User updating there own settings

User updating there own settings

Post by davi » Sat, 29 Mar 2003 20:22:15



Hi,

I've got a couple of questions around having a user update a couple of
fields in there own user object as part of a logon script

Q1: How can I bind to the user running the wscript? Is there some sort of
"use me" notation? (like in WMI queries where you can use a "." to specifiy
the local device)

Q2: Does a user typically have rights to update their user object? (fields
like phone number etc)

Thanks

David

 
 
 

User updating there own settings

Post by Richard Muelle » Sun, 30 Mar 2003 00:47:59


Hi,

Users typically have permissions to update attributes of
their own user object. You might consider a separate app
they run at any time, rather than forcing them to update
fields during logon.

Binding to the user object during logon is easy if all
clients are W2k or above:

Set objSysInfo = CreateObject("ADSystemInfo")
strUserAdsPath = objSysInfo.UserName
Set objUser = GetObject("LDAP://" & strUserAdsPath)

If some clients are Win9x or NT, they need DSClient
installed and ADSystemInfo is not available. They must use
WshNetwork to retrieve the NT logon name and then use the
NameTranslate object to convert this to distinguishedName.
Also, you need to use NameTranslate to convert the DNS
domain name to the NetBIOS domain (unless you hard code
the NetBIOS domain name). The code below will work on all
clients:

Set objNetwork = CreateObject("Wscript.Network")

' Loop required for Win9x clients during logon.
strNTName = ""
On Error Resume Next
Err.Clear
Do While strNTName = ""
  strNTName = objNetwork.UserName
  Err.Clear
  If Wscript.Version > 5 Then
    Wscript.Sleep 100
  End If
Loop
On Error GoTo 0

' Determine DNS domain name from RootDSE object.
Set objRootDSE = GetObject("LDAP://RootDSE")
strDNSDomain = objRootDSE.Get("DefaultNamingContext")

' Use NameTranslate to find NetBIOS domain name from the
' DNS domain name.
Set objTrans = CreateObject("NameTranslate")
objTrans.Init 3, strDNSDomain
objTrans.Set 1, strDNSDomain
strNetBIOSDomain = objTrans.Get(3)
strNetBIOSDomain = Left(strNetBIOSDomain, _
  Len(strNetBIOSDomain) - 1)

' Use NameTranslate to convert the NT user name to the
' Distinguished Name required for the LDAP provider.
objTrans.Init 1, strNetBIOSDomain
objTrans.Set 3, strNetBIOSDomain & "\" & strNTName
strUserDN = objTrans.Get(1)

' Bind to the user object in Active Directory.
Set objUser = GetObject("LDAP://" & strUserDN)

Richard
http://www.rlmueller.net

Quote:>-----Original Message-----
>Hi,

>I've got a couple of questions around having a user
update a couple of
>fields in there own user object as part of a logon script

>Q1: How can I bind to the user running the wscript? Is
there some sort of
>"use me" notation? (like in WMI queries where you can use
a "." to specifiy
>the local device)

>Q2: Does a user typically have rights to update their

user object? (fields
Quote:>like phone number etc)

>Thanks

>David

>.


 
 
 

User updating there own settings

Post by davi » Mon, 31 Mar 2003 17:15:51


Great, thanks Richard


Quote:> Hi,

> Users typically have permissions to update attributes of
> their own user object. You might consider a separate app
> they run at any time, rather than forcing them to update
> fields during logon.

> Binding to the user object during logon is easy if all
> clients are W2k or above:

> Set objSysInfo = CreateObject("ADSystemInfo")
> strUserAdsPath = objSysInfo.UserName
> Set objUser = GetObject("LDAP://" & strUserAdsPath)

> If some clients are Win9x or NT, they need DSClient
> installed and ADSystemInfo is not available. They must use
> WshNetwork to retrieve the NT logon name and then use the
> NameTranslate object to convert this to distinguishedName.
> Also, you need to use NameTranslate to convert the DNS
> domain name to the NetBIOS domain (unless you hard code
> the NetBIOS domain name). The code below will work on all
> clients:

> Set objNetwork = CreateObject("Wscript.Network")

> ' Loop required for Win9x clients during logon.
> strNTName = ""
> On Error Resume Next
> Err.Clear
> Do While strNTName = ""
>   strNTName = objNetwork.UserName
>   Err.Clear
>   If Wscript.Version > 5 Then
>     Wscript.Sleep 100
>   End If
> Loop
> On Error GoTo 0

> ' Determine DNS domain name from RootDSE object.
> Set objRootDSE = GetObject("LDAP://RootDSE")
> strDNSDomain = objRootDSE.Get("DefaultNamingContext")

> ' Use NameTranslate to find NetBIOS domain name from the
> ' DNS domain name.
> Set objTrans = CreateObject("NameTranslate")
> objTrans.Init 3, strDNSDomain
> objTrans.Set 1, strDNSDomain
> strNetBIOSDomain = objTrans.Get(3)
> strNetBIOSDomain = Left(strNetBIOSDomain, _
>   Len(strNetBIOSDomain) - 1)

> ' Use NameTranslate to convert the NT user name to the
> ' Distinguished Name required for the LDAP provider.
> objTrans.Init 1, strNetBIOSDomain
> objTrans.Set 3, strNetBIOSDomain & "\" & strNTName
> strUserDN = objTrans.Get(1)

> ' Bind to the user object in Active Directory.
> Set objUser = GetObject("LDAP://" & strUserDN)

> Richard
> http://www.rlmueller.net
> >-----Original Message-----
> >Hi,

> >I've got a couple of questions around having a user
> update a couple of
> >fields in there own user object as part of a logon script

> >Q1: How can I bind to the user running the wscript? Is
> there some sort of
> >"use me" notation? (like in WMI queries where you can use
> a "." to specifiy
> >the local device)

> >Q2: Does a user typically have rights to update their
> user object? (fields
> >like phone number etc)

> >Thanks

> >David

> >.

