Mr. Matt
Mar 24 2008, 10:14 PM
This was a script I wrote for automating the creation of over 1000 some accounts within Active Directory over summer before the new fiscal year in 2007. It is not intended for direct use. Please make changes necessary to reflect your user management or production environment. #!/usr/bin/perl
use strict;
# use Tk;
# use Tk::DialogBox;
# use Tk::Carp qw/cluck warningsToDialog fatalsToDialog/;
use Win32::FileSecurity qw(MakeMask Get Set);
use Win32::OLE;
/*
my $adp_acct = 'USERNAME';
use constant ADP_DOMAIN = 'DOMAIN';
use constant ADP_PARENT_OU => 'ou=Sub Organizational Unit, ou=Organizational Unit, dc=' . ADP_DOMAIN;
use constant ADP_GROUP_OU => 'cn=Group Name, dc=DOMAIN';
use constant CHANGE_PASSWORD_GUID => '{ab721a53-1e2f-11d0-9819-00aa0040529b}'; # User cannot change password
use constant ADS_UF_DONT_EXPIRE_PASSWD => 0x10000; # Password does not expire
use constant ADS_CUSTOM_ACCOUNT_ENABLED => 0x512; # Account is enabled
use constant ADS_RIGHT_DS_CONTROL_ACCESS => 0x100;
use constant ADS_ACETYPE_ACCESS_DENIED => 0x1;
use constant ADS_ACETYPE_ACCESS_ALLOWED_OBJECT => 0x5;
use constant ADS_ACETYPE_ACCESS_DENIED_OBJECT => 0x6;
use constant ADS_ACEFLAG_OBJECT_TYPE_PRESENT => 0x1;
my $ADP_USER_OU = "ou=Container, " . ADP_PARENT_OU;
my $adp_domain = 'DOMAIN';
print LOG "Adding $adp_acct...\n";
my $objDomain = Win32::OLE->GetObject("LDAP://$ADP_USER_OU");
my $objUser = $objDomain->Create('user', 'cn=' . $adp_acct);
$objUser->Put('sAMAccountName', "$adp_acct");
$objUser->Put('userPrincipalName', "$adp_acct\@" . ADP_DOMAIN);
$objUser->Put('userAccountControl', ADS_UF_DONT_EXPIRE_PASSWD);
$objUser->SetInfo;
my %current_acl;
mkdir $adp_homedirectory;
my $acl_admin = MakeMask(qw(GENERIC_ALL FULL));
my $acl_user = MakeMask(qw(CHANGE GENERIC_WRITE GENERIC_READ GENERIC_EXECUTE));
$current_acl{Administrator} = $acl_admin;
$current_acl{$adp_acct} = $acl_user;
delete $current_acl{Everyone};
Set($adp_homedirectory, \%current_acl);
my $objGroup = Win32::OLE->GetObject('LDAP://' . ADP_GROUP_OU);
$objGroup->Add("LDAP://cn=$adp_acct, " . $ADP_USER_OU);
my $objACESelf = Win32::OLE->new('AccessControlEntry');
my $objACEEveryone = Win32::OLE->new('AccessControlEntry');
$objACESelf->{Trustee} = 'NT AUTHORITY\SELF';
$objACEEveryone->{Trustee} = 'EVERYONE';
$objACESelf->{AceFlags} = 0;
$objACESelf->{AceType} = ADS_ACETYPE_ACCESS_DENIED_OBJECT;
$objACESelf->{Flags} = ADS_ACEFLAG_OBJECT_TYPE_PRESENT;
$objACESelf->{ObjectType} = CHANGE_PASSWORD_GUID;
$objACESelf->{AccessMask} = ADS_RIGHT_DS_CONTROL_ACCESS;
$objACEEveryone->{AceFlags} = 0;
$objACEEveryone->{AceType} = ADS_ACETYPE_ACCESS_DENIED_OBJECT;
$objACEEveryone->{Flags} = ADS_ACEFLAG_OBJECT_TYPE_PRESENT;
$objACEEveryone->{ObjectType} = CHANGE_PASSWORD_GUID;
$objACEEveryone->{AccessMask} = ADS_RIGHT_DS_CONTROL_ACCESS;
my $objACEUser = Win32::OLE->GetObject("LDAP://cn=$adp_acct, $ADP_USER_OU");
my $objSecDescriptor = $objACEUser->Get('ntSecurityDescriptor');
my $objDACL = $objSecDescriptor->DiscretionaryAcl;
$objDACL->AddAce($objACESelf);
$objDACL->AddAce($objACEEveryone);
$objUser->Put('ntSecurityDescriptor', [$objSecDescriptor]);
$objUser->SetInfo;
*/
Reply
Recent Queries:--
ldap computer queies - 4.60 hr back. (1)
-
does microsoft active directory use ldap - 9.61 hr back. (1)
-
what is interfacing protocol - 25.79 hr back. (1)
-
use ldap to create directory account - 29.34 hr back. (1)
-
