTUSERNAME.Text $NUL=Open(3,$UNLOCKLOG,5) $NUL=writeline (3,"@USERID,$USERNAME,@DATE,@TIME" + Chr(13) + Chr(10)) $NUL=CLOSE(3) ENDIF ; Unlock the account $USERACCOUNT = GetObject($STRUSERPATH) $USERACCOUNT.GetInfo $USERACCOUNT.IsAccountLocked = 0 $USERACCOUNT.SetInfo $= $FORM.MsgBox("The user (" + $STRUSERNAME + ") has been unlocked.", "User enabled") $WAIT = 0 ; close the form called $WAIT $USERACCOUNT = 0 $FORM.Refresh $CMDEXIT.SetFocus $CMDUNLOCK.Enabled = 0 ; Disable the unlock button reset_password()
ENDFUNCTION
FUNCTION Reset_Password()
$WAIT = CreateObject("Kixtart.Form") ; Create form called $WAIT $WAIT.Caption = "One moment please..." $WAIT.ScaleWidth = 425 $WAIT.ScaleHeight = 100 $WAIT.FontSize = 14 $WAIT.FontName = "Arial" $WAIT.PrintXY(30,30,"Resetting Password, one moment please...") $WAIT.Center $WAIT.Show DIM $USERACCOUNT ; APPEND to $PASSWORDLOG IF $LOGGING = 1 $USERNAME = $TXTUSERNAME.Text $NUL=Open(4,$PASSWORDLOG,5) $NUL=writeline (4,"@USERID,$USERNAME,@DATE,@TIME" + Chr(13) + Chr(10)) $NUL=CLOSE(4) ENDIF ; Reset the pasword on the account $USERACCOUNT = GetObject($STRUSERPATH) $USERACCOUNT.GetInfo $USERACCOUNT.setpassword("$PASSWORD") $USERACCOUNT.put("PasswordExpired", 1) $USERACCOUNT.setinfo $= $FORM.MsgBox("The password for user (" + $STRUSERNAME + ") has been Reset.", "Password Reset") $WAIT = 0 ; close the form called $WAIT $USERACCOUNT = 0 $FORM.Refresh $CMDEXIT.SetFocus $CMDRESET_PASSWORD.Enabled = 0 ; Disable the reset password button
ENDFUNCTION
this does lots of logging and checks if the person running the file (i'm using kixcrypt to make it an exe) is in the account operators group
check it out and comments would be great
this is a very much scaled down version of shawns MUD because i didn't need and i didn't want to show the users all the power they had
hope this helps
btw i found the expiredpassword somewhere on this board (sorry) i also use adsi25.chm which i downloaded from microsofts website
Pete
p.s. hope you don't mind me using your code shawn
|
Top
|
|
|
|
#85230 - 2002-08-20 05:01 PM
Re: Kixforms: Manage User Details - Here`s MUD in your eye !
|
Bonji
Starting to like KiXtart
Registered: 2001-09-28
Posts: 169
Loc: Virginia
|
I found the adsi25.chm file. It should be very helpful.
I've got the Password Expired checkbox in and working now. You can get the latest version of this script at http://www.rgcweb.org:90
My script should take into account a user's authorization to change passwords and such (based on their authorization to make the changes). It also does not limit a user to belonging to the Account Operators group as they can be assigned Set Password permissions to a group of users and still be able to manage the accounts with this tool. If they are not an admin user they can only change the password and unlock an account. Here's an example of why I included the other information for non-admins. Our manager in a remote facility can reset passwords on all users in that facility. If a user comes to him/her stating they cannot logon, the manager can see all the reasons that person cannot sign on if it's not a password issue. i.e. disabled account, expired account. Plus I don't think it does any harm for the manager to see what groups the user is a member of.
