Database Search
If you can't find the information using the categories below, post a question over in our WinBatch Tech Support Forum.
TechHome
ADSI
 |
- !!!NEWSFLASH!!!
- !Reading List
- 1063 Object Doesnt Exist
- 1068 Error trying to duplicate user groups
- 1073 Cannot Contact the LDAP Server
- 234 Unable to Parse ADSI Path on WinPE
- 275 Search Return Too Many Object Paths
- Active Directory - Force Replication
- ACTIVEDS.dll could not be Found in the Specified Path
- AD Account Creation Date
- AD Event Monitoring Issues
- AD Locked Account Problem
- AD MachineRole Property
- AD OU Membership
- AD Password Expires Date
- Add a user to a OU
- Add more then one Othermailbox to Account
- Add New Mail Account to users that do not have one
- Adding a Machine to an AD Domain
- Adding a workstation (NT4 and W2k) to the domain
- Adding a Workstation to AD in Correct OU
- Adding NT4 Global Group to a Windows 2000 Domain Local Group
- ADSI and COM
- ADSI Function Equivalent to wntMemberSet
- ADSI IIS related bug in Win2k3 sp1
- ADSI Scriptomatic
- ADSI Special Characters
- ADSI Support on Windows PE
- Attributes - Property Names - of an AD Account
- Bad Path Error on NT4
- Binding to the Global Catalog
- BitLocker Recovery Key
- Check for Admin Access
- Check if a Computer Belongs to a Certain OU
- Check if User Account Object Exists
- Check to see if Print Services are Running
- COM - Active Directory Published Certificates Info
- Convert Qword
- Converting Properties to a Human Readable Form
- Copy User or Computer account in AD
- Create a Mailbox and NT-Security-Descriptor property
- Create an OU in ADSI
- Create Virtual Directory
- Creating Computer Accounts
- Creating IIS 5 FTP Users
- Date AD account was modified last
- Delete Mailbox in Exchange
- Detect Disabled Accounts
- Disable Computer Accounts
- Display list of OUs
- Distribution List and Members
- Dont Expire Password
- dsAddtoGrp 1063 Object Does Not Exist
- dsAddToGrp and What is TESTECH
- dsDeleteObj Issue
- dsFindPath Limitation
- dsFindPath Search Request Slow
- dsfindpath Syntax Error
- dsFindPath with NULL Criteria
- dsGetMemGrp Sample
- dsGetProperty Error 1001 Using Slash in Path
- dsGetUsersGrps Error 1001
- dsGetUsersGrps Problem
- dsMoveObj error 1068
- dssetcredentx Error - The Requested Object does not Exist
- dsSetPassword and Blank Passwords
- dsSetProperty Error 246 Custom Attribute
- dsSetProperty userAccountControl
- dsSetSecProp Set Security Permission
- Editing IIS Properties in 2003 SP1
- Enumerating computers in a Win2k AD domain
- Error 1026 - the specified domain either does not exist or could not be contacted
- Error 1045 Operation is not Allowed on RDN
- Error 1047 Creating Exchange 5.5 Mailbox
- Error 1047 Operations Error Occured
- Error 1047 with dsCreateObj on Exchange 2K
- Error 1062 Constraint Violation Setting pwdLastSet Property
- Error 1063 using dsObjCreate
- Error 1068 The server is unwilling to Perform
- Error 1068 with dsSetObj on New User Account
- Error 212
- Error 222 with dsGetChildPath
- Error 234 Unable to parse ADSI path on NT4
- Error 239 Attempting to Rename an Account
- Error 241 when trying to remove a user from group
- Error 243 - Not a property of the object.
