Very Computer

Hi,

I've got a couple of questions around having a user update a couple of
fields in there own user object as part of a logon script

Q1: How can I bind to the user running the wscript? Is there some sort of
"use me" notation? (like in WMI queries where you can use a "." to specifiy
the local device)

Q2: Does a user typically have rights to update their user object? (fields
like phone number etc)

Thanks

David

Hi,

Users typically have permissions to update attributes of
their own user object. You might consider a separate app
they run at any time, rather than forcing them to update
fields during logon.

Binding to the user object during logon is easy if all
clients are W2k or above:

Set objSysInfo = CreateObject("ADSystemInfo")
strUserAdsPath = objSysInfo.UserName
Set objUser = GetObject("LDAP://" & strUserAdsPath)

If some clients are Win9x or NT, they need DSClient
installed and ADSystemInfo is not available. They must use
WshNetwork to retrieve the NT logon name and then use the
NameTranslate object to convert this to distinguishedName.
Also, you need to use NameTranslate to convert the DNS
domain name to the NetBIOS domain (unless you hard code
the NetBIOS domain name). The code below will work on all
clients:

Set objNetwork = CreateObject("Wscript.Network")

' Loop required for Win9x clients during logon.
strNTName = ""
On Error Resume Next
Err.Clear
Do While strNTName = ""
  strNTName = objNetwork.UserName
  Err.Clear
  If Wscript.Version > 5 Then
    Wscript.Sleep 100
  End If
Loop
On Error GoTo 0

' Determine DNS domain name from RootDSE object.
Set objRootDSE = GetObject("LDAP://RootDSE")
strDNSDomain = objRootDSE.Get("DefaultNamingContext")

' Use NameTranslate to find NetBIOS domain name from the
' DNS domain name.
Set objTrans = CreateObject("NameTranslate")
objTrans.Init 3, strDNSDomain
objTrans.Set 1, strDNSDomain
strNetBIOSDomain = objTrans.Get(3)
strNetBIOSDomain = Left(strNetBIOSDomain, _
  Len(strNetBIOSDomain) - 1)

' Use NameTranslate to convert the NT user name to the
' Distinguished Name required for the LDAP provider.
objTrans.Init 1, strNetBIOSDomain
objTrans.Set 3, strNetBIOSDomain & "\" & strNTName
strUserDN = objTrans.Get(1)

' Bind to the user object in Active Directory.
Set objUser = GetObject("LDAP://" & strUserDN)

Richard
http://www.rlmueller.net

Quote:>-----Original Message-----
>Hi,

>I've got a couple of questions around having a user
update a couple of
>fields in there own user object as part of a logon script

>Q1: How can I bind to the user running the wscript? Is
there some sort of
>"use me" notation? (like in WMI queries where you can use
a "." to specifiy
>the local device)

>Q2: Does a user typically have rights to update their

user object? (fields

Quote:>like phone number etc)

>Thanks

>David

>.

Great, thanks Richard

Quote:> Hi,

> Users typically have permissions to update attributes of
> their own user object. You might consider a separate app
> they run at any time, rather than forcing them to update
> fields during logon.

> Binding to the user object during logon is easy if all
> clients are W2k or above:

> Set objSysInfo = CreateObject("ADSystemInfo")
> strUserAdsPath = objSysInfo.UserName
> Set objUser = GetObject("LDAP://" & strUserAdsPath)

> If some clients are Win9x or NT, they need DSClient
> installed and ADSystemInfo is not available. They must use
> WshNetwork to retrieve the NT logon name and then use the
> NameTranslate object to convert this to distinguishedName.
> Also, you need to use NameTranslate to convert the DNS
> domain name to the NetBIOS domain (unless you hard code
> the NetBIOS domain name). The code below will work on all
> clients:

> Set objNetwork = CreateObject("Wscript.Network")

> ' Loop required for Win9x clients during logon.
> strNTName = ""
> On Error Resume Next
> Err.Clear
> Do While strNTName = ""
>   strNTName = objNetwork.UserName
>   Err.Clear
>   If Wscript.Version > 5 Then
>     Wscript.Sleep 100
>   End If
> Loop
> On Error GoTo 0

> ' Determine DNS domain name from RootDSE object.
> Set objRootDSE = GetObject("LDAP://RootDSE")
> strDNSDomain = objRootDSE.Get("DefaultNamingContext")

> ' Use NameTranslate to find NetBIOS domain name from the
> ' DNS domain name.
> Set objTrans = CreateObject("NameTranslate")
> objTrans.Init 3, strDNSDomain
> objTrans.Set 1, strDNSDomain
> strNetBIOSDomain = objTrans.Get(3)
> strNetBIOSDomain = Left(strNetBIOSDomain, _
>   Len(strNetBIOSDomain) - 1)

> ' Use NameTranslate to convert the NT user name to the
> ' Distinguished Name required for the LDAP provider.
> objTrans.Init 1, strNetBIOSDomain
> objTrans.Set 3, strNetBIOSDomain & "\" & strNTName
> strUserDN = objTrans.Get(1)

> ' Bind to the user object in Active Directory.
> Set objUser = GetObject("LDAP://" & strUserDN)

> Richard
> http://www.rlmueller.net
> >-----Original Message-----
> >Hi,

> >I've got a couple of questions around having a user
> update a couple of
> >fields in there own user object as part of a logon script

> >Q1: How can I bind to the user running the wscript? Is
> there some sort of
> >"use me" notation? (like in WMI queries where you can use
> a "." to specifiy
> >the local device)

> >Q2: Does a user typically have rights to update their
> user object? (fields
> >like phone number etc)

> >Thanks

> >David

> >.

Just be careful, remember in AD administrators can set permissions
right down to the attribute Level.

It is a good idea to have a common set of attributes that users are
allowed to change check that with you sys admin first as GPO's and
other policies might overright security contexts.

On Sun, 30 Mar 2003 20:15:51 +1200, "david"

Carlos Magalhaes
Professional ADSI/DirectoryServices Help and answers?
http://groups.yahoo.com/group/ADSIANDDirectoryServices/
Professional WMI Programming Help and answers?
http://groups.yahoo.com/group/WMIPROGRAMMING