Delete of AD account

Could someone help me with a litle wierd problem.

I try to bind a ad account in line 16. If it succeed it should proceed to line 18, but no matter of what, if the ad account is available or not it proceed to line 18.

If it could bind the account it should proceed to line 18 and if it couldn't it should proceed to line 29, right.

I get an error:

First chance exception at $7C812AFB. Exception class EOleException with message 'There is no such object on the server'. Process Project1.exe (15856)

And then my application just close.
procedure TForm1.DeleteAccount;
var
  strlocation : string;
  User : IAdsUser;
  Container : IADsContainer;
begin
  if ADOQuery1.FieldByName('Employee').AsString <> 'NA' then
  begin
    if ADOQuery1.FieldByName('PreWindowsEmploy').AsString <> '' then
    begin
      if pos('S',ADOQuery1.FieldByName('PreWindowsEmploy').AsString) <> 0 then
        strlocation := ',OU=USERS,OU=ANOTHERSITE,OU=COUNTRY,OU=FIRMNAME,DC=AD,DC=FIRMNAME,DC=ORG';
      if pos('D',ADOQuery1.FieldByName('PreWindowsEmploy').AsString) <> 0 then
        strlocation := ',OU=USERS,OU=SITE,OU=COUNTRY,OU=FIRMNAME,DC=AD,DC=ALFALAVAL,DC=ORG';
      try
        if SUCCEEDED(ADsGetObject('LDAP://CN=' + ADOQuery1.FieldByName('Employee').AsString + strlocation,IADsUser, User)) then
        begin
          if User.AccountDisabled then
          begin
            try
              ADsGetObject('LDAP://OU=USERS,OU=SITE,OU=COUNTRY,OU=FIRMNAME
,DC