vb6 "active directory" user "ou=" "getobject("ldap:" - 39.18 hr back. (1)
-
ldap ad change password account - 40.81 hr back. (1)
-
using ldap in "microsoft access" - 57.28 hr back. (1)
-
active directory on access 97 - 58.27 hr back. (1)
-
using ldap in microsoft access - 58.43 hr back. (1)
-
how to create users on lightweight directory access protocol - 59.67 hr back. (1)
-
php ldap ad change password - 66.68 hr back. (1)
-
visual basic ldap - 71.85 hr back. (1)
-
vb.net active directory constants - 78.19 hr back. (1)
-
active directory ldap password notification - 85.55 hr back. (1)
Similar Topics
Keywords : lightweight, directory, access, protocol, ldap, interfacing, microsofts, active, directory, ldap
- Ssh Access ?
Does astahost allow ssh access? (2)
Access Denied As Admin On Xp, Services Troubles
(4) I've had an access denied message on various things, like ending services. Other services (Also
anti-virus/non-m$) take a long time to end, or reset themselves to Automatic when I set
Disabled/Manual. Panda and Webroot Spy Sweeper re-add themselves to Services and startup even when
I delete them with HJT. I'd be happy to unistall them if I knew of better AV, which doesn't
need any startup items......
Database Access On Remote Server W/jsp
(0) Hello: I am new to JAVA and server-side applications and have a dumb question. I have set up
Tomcat on my machine and created a JSP program to query an Access database using a DSN-Less
connection. If I publish the page to a webserver and include the .MDB file will it work? I'm
not sure exactly what needs to be packaged with my Java application to make it work. Since I
don't have a remote server that supports .jsp I cannot really test it. I'm assuming that
JDBC driver would be bundled with my site but not sure. Thanks!....
Accessing Ms Access Database From A Centralized Location?
(5) Hi I am a manager at a trading/wholesaling company (and have no programming background). I
customized the Northwind sample access database to make invoices and keep accounts for my company.
We now opening another office at a distant location. So, the order entry will be done at two
points(we plan to use the same Access database). I am not able to figure out how to access the same
MS Access database from two different location(as LAN can't be used). Moreover, we can't
afford to pay huge sums to the software developers. Can intranet or uploading the database t....
Main Trap17 Site Is Down?
I can't access it at all. (0) I noticed no one came here to post that something was wrong, even if this forum is working fine. (If
it weren't, I wouldn't be posting here.) For some reason, I can't log in, and all the
user accounts were removed from the system, even if the front page works fine. (As well, my hosting
account was removed. I'm pretty sure I wasn't banned, because I didn't get any warning
from moderators.) Is this some sort of server upgrade or scheduled downtime, and when can I expect
service to be back on again? (I'm also posting this here because if I d....
Domain Name Is Not Assigned To Ip. Access Cpanel With Ip Not With Domain Name.
(6) Hi, Please astahost help me. Yest i created host account with my domain name kndsoftware.info and
after that i got confirmation and IP is given to me with domain name. After that i am able to
access cpanel with IP and make updates but i am not able to open my page www.kndsoftware.info or
www.kndsoftware.info/cpanel. Please help me :( . Regards, Kanade ....
