L'auteur
Mike Gagnon Canada Membre Simple # 0000000025 enregistré le 14/10/2004
Gagnon Mike Pointe Cla H9R 3K8 de la société Carver Technologies Inc. Fiche personnelle
Note des membres
pas de note
|
Contributions > 09 - Automation > WMI (Windows Management Instrumentation)
Fonctions avec Active Directory et LDAP
# 0000000886
ajouté le 31/08/2014 22:45:57 et modifié le 16/09/2014
consulté 13194 fois
Niveau
expert
|
Description |
Voici quelques fonctions utiles pour gérer les usagers dans Active Directory avec Foxpro. Ces fonctions requiert que vous soyez sur le meme serveur (ou sur le meme LAN) qu'Active Directory. Et il faut agir comme administrateur. |
Code source : |
&& Supprimer un usager
Procedure DeleteUser(tcUser)
lcUserId ='CN='+tcUserID
objRootLDAP = Getobject("LDAP://RootDSE")
strDNSDomain = objRootLDAP.Get("DefaultNamingContext") && Get the context
strOU = "OU=Test,OU=OEB,OU=SAAS-users," && Your correct specifications
*' Prepare the OU and the Group
lcPath="LDAP://"+ strOU + strDNSDomain
* Specify the User.
strUser = "CN="+tcUser
* Bind to the object.
objADAM = Getobject(lcPath)
*Delete the User.
objADAM.Delete("user", strUser)
Endproc
&& Vérifier l'existence d'un usager.
PROCEDURE verifyIfUserExists(tcUserID)
LOCAL lcUserId
lcUserId ='CN='+tcUserID
objRootLDAP = Getobject("LDAP://RootDSE")
strDNSDomain = objRootLDAP.Get("DefaultNamingContext") && Get the context
strGroup = "CN=oeb-test,"
strOU = "OU=Test,OU=OEB,OU=SAAS-users," && You correct specifications
*' Prepare the OU and the Group
objGroup = Getobject("LDAP://"+ strGroup + strOU + strDNSDomain)
objOU =Getobject("LDAP://" +strOU + strDNSDomain)
For Each objUser In objOU
If objUser.Class = Lower("User")
IF objUser.name = lcUserId
RETURN .T.
ENDIF
ENDIF
Endfor
RETURN .F.
ENDPROC
&& Bloquer le compte d'usager
PROCEDURE DisableAUser(tcUserId)
#Define ADS_UF_ACCOUNTDISABLE 0x2
objRootLDAP = Getobject("LDAP://RootDSE")
strDNSDomain = objRootLDAP.Get("DefaultNamingContext") && Get the context
strOU = "OU=Test,OU=OEB,OU=SAAS-users," && You correct specifications
objUser = Getobject("LDAP://CN=" + tcUserId +","+;
strOU+strDNSDomain)
objUser.Put( "userAccountControl", ADS_UF_ACCOUNTDISABLE)
objUser.SetInfo
ENDPROC
&& Changer de mot de passe
Procedure changePassword(tcUserId,tcPassword)
objRootLDAP = Getobject("LDAP://RootDSE")
strDNSDomain = objRootLDAP.Get("DefaultNamingContext") && Get the context
strOU = "OU=Test,OU=OEB,OU=SAAS-users," && Your correct specifications
objUser = Getobject("LDAP://CN=" + tcUserId +","+;
strOU+strDNSDomain) && Get back the object to add a few more properties
objUser.setPassword(tcPassword) && Set the password that gets encrypted -- In order to enable the account you need to set the password first
&& and it has to follow the password policies (eg: minimum number of characters, complexity etc)
objUser.Put( "userAccountControl",ADS_UF_NORMAL_ACCOUNT) && Enable the user - by default it is disable
objUser.SetInfo && Update the user's file
&& Ajouter un usager
Procedure addUser(tcName,tcUserId,tcFirstName,tcLastName,tcComputerName,;
tcPassword)
#Define ADS_UF_NORMAL_ACCOUNT 0x200
#Define wbemAuthenticationLevelDefault 0x0
#Define wbemChangeFlagCreateOrUpdate 0x0
cWMInamespace = "root/directory/LDAP"
cWMIclass = "ds_user"
strOU = "OU=Test,OU=OEB,OU=SAAS-users,"
strGroup = "CN=oeb-test,"
*' Bind to Active Directory and get LDAP name
objRootLDAP = Getobject("LDAP://RootDSE")
strDNSDomain = objRootLDAP.Get("DefaultNamingContext") && Get the context
objWMILocator = Createobject("WbemScripting.SWbemLocator")
objWMILocator.Security_.AuthenticationLevel = wbemAuthenticationLevelDefault && We need the proper security to do this
objWMIServices = objWMILocator.ConnectServer(tcComputerName, cWMInamespace, "", "") && Connect to the server that has the Active directory
objWMIClass = objWMIServices.Get(cWMIclass) && Determine what we want to do -- Add a user.
objWMIInstance = objWMIClass.SpawnInstance_
objWMIInstance.DS_sAMAccountName = tcName && Name of the user
objWMIInstance.DS_userPrincipalName=tcUserId && Login name
objWMIInstance.DS_givenName=tcFirstName && First name
objWMIInstance.DS_sn=tcLastName && Last name
objWMIInstance.DS_displayName = tcUserId && Display Name
objWMIInstance.DS_distinguishedname=tcName && Complete name
objWMIInstance.ADSIPath = "LDAP://CN=" + tcUserId +","+;
strOU+strDNSDomain && Create an object with the properties
objWMIInstance.Put_(wbemChangeFlagCreateOrUpdate) && Save the user object in Active Directory
objUser = Getobject("LDAP://CN=" + tcUserId +","+;
strOU+strDNSDomain) && Get back the object to add a few more properties
objUser.setPassword(tcPassword) && Set the password that gets encrypted -- In order to enable the account you need to set the password first
&& and it has to follow the password policies (eg: minimum number of characters, complexity etc)
objUser.Put( "userAccountControl",ADS_UF_NORMAL_ACCOUNT) && Enable the user - by default it is disable
objUser.SetInfo && Update the user's file
*' Prepare the OU and the Group
objGroup = Getobject("LDAP://"+ strGroup + strOU + strDNSDomain)
objOU =Getobject("LDAP://" +strOU + strDNSDomain)
For Each objUser In objOU && Add the user to the correct group
If objUser.Class = Lower("User") And tcUserId $ objUser.ADsPath
objGroup.Add(objUser.ADsPath)
Endif
Endfor
Endproc
|
Commentaires |
Aucun commentaire enregistré ...
|