I've a vbscript to authenticate an user credentials, one part of my code is
Set objLocalGroup = GetObject("WinNT://./Administrators, group")
now this code fail in Windows(German and French Version), after debugging, I think the problem is that, in German Version, the Group corresponding to English "Administrators" was named "Administratoren"..
Is there any generic way to get the Object?
Thanks.
The administrators group has a well-known SID, so something like this should work:
Set wmi = GetObject("winmgmts://./root/cimv2")
Set admins = wmi.Get("Win32_SID.SID='S-1-5-32-544'")
Set objLocalGroup = GetObject("WinNT://./" & admins.AccountName & ",group")
Another way would be getting the name from the Win32_Group class:
Set wmi = GetObject("winmgmts://./root/cimv2")
qry = "SELECT * FROM Win32_Group WHERE SID = 'S-1-5-32-544'"
For Each group In wmi.ExecQuery(qry)
Set objLocalGroup = GetObject("WinNT://./" & group.Name & ",group")
Next
Related
There are needs when we want to populate user details from Active Directory. Sharing my code to access user details from AD.
Introduction
People often ask for querying active directory by passing network account name or email. There are many articles already available on this, and one might get confused. Here is simple working code to access user detail from active directory database-
Please note in order to access AD, you have to specify valid network account credentials in connection.
function GetADDetails(userId)
Set objConn = Server.CreateObject("ADODB.Connection")
objConn.provider ="ADsDSOObject"
objConn.Properties("User ID") = "domain\userId" 'specify domain and
network account
objConn.Properties("Password") = "password" 'specify network password
objConn.Properties("Encrypt Password") = True
objConn.open "Active Directory Provider"
Set objCom = CreateObject("ADODB.Command")
Set objCom.ActiveConnection = objConn
strTarget="GC://abc.com" 'your domain name
objCom.CommandText ="select sn, givenName, sAMAccountName, name,mail,
telephoneNumber FROM '"+strTarget+"' where sAMAccountname='"+userId+"'"
Set objRS = objCom.Execute
If Not (objRS.EOF Or objRS.BOF) Then
GetADDetails=objRS.GetRows
Else
GetUserData = Null
End If
'Close objects and remove from memory
objRS.Close
objConn.Close
Set objRS = Nothing
Set objConn = Nothing
Set objCom = Nothing
end function
How to get the full computer name using Test Complete
For example,
Computer Name : RAMAKRISHNA
Full Computer Name : RAMAKRISHNA.XYZ.COM
Domain Name : XYZ.COM
Using TestComplete, I have tried the following:
log.Message sys.HostName 'Gives "RAMAKRISHNA"
log.Message sys.DomainName 'Gives "XYZ"
Here, I am missing to get ".COM" using TestComplete
Please help me to get the full computer like RAMAKRISHNA.XYZ.COM
You can do this using WMI.
Sub Test
Log.Message getFullPCName
End Sub
Function getFullPCName
Set cSystem = WMI.Service.InstancesOf("Win32_ComputerSystem").ItemIndex(0)
getFullPCName = cSystem.Name & "." & cSystem.Domain
End Function
Windows Management Instrumentation technology provides ways to manage Windows settings and operations. You can use the Win32_ComputerSystem WMI class to get information on the system. TestComplete provides an easy way to work with WMI using the corresponding object. Find more information in the WMI Object help topic.
Try this if it helps:
Set wshShell = CreateObject( "WScript.Shell" )
strComputerName = wshShell.ExpandEnvironmentStrings( "%COMPUTERNAME%" )
WScript.Echo "Computer Name: " & strComputerName & "." & GetDomainName
Function GetDomainName()
Dim Info
Set Info = CreateObject("AdSystemInfo")
GetDomainName = Info.DomainDNSName
End Function
Me and a non-programmer would appreciate some help with VBScript to remove anything that's not a letter or number from the PC's name and store the modified name. Then join or rejoin the domain.
Example:
pc name: pc-home-543
rename: pchome543
join domain: homeworkplay
restart and it all works
You can rename a computer using the Rename method of the Win32_ComputerSystem WMI class. For replacing non-alphanumeric characters use a regular expression.