Just my 2 cents
Thanks, Ben [ 20. August 2002, 17:08: Message edited by: Ben Dulaney ]
|
Top
|
|
|
|
#85231 - 2002-08-20 05:09 PM
Re: Kixforms: Manage User Details - Here`s MUD in your eye !
|
Peter Fry
Getting the hang of it
Registered: 2001-07-23
Posts: 95
Loc: Bristol UK
|
Ben
Good points , i just wanted to use the inbuilt groups (in NT) to get this to work as i didn't want to mess around with adding permissions to other groups/ users (just call me lazy)
script is looking good btw
Pete
|
Top
|
|
|
|
#85233 - 2002-08-20 05:38 PM
Re: Kixforms: Manage User Details - Here`s MUD in your eye !
|
Bonji
Starting to like KiXtart
Registered: 2001-09-28
Posts: 169
Loc: Virginia
|
I just posted a change to the code. I forgot to make the password expire when the password is changed. Now it does that automatically.
Great news on Kixforms Shawn. I'm really enjoying working with it. Does this version support W9X? I'm wanting to convert my logon script to Kixforms, however we still have many W9X machines around.
Please let me know if there are any suggestions to improve my code. Thanks for the ones already made. It is a much better script now for it.
Thanks, Ben
|
Top
|
|
|
|
#85234 - 2002-08-20 05:59 PM
Re: Kixforms: Manage User Details - Here`s MUD in your eye !
|
Peter Fry
Getting the hang of it
Registered: 2001-07-23
Posts: 95
Loc: Bristol UK
|
Ben
why not just use a reset password button (like mine) that sets it to 123456 i.e. $PASSWORD variable
because if you are setting it to expire when you change the password you might as well set it to a default password
and 123456 is a password peeps can't get wrong i.e. no asking questions like is that upper or lower case etc
just an idea
Pete
|
Top
|
|
|
|
#85235 - 2002-08-20 06:03 PM
Re: Kixforms: Manage User Details - Here`s MUD in your eye !
|
rclarke
Starting to like KiXtart
Registered: 2001-06-08
Posts: 178
Loc: Oxfordshire, United Kingdom.
|
KiXforms 2.0.2 is now uploaded and available from the downloads page on the KiXforms Website. Enjoy
|
Top
|
|
|
|
#85236 - 2002-08-20 06:14 PM
Re: Kixforms: Manage User Details - Here`s MUD in your eye !
|
Borte
Fresh Scripter
Registered: 2002-08-20
Posts: 29
Loc: Europe / Norway
|
Hello Everybody!
A little off topic but...
Shawn: An comment on the locked property:
In VB is it possible to set an txtbox as enabled to false and locked to true to get a textbox look like an label, but with all the properties of an textbox. Is this possible in KixForms? I've tried to achive this but the textbox is always ending up with the text grayed out.
The function would be fullfilled if the forecolor of this textbox didn't change to gray but stayed the same if the value locked is true and enabled is false.
Any ideas?
I'm trying to show information to the user, but the text is to big to fit in one label field so i have to use multiple. Not a good solution!
Borte
|
Top
|
|
|
|
#85238 - 2002-08-20 06:43 PM
Re: Kixforms: Manage User Details - Here`s MUD in your eye !
|
Bonji
Starting to like KiXtart
Registered: 2001-09-28
Posts: 169
Loc: Virginia
|
I added the button to Reset a password. I shortened the Full Name line to get my button to fit. I don't need it longer, but if it bothers some I can rework the form to make it all fit properly. Set Password is now an Admin-only feature. I think this is a good compromise.
Ben http://www.rgcweb.org:90
|
Top
|
|
|
|
#85239 - 2002-08-21 01:04 PM
Re: Kixforms: Manage User Details - Here`s MUD in your eye !
|
Peter Fry
Getting the hang of it
Registered: 2001-07-23
Posts: 95
Loc: Bristol UK
|
Ben
Small comment, is there any point setting the password to expire when the admin sets the password to a certain word? because the first thing they will do is uncheck the password expired box
Regards
Pete
|
Top
|
|
|
|
Moderator: Shawn, ShaneEP, Ruud van Velsen, Arend_, Jochen, Radimus, Glenn Barnas, Allen, Mart
|
1 registered
(Allen)
and 382 anonymous users online.
|
|
|