- Error 246 - Propertys syntax not supported
- Errors 1001 and 1026
- Examples for ADSI not working
- Exchange with ADSI
- Extract SMTP address in Exch 5 5
- Find DHCP
- Find Exchange Servers
- Finding a Users Exchange Server
- Force Password Change for ADSI User
- ForeignSecurityPrincipals Issue
- Get Computer Names
- Get Current User Path
- Get Effective Permissions
- Get Exchange Server a Users Mailbox is On
- Get List of all Exchange Aliases from Active Directory
- Get Logged In User
- Get User Properties
- Get Users Full Mame from their Logon ID
- Getting LastLoginTimestamp Value in ADSI
- Group Membership Checking
- How do I set the Password and Other Properties
- How to Get at Virtual Dirs
- How to Interpret UserFlags
- How to Pull all ObjectClass Items
- How to Rename an Account
- How to Specify ADSI Paths
- Instantiating Application Objects with ADSI
- LDAP Path with Comma
- LDAP Query Syntax
- List and Retrieve Groups in an OU
- List Computer Objects
- List Disabled User Accounts on the Domain
- List Groups a User is a Direct Member Of
- List Groups Computer is Member Of
- List Groups in OU
- List OU Objects
- List Users that Belong to an OU W2k AD
- List Users with Multiple Attributes
- Lookup Hidden Mailboxes in Exchange 5.5
- Member of Nested Group
- Modify UserAccountControl Attribute
- Move computer between containers
- MsExchMailboxSecurityDescriptor
- Name display --lastname, firstname
- Problem doing CreateMailbox on Exchange 5
- Problem Getting and Settind the AccountExpires Active Directory Property
- Proper AD Query
- Proper Syntax for an LDAP Path
- Query User to Identify which OU it Belongs
- Recursive Searching and dsGetChildPath vs dsFindPath
- Removing User Must Change Password At Next Logon
- Rename Computer in AD
- Renaming a Group in Active Directory
- Reset passwords in Active Directory
- Return Closest Domain Controller using ADSI
- RootDSE Explanation
- Search All Users in AD for a Property
- Set AccountExpires attribute
- Set Logon Name - ADSI
- Setting Expiry Date on AD Account
- Synchronize Domain and Local Password Issue
- Terminal Server Properties
- Test if Object is a Group
- Three Ways a User is Part of a Group in AD
- User Permissions on an AD Object
- Users Last Logon Time
- Verifying User Credentials Against AD
- Virtual directories on IIS via ADSI
Can't find the information you are looking for here? Then leave a message over on our WinBatch Tech Support Forum.
Return Closest Domain Controller using ADSI
Question:
How can I retrieve the name of the closest domain controller using ADSI functions. I have used wntGetDC (1) to return the PDC, but I'm not sure if wntGetDC (0) will give me what I need. We are running a script that performs various ADSI calls domestically and internationally. It succeeds most of the time, except when running it internationally. The ADSI call wants to come back to the US to get its information, instead of using a closer server at the site. Please help.Answer:
;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;
; SiteFunctions.wbt
; Functions for AD Site determination and other site functions
; written by Carlos E Junco Jr
;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;
if FileLocate("WWADS34I.DLL") == "" then exit
AddExtender("WWADS34I.DLL")
;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;
; Functions
;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;
;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;
; GetSubnetObj(IPAddress, AsCN)
; Gets SubnetObj that IP Address belongs to
; IPAddress(string) = IPAddress whose subnet membership you need
; SubnetMask(string) = Subnet mask used by host at IPAddress
; DomainName(string) = name of domain in forest or domain controller (i.e. domainname.com or server.domainname.com)
; Returns = site object which IPAddress belongs to, or returns "**None**" if belongs to no subnet object,
; or returns "**Error**" if error occurs
;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;
#definefunction GetSubnetObj(IPAddress, SubnetMask, DomainName)
subnetStr = ""
subnetMaskBits = 0
strADRoot = ""
subnetObjPath = ""
; Check if valid IP Address string
i = ItemCount(IPAddress, ".")
if i != 4 then return "**Error**"
for i = 1 to 4
num = ItemExtract(i, IPAddress, ".")
if !IsNumber(num) then return "**Error**"
if num < 0 || num > 255 then return "**Error**"
next
; Check if valid Subnet Mask string
i = ItemCount(SubnetMask, ".")
if i != 4 then return "**Error**"
for i = 1 to 4
num = ItemExtract(i, SubnetMask, ".")
if !IsNumber(num) then return "**Error**"
if num < 0 || num > 255 then return "**Error**"
next
; Create subnet string
for i = 1 to 4
ipNum = ItemExtract(i, IPAddress, ".")
subnetNum = ItemExtract(i, SubnetMask, ".")
part = ipNum & subnetNum
subnetStr = strcat(subnetStr, part)
if i != 4 then subnetStr = strcat(subnetStr, ".")