Integrate Access Database Onto Intranet Site
Looking to integrate access database into my intranet site (5) Hey guys, im new here and am looking for answers /tongue.gif" style="vertical-align:middle"
emoid=":P" border="0" alt="tongue.gif" /> Firstly, i have designed a database using M$ access,
it consists of multiple forms which i plan to host on an intranet website, i need to be able to add
records directly from the form on the intranet website aswell as being able to edit/review current
entries on forms in the database. My question is, how would i go about integrating these forms onto
the intranet website? i plan on keeping the database and the intranet site on the s....
Access Linux Box From Windows Machine- Putty Tool
(2) Most of the guys want to access Linux box from Windows machine just to do some programming on the
command line. The "Putty Tool" is the solution for this. Just google for "Putty" and download this
small package(less then 1MB) and keep it on your desktop. Just you need to configure the linux
machine IP on this Putty tool and connect to Linux machine. If you face any problem in configuring
Linux IP, then let me know, i will help you out. If you think this is help full, please rate this.....
Can't Access Any Site Hosted On The Server
(4) Ever since yesterday, I wasn't able to access my site http://maxotek.net , so I tried
others' sites like http://www.handyphp.com , none of which opened. I've tried PINGing the
sites and have received no response as yet. I've heard that there were some changes to the IP
addresses for the shared IPs. Just a while ago, I heard from a friend of mine that he was able to
access the sites. Another one reported of a Gateway Timeout error. Do I need to make some changes
in the CPanel or will this be solved automatically?....
Flashget Download Manage
High-speed safe and Multi-protocol support! (0) FlashGet is a leading download manager and has the highest amount of users on the internet. It uses
MHT(Multi-server Hyper-threading Transportation) technique, supports various protocols and has
excellent document management features. FlashGet is a freeware without any adware or spyware. Safe
and clean: Optimize the system resource FlashGet can use up the lowest system resources and will not
influence your normal work or study. increase the download speed and stability Flashget can
increase download speed from 6-10 times. It uses MHT (Multi-server Hyper-threading Tr....
Can't Access Root Anymore =(
(5) I have installed ubuntu. and it worked to install.. but... =( I replaced the root user.. I
don't know how =( I wanted to crete a new user as a book said(but I made it the same name as the
root user (my root was named feelay, and I created a user named feelay) =( without thinking). But it
didn't work. then i logged out and in again. And I tryed to create a user. and now it says "only
a root user can create accounts". Please help =( Any Linux Guru. I am stuck =( And BTW .. When I
made a partition, a had do change the system of my bigger partition (the D Partitio....
Access 97 To Access 2003
(15) I need to convert a database that is in Access 97 to Access 2003 but every time i do it using the
Convert tools of Access 2003 i got some errors and can't change or add any of the objects
-tables, querys, etc- of the converted database. All the errors i got are related to the user
priviligies and permissions of the database, is there exists a way or procedure that allows me to
reset this permissions??? Best regards,....
Access
Is this easy to make a login/password? (17) I was looking to make a site where people need to create an account, and log in to view the main
pages. Is it easy, or do-able, to use msoft access to make a database where people are able to sign
up with a username and password via my website?....
Cracking Wireless Access Point Password?
Is it possible to crack the system setup password on wireless routers? (22) Is it possible to crack the system setup password for a wireless access point - wirelessly? I
understand how to use tools like aircrack and airsnort to crack the network password used by
clients, but this will only grant you the client password to access the network. If there is a way
to gain access to the system setup password of a wireless router, please explain the process to me,
so that I can take all possible precautions to try to avoid this happening to my new wireless
network... Thanks.....
Url File-access Is Disabled In The Server Configuration
(7) As per the php documentation:- CODE // Won't work; looks for a file named
'file.php?foo=1&bar=2' on the // local filesystem. include 'file.php?foo=1&bar=2';
// Works. include 'http://www.example.com/file.php?foo=1&bar=2'; So, I used the
following code to include the header.php file which I use to draw the top navigation menu on my
site. CODE <? include "http://" . $_SERVER['HTTP_HOST'] .
