Can't find the information you are looking for here? Then leave a message over on our WinBatch Tech Support Forum.
AddExtender("wwads34i.dll") ;;; Adsi extender ;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;; ;;; User Defined Functions ;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;; ;*************************************************************************** ;** Recursive function that adds each group's groups to the list. ;** Input sPreFix - moniker prefix LDAP:// + server or domain or "" ;** sGroup - DN of group to add ;** lGroup - tab delimited list of groups so far ;** Return - list of groups with group DNs+Prefix added. ;*************************************************************************** #DefineFunction AddGroups(sPreFix, sGroup, lGroups) ;Get the group object. saMemberOf = 0 LastError() nErrorMode = ErrorMode(@OFF) objGroup = ObjectGet( StrCat(sPrefix, sGroup) ) ; Make sure an object was returned. If ObjectTypeGet(objGroup) == "DISPATCH" saMemberOf = objGroup.GetEx("MemberOf") EndIf ErrorMode(nErrorMode) ; Only if user has groups. If ObjectTypeGet(saMemberOf) == "ARRAY|VARIANT" ; Add each group's groups ForEach sGroup In saMemberOf If sGroup != "" lGroups = AddGroups(sPrefix, sGroup, lGroups) lGroups = ItemInsert( StrCat(sPrefix, sGroup) , -1, lGroups, @TAB) EndIf Next EndIf objGroup = 0 Return lGroups #EndFunction ;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;; ;;; Main - Get all groups for a user. ;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;; ADS_SECURE_AUTHENTICATION = 1 ; Regular authentication sPrefix = "LDAP://shamrock/" ; Using server but could be domain. sUser = "jclass\GuessWho" ; Credentials sPassword = "*TopSecret*" lGroups = "" ; Result as list of group paths. ; Get the top level class object objLdap = ObjectGet("LDAP:") ; Create target user path sAdsPath = StrCat(sPrefix,"CN=Homer Simpson,CN=Users,DC=jclass,DC=org") ; Can use ObjectGet, if an AD object is open. objUser = objLdap.OpenDsObject( sAdsPath, sUser, sPassword, ADS_SECURE_AUTHENTICATION) ; This call will error if the user only has a primary group. saMemberOf = 0 LastError() nErrorMode = ErrorMode(@OFF) saMemberOf = objUser.GetEx("MemberOf") ErrorMode(nErrorMode) ; Does the user belongs any groups? If ObjectTypeGet(saMemberOf) == "ARRAY|VARIANT" ForEach sGroup In saMemberOf ; A group object? If sGroup != "" ; Add parent groups. lGroups = AddGroups(sPreFix, sGroup, lGroups) lGroups = ItemInsert( StrCat(sPrefix, sGroup), -1, lGroups, @TAB) EndIf Next EndIf ;****************************************************** ; Note that we are hanging on to the user object so we ; don't have to re-autenticate. ;****************************************************** ; Use the extender to get the Primary group ; (Can be done with COM but is a bit convoluted. if dsGetPrimGrp ; is causing a problem, a COM based solution can be worked up.) sPrimeGroup = dsGetPrimGrp(sAdsPath) ; Get the dn so we don't have to parse the full path. sPrimeGroup = dsGetProperty(sPrimeGroup, "distinguishedName") ; Now add any parent groups. lGroups = AddGroups(sPreFix, sPrimeGroup, lGroups) ; Finally, add the primary group. lGroups = ItemInsert( StrCat(sPrefix, sPrimeGroup), -1, lGroups, @TAB) ; Finish cleanup objUser = 0 objLdap = 0 ; Did it work? Message("Groups", lGroups)
Article ID: W16813
File Created: 2007:07:03:14:26:22
Last Updated: 2007:07:03:14:26:22