 
 
 

User updating there own settings

Post by Carlos Magalhae » Tue, 01 Apr 2003 20:36:35


Just be careful, remember in AD administrators can set permissions
right down to the attribute Level.

It is a good idea to have a common set of attributes that users are
allowed to change check that with you sys admin first as GPO's and
other policies might overright security contexts.

On Sun, 30 Mar 2003 20:15:51 +1200, "david"


>Great, thanks Richard



>> Hi,

>> Users typically have permissions to update attributes of
>> their own user object. You might consider a separate app
>> they run at any time, rather than forcing them to update
>> fields during logon.

>> Binding to the user object during logon is easy if all
>> clients are W2k or above:

>> Set objSysInfo = CreateObject("ADSystemInfo")
>> strUserAdsPath = objSysInfo.UserName
>> Set objUser = GetObject("LDAP://" & strUserAdsPath)

>> If some clients are Win9x or NT, they need DSClient
>> installed and ADSystemInfo is not available. They must use
>> WshNetwork to retrieve the NT logon name and then use the
>> NameTranslate object to convert this to distinguishedName.
>> Also, you need to use NameTranslate to convert the DNS
>> domain name to the NetBIOS domain (unless you hard code
>> the NetBIOS domain name). The code below will work on all
>> clients:

>> Set objNetwork = CreateObject("Wscript.Network")

>> ' Loop required for Win9x clients during logon.
>> strNTName = ""
>> On Error Resume Next
>> Err.Clear
>> Do While strNTName = ""
>>   strNTName = objNetwork.UserName
>>   Err.Clear
>>   If Wscript.Version > 5 Then
>>     Wscript.Sleep 100
>>   End If
>> Loop
>> On Error GoTo 0

>> ' Determine DNS domain name from RootDSE object.
>> Set objRootDSE = GetObject("LDAP://RootDSE")
>> strDNSDomain = objRootDSE.Get("DefaultNamingContext")

>> ' Use NameTranslate to find NetBIOS domain name from the
>> ' DNS domain name.
>> Set objTrans = CreateObject("NameTranslate")
>> objTrans.Init 3, strDNSDomain
>> objTrans.Set 1, strDNSDomain
>> strNetBIOSDomain = objTrans.Get(3)
>> strNetBIOSDomain = Left(strNetBIOSDomain, _
>>   Len(strNetBIOSDomain) - 1)

>> ' Use NameTranslate to convert the NT user name to the
>> ' Distinguished Name required for the LDAP provider.
>> objTrans.Init 1, strNetBIOSDomain
>> objTrans.Set 3, strNetBIOSDomain & "\" & strNTName
>> strUserDN = objTrans.Get(1)

>> ' Bind to the user object in Active Directory.
>> Set objUser = GetObject("LDAP://" & strUserDN)

>> Richard
>> http://www.rlmueller.net
>> >-----Original Message-----
>> >Hi,

>> >I've got a couple of questions around having a user
>> update a couple of
>> >fields in there own user object as part of a logon script

>> >Q1: How can I bind to the user running the wscript? Is
>> there some sort of
>> >"use me" notation? (like in WMI queries where you can use
>> a "." to specifiy
>> >the local device)

>> >Q2: Does a user typically have rights to update their
>> user object? (fields
>> >like phone number etc)

>> >Thanks

>> >David

>> >.

Carlos Magalhaes
Professional ADSI/DirectoryServices Help and answers?
http://groups.yahoo.com/group/ADSIANDDirectoryServices/
Professional WMI Programming Help and answers?
http://groups.yahoo.com/group/WMIPROGRAMMING
 
 
 

1. Allowing users to create their own usernmae/password

Hey all,

I'm trying to use sharepoint as a discussion board.  May not be the best
fit, but ....  The only way a user can subscribe to email notifications is
if they have a physical login on the server.  The account is simply a user
account, but it has to exist.  That in itself is not an issue, however once
they have logged on as that user to subscribe anything else they post will
be seen as that login (i.e emailsubscribe).  Also if the users don't
subscribe but post something first it shows as anonymous user.  Is there
anyway to allow users to create their own username/password without admin
intervention?  I understand about the invite concept, but I have to know
before hand who the invite is going out to.. woul dlike theis to be on
auot-pilot for as much as possible.

Thanx

Morgan

2. C# Win Application multiple .cs forms compilation

3. Users changing their own passwords?

4. ***NuShield Screen Protectors for your Palm***

5. Map as different user/pass to your own?

6. RunAs -- only by executable?

7. Why do I only see my own home directory and not those of other users?

8. baud/bit rates

9. How would a user on 95 or NT choose their own password?

10. Can each user be an admin to his/her own computer?

11. Push user DSN settings to all users

12. Can user set permissions on their own folder?

13. Prompting users to changie their own passwords?