"/includes/header.php?d=../../" ?> It worked before, but now I see
the....
C++: Basic Classes
classes, objects, access labels, members, inline functions (5) This tutorial assumes that you have a basic knowledge of C++. You know how to use built-in types,
like ints, doubles, chars, etc. You should know some types that are part of the STL, like vector,
etc. Those types that come in the STL are just C++; you can create your own types just like
those! Non built-in types are referred to as classes . To create a class, you just use the
keyword class , the name of the class, and curly brackets. CODE //A class named MyClass class
MyClass { }; In fact, that is all we need to create variables, pointers, or references ....
SMTP Access?
(3) I’m thinking that this is more of a Astahost host question than a VB.NET question. An application
that I am working on needs to send notification once an update is performed. I figured the best way
to do this was to send an email message to a specific Astahost email account. I have already setup
the account and it works fine but I’m having problems using Astahost as the relay. Below is a
snippet of the code that I am using. CODE Public Function sendMail() As Boolean
Try ‘_strFrom= “x@ycoderscookbook.com” ‘_strTo= “y@ycode....
Firefox 2
Access-key and close tabs configuration (3) When I installed Firefox 2.0 I got a little probelm... Accesskeys: I use access-key to follow
links and send forms very often, and in Firefox 1.5 y default they were used by pressing
"Alt"+"Accesskey". In Firefox 2.0 the default value has changed, so to follow accesskeys you many
press: "Alt"+"Shift"+"Accesskey" wich is more complicated. To change Firefox 2's behaviour,
browse: "about:config" and set the value of the following keys to: ui.key.chromeAccess = 5
ui.key.contentAccess = 4 This way the menu bar accesskeys are associated to the combination
"Alt"+"S....
Help: XP Pro Admin Account Deleted! Only Guest Access
(40) HELP Administrator account deleted, need help loggin in to my laptop!!! WIN XP PRO
Service Pack 2? My friend was using my laptop and she says she has no idea what she did but she
somehow deleted my account (the only account) so now i can only login as a guest andI have no access
to my music pictures. programs, homework nothing, and I have a Toshiba Portege' laptop, it has
no floppy disk or cd drive no internet connection, so i have no idea how to fix this, I tried the
ctrl+alt+del trick but it will not work the default admin, has a password and i have no ....
Connecting Ms Access To Php Using Odbc
(5) Dear Friends I have been trying to connect Ms Access using PHP for couples of days. Finally I have
done it. It was dome using Open DataBase Connectivity, popularly known as ODBC (pronounced as
separate letters). With an ODBC connection, you can connect to any database, on any computer in your
network, as long as an ODBC connection is available. Here is how to create an ODBC connection to a
MS Access Database: Open the Administrative Tools icon in your Control Panel. Double-click on the
Data Sources (ODBC) icon inside. Choose the System DSN tab. Click on Add in the....
VB.NET & MS Access Issue
(3) Alright, I haven't had much experience with vb.net or ms access as it is, let alone using them
together, so I need some advice on the best way to do this. I need to create a program that
basically is a form to fill out with information, and upon filling it out it can be saved. Saving
consists of making a row in a ms access database and placing each field as a column entry within
this new row. Then I need to be able to retrieve this information from the DB and fill out the form
as it was originally if the user chooses to load. This is all fine and wasn't hard to....
VB.NET: MS-Access Interaction Tutorial (Part I)
(18) VB.NET - MS-Access Interaction Tutorial I got down to writing this tutorial because of
this certain question that Dhanesh posted on our forums here . This tutorial will attempt to
show you how to: Create a MS-Access Database Create/Edit/Delete Tables in it Access it and
Add/Edit/Update data in those tables all with VB.NET . Note: This is not a beginner's
tutorial and I'll assume you know all the basics of creating WinForm based applications using
VS.NET . The screen-shots provided are from VS.NET 2005 - but you shouldn't f....
