AD - get type value out from object

Started by Orionbelt, January 01, 2015, 10:33:24 PM

Previous topic - Next topic

Orionbelt

Hi all,
I am trying to pull some information out from AD Object like type value,
Code (winbatch) Select
will tell me if this object is server, workstation or member server etc. I am able to get operating system, but need little help to get type value. Here so far what I have.

Code (winbatch) Select
If WinMetrics(-2) == 3 Then AddExtender("WWADS64I.DLL") ; 64-bit
Else AddExtender("WWADS44I.DLL") ; 32-bit

domain = dsGetProperty("LDAP://rootDSE"  , "defaultNamingContext")
sPath = "LDAP://CN=Computers,":domain
lValues = dsGetChldPath(sPath, "")

TmpGroup1=""

For i=1 To ItemCount(lValues,@TAB)
           TmpGroup=ItemExtract(i,lValues,@TAB)
  TmpGroup1 = TmpGroup
           X = StrIndex(TmpGroup,"=",1,@FWDSCAN)+1
           y = StrIndex(TmpGroup,",",1,@FWDSCAN)-1
           TmpGroup= StrSub(TmpGroup1,x,y-x+1)
           sRole = dsGetProperty(TmpGroup1, "operatingSystem")
          lValues = ItemReplace(TmpGroup,i,lValues,@TAB)
Next

Orionbelt

in other words, I am not able to get AD property 'machineRole' ?????

td

The 'machineRole' property is not mandatory so a value is not required and it wont have one unless someone decided to set it. You can use the 'userAccountControl' property to determine some information about a computer's role.

Code (winbatch) Select

;...

uAc = dsGetProperty(sPath , "userAccountControl")
if uAc & 8192 then Type = "PDC or BDC"
else Type = "Member server or Workstation"

Message("Computer Type", Type)
"No one who sees a peregrine falcon fly can ever forget the beauty and thrill of that flight."
  - Dr. Tom Cade

Orionbelt

Thanks TD for your response,
  So in this Computes OU I might have some servers, workstations (win 8.1,7,xp), domains, containers. I would like to count only workstations. what would be easiest way to do it.
when current loop run, I get error when it finds container, servers, others beside workstation, like to skip all except workstation.

thanks

td

The function dsGetChldPath accepts a class name as its second parameter.  The class name acts as a filter on the type of object returned so if you specify a class name of 'computer', the function will only return computer objects.  Alternatively, you can use the dsFindPath function to obtain paths to objects of a specified class and attribute value.  For example, the filter below will cause the function to return 'computer' objects that are not domain controllers or backup domain controllers

Code (winbatch) Select

sComputers = "LDAP://shamrock/CN=computers,DC=jclass,DC=org"
lComputers  = dsFindPath(sComputers, "(&(objectClass=computer)(!(userAccountControl:1.2.840.113556.1.4.803:=8192)) )")


More information on LDAP search filters can be found in the extender help file and in the Tech Database.
"No one who sees a peregrine falcon fly can ever forget the beauty and thrill of that flight."
  - Dr. Tom Cade