Set net = CreateObject("WScript.Network")
Set wmi = GetObject("winmgmts://./root/cimv2")
Set re = New RegExp
re.Pattern = "[^a-z0-9]*"
re.Global = True
re.IgnoreCase = True
For Each sys In wmi.ExecQuery("SELECT * FROM Win32_ComputerSystem")
sys.Rename re.Replace(net.ComputerName, "")
Next
You need to reboot the computer for the name change to become effective:
CreateObject("WScript.Shell").Run "shutdown -r -t 0"
I don't think you need to re-join the system to the domain afterwards, but if you do, you can do it with the JoinDomainOrWorkgroup method of the same WMI class.
I managed to get ADS users without specifying authentication details from my ADS domain(ex,mydomain.com). I used ADODB.Connection and ADODB.Command.
I also have sub-domains like test.mydomain.com. How to get user details from sub-domain, by specifying authentication details of a user belonging to test.mydomain.com .
You can query records from trusted domains by using their LDAP name as the search base. However, since the DC of the parent domain doesn't contain the information about objects in the child domain it will generate a referral. The ADODB.Command object won't automatically chase that referral, because the respective named property "Chase referrals" defaults to 0x00 (ADS_CHASE_REFERRALS_NEVER). You have to set the property to one of the following two values
ADS_CHASE_REFERRALS_SUBORDINATE (0x20)
ADS_CHASE_REFERRALS_ALWAYS (0x60)
to make your query follow the referral. Example:
base = "<LDAP://dc=test,dc=example,dc=org>"
filter = "(&(objectCategory=computer)(name=foo*))"
attr = "name,description"
scope = "subtree"
Set conn = CreateObject("ADODB.Connection")
conn.Provider = "ADsDSOObject"
conn.Open "Active Directory Provider"
Set cmd = CreateObject("ADODB.Command")
Set cmd.ActiveConnection = conn
cmd.CommandText = base & ";" & filter & ";" & attr & ";" & scope
cmd.Properties("Chase referrals") = &h60 ' <-- here
Set rs = cmd.Execute
I wrote a wrapper class (ADQuery) to encapsulate the boilerplate code for Active Directory queries (because I got fed up with writing it over and over again). With that you could simplify the above to something like this:
Set qry = New ADQuery
qry.SearchBase = "dc=test,dc=example,dc=org"
qry.Filter = "(&(objectCategory=computer)(name=foo*))"
qry.Attributes = Array("name", "description")
Set rs = qry.Execute
Either way you may still need to run the script on a DC, though.
I'm aware of using ADsDSOobject with explicit credentials to connect to an AD object to read attributes, list members, etc. And the GetObject("LDAP//...") method for manipulating those objects (adding group members, changing properties, etc.), but is there a way to manipulate attributes and memberships with explicit credentials?
The first method I'm referring to is something like...
Set conn = Server.CreateObject("ADODB.Connection")
Set cmd = Server.CreateObject("ADODB.Command")
conn.Provider = "ADsDSOobject"
conn.Properties("User ID") = AD_Username
conn.Properties("Password") = AD_Password
conn.Properties("Encrypt Password") = True
conn.Open "Active Directory Provider"
Set cmd.ActiveConnection = conn
But none of the script examples that perform tasks like adding a user to a domain group can use this approach as far as I know. Is there a way to do that somehow?
In VBScript, very often, you are using ADSI to add user to group. Here is a sample code to add a user to a domain group
Set objUser = GetObject("LDAP://CN=jeffsmith,DC=fabrikam,DC=com")
Set objGroup = GetObject("LDAP://CN=group1,DC=fabrikam,DC=com")
objGroup.add(objUser.ADsPath)
It works fine but it's always using your current user credentails. It's because GetObject doesn't allow you to specify alternate credentials.
To specify another credentails, you need to replace GetObject by OpenDSObject
Const ADS_SECURE_AUTHENTICATION = 1
Set openDS = GetObject("LDAP:")
Set objUser = openDS.OpenDSObject("LDAP://CN=jeffsmith,DC=fabrikam,DC=com",
"username",
"password",
ADS_SECURE_AUTHENTICATION)
Set objGroup = openDS.OpenDSObject("LDAP://CN=group1,DC=fabrikam,DC=com",
"username",
"password",
ADS_SECURE_AUTHENTICATION)
objGroup.add(objUser.ADsPath)