VB.NET / MS Access Question
(6) Jeez .. i can see people already starting to take up sticks and stones to beat me up .. well .. i
know m annoying .. and this always happens when my questions are related to programming
/biggrin.gif" style="vertical-align:middle" emoid=":D" border="0" alt="biggrin.gif" /> Newayz ..
to the point .. I have an MS Access DB .. I need a VB Code to retrieve the value from a field in
the table. Let me just put it in a better way. I have a table that has a column: Sno. .. under
sno. i have numbers like 1,2,3,4,5,6,7,8 .... now i created a form where i could view the rec....
Easy Message: The Ultra Light Multi-Protocol Messenger
(3) Have any of you come across Easy Message - the new (not so new) kid in the block ? I've had it
for a while. You tend to get tired of your system tray being cluttered with a wide variety of IMs -
but then it's kind of unavoidable as different grousp of your friends have their own IM
preferences. Trillian used to be a good option earlier on - but then it became too bulky and
unstable. That's where Easy Message comes in - it supports the same range of protocols as
Trillian does - i.e. AOL, ICQ, MSN, Yahoo etc.. BUT it's got an ultra-light footprint. Th....
FTP Access: Login Failure Problems
can't login (10) i try to connect to my ftp account but without sucess. I'm using FlashFxp to access and he store
all settings to connect to server. So the problem isn't ftp, user, port, or password . Help me
out please. QUOTE Connecting to marretasfc.astahost.com -> DNS=marretasfc.astahost.com
IP=64.69.46.210 PORT=21 Connected to marretasfc.astahost.com 220---------- Welcome to Pure-FTPd
---------- 220-You are user number 2 of 50 allowed. 220-Local time is now 19:32. Server port: 21.
220-IPv6 connections are also welcome on this server. 220 You will be disconnected after ....
VB6-MS Access Question
help please (8) hi guys, I am developing an application in Visual Basic 6.0 and using MS Access as my backend. What
i want is that my database should not open when someone doublec clicks on the .mdb file. But my
application should be able to access it. What can be a possible solution to this problem? Please
help. Thanx in advance.....
Yahoo! Messenger Protocol Tutorial - Part 2
(2) Part 2 - History The need for humans to communicate faster and more efficiently has been one of the
driving forces behind the Internet. Not since the invention of the telephone has communications
between humans been more readily available. The communication power of the Internet began to take
shape in its infancy with one of the first Internet applications, email. While the Internet was
still ARPANET and with only four links, the first email message was sent by Ray Tomlinson in 1971.
The first message consisted of the text “Testing 1-2-3” and did not contain any of th....
Permission Denied In Creating A Directory
mkdir() (6) QUOTE Warning: mkdir(/home/whistle/public_html/see/seeto): Permission denied in
/home/whistle/public_html/see/config.php on line 56 My web hosting is on the astahost. The
absolute path of my php script is "(/home/whistle/public_html/see". When I try to create a directory
named "seeto", the error message about permission denied is displayed. The same script I tried on
another web hosting server "Lycos", it works perfectly. Can anyone tell me what is wrong with it?
Or anything I should notice more? Thanks. CODE <?php if (mkdir("/home/whistle/p....
Microsofts Acrylic
Free picture/photo editor beta version (1) Microsfts has launced a free betaversion of what they claim will be a worthy Adobe Photoshop
competitor. You can go to microsofts pages and use the search to find it (acrylic). You have to
register a passport account to get a link sent to email, and then you can download it. If you are
paranoid or just don't like microsft, you can type in bogus registration info, but the email
must be valid. It's actually a pretty neat program with some cool filters for your pictures. The
file is about 77 mb, but their servers are fast.....
Sharing Files In Windows Xp Home
I always get an "access denied mesage" (15) when trying to access another computer's shared files on my home network i recieve an error
message " is not accessable. You might not have permission to use this network resource. Contact
the administrator of this server to find out if you have access permissions. Access denied" anyone
know why I am getting this message?....
Looking for lightweight, directory, access, protocol, ldap, interfacing, microsofts, active, directory, ldap
|
|
Searching Video's for lightweight, directory, access, protocol, ldap, interfacing, microsofts, active, directory, ldap
|
advertisement
|
|