; count bits for subnet
for c = 1 to 8
subnetMaskBits = subnetMaskBits + ((subnetNum >> (c - 1)) & 1)
next
next
subnetStr = strcat(subnetStr, "\/", subnetMaskBits)
; Get Subnet Object
strADRoot = dsGetProperty("LDAP://%DomainName%/RootDSE", "configurationNamingContext")
SubnetObjPath = "LDAP://%DomainName%/cn=%subnetStr%,cn=subnets,cn=sites,%strADRoot%"
if !dsisObject(SubnetObjPath) then return "**None**"
; return string
return SubnetObjPath
#endfunction
;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;
; GetSiteObj(SubnetObj)
; Gets Site Object associated with subnet object
; SubnetObj(string) = full path to subnet ojbect
; returns Site Object associated to the subnet object or returns "**Error**" if error occurs
;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;
#definefunction GetSiteObj(SubnetObj)
siteStr = ""
domainPrefix = ""
; Check if valid object
if !dsisObject(SubnetObj) then return "**Error**"
siteStr = dsGetProperty(SubnetObj, "siteObject")
i = StrIndex(SubnetObj, "/", 8, @FWDSCAN)
domainPrefix = StrSub(SubnetObj, 1, i)
return strcat(domainPrefix, siteStr)
#endfunction
;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;
; CreateLDAPChildStr(ParentPath, Child)
; Create LDAP child string
; ParentPath(string) = parent LDAP path
; Child(string) = child object(s) (i.e. "CN=Whatever" or "CN=Whatever,CN=SomethingElse")
; returns full ldap path to child or "" if error
;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;
#definefunction CreateLDAPChildStr(ParentPath, Child)
i = StrIndex(ParentPath, "/", 8, @FWDSCAN)
if i < 9 then return ""
str = StrSub(ParentPath, 1, i)
if str == "" then return ""
str2 = StrSub(ParentPath, i + 1, -1)
if str2 == "" then return ""
return strcat(str, Child, ",", str2)
#endfunction
;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;
; GetSiteDCs(SiteObj, DomainName, flags)
; Gets domain controlles in the specified site
; SiteObj(string) = path to site object
; DomainContext(string) = domain whose domain controllers you want, if blank, will get DCs from all domains (i.e. "DC=Domain,DC=com")
; flags(int) = flags specifying kinds of domain controllers, can be added together:
; 1 = Global Catalog Server
; 2 = Bridgehead Server
; returns list of domain controllers or "**Error**" if error occurs
;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;
#definefunction GetSiteDCs(SiteObj, DomainContext, flags)
SiteServersPath = ""
ServersPaths = ""
DCsPaths = ""
OnlyGCs = flags & 1
OnlyBHs = flags & 2
DomainContext = StrClean(DomainContext, " ", "", @FALSE, 1)
; Check if valid siteobj
if !dsisObject(SiteObj) then return "**Error**"
SiteServersPath = CreateLDAPChildStr(SiteObj, "CN=Servers")
if SiteServersPath == "" then return "**Error**"
ServersPaths = dsGetChldPath(SiteServersPath, "server")
c = ItemCount(ServersPaths, @TAB)
if c == 0 then return ""
for i = 1 to c
ServerPath = ItemExtract(i, ServersPaths, @TAB)
if ServerPath == "" then return "" ; shouldn't happen
; Check if DC
NTDSSettingsPath = CreateLDAPChildStr(ServerPath, "CN=NTDS Settings")
if !dsisObject(NTDSSettingsPath) then continue
if (OnlyGCs)
isGC = dsGetProperty(NTDSSettingsPath, "options")
if isGC == "" then continue
if !(isGC & 1) then continue
endif
if (OnlyBHs)
transports = dsGetProperty(ServerPath, "bridgeheadTransportList")
if transports == "" then continue
endif
if DomainContext != ""
hostname = dsGetProperty(ServerPath, "dNSHostName")
if hostname == "" then return "" ; shouldn't happen
defNamingContext = dsGetProperty("LDAP://%hostname%/RootDSE", "defaultNamingContext")
defNamingContext = StrClean(defNamingContext, " ", "", @FALSE, 1)
if stricmp(defNamingContext, DomainContext) != 0 then continue
endif
DCsPaths = ItemInsert(ServerPath, -1, DCsPaths, @TAB)
next
return DCsPaths
#endfunction
;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;
; Test
;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;
UserAccount = "admin1@subdomain.root.domain.com"
pass = AskPassword("Enter Password", UserAccount)
dsSetCredent(UserAccount, pass)
; You would get the IP and subnet of the machine the script is running on for closest DC or Site.
subnet = GetSubnetObj("10.128.200.63", "255.255.255.0", "subdomain.root.domain.com")
Message("subnet", subnet)
site = GetSiteObj(subnet)
Message("site", site)
DCs = GetSiteDCs(site, "", 1)
AskItemList("Domain Controllers", DCs, @TAB, @unsorted, @single)
Article ID: W15820
File Created: 2004:03:30:15:41:00
Last Updated: 2004:03:30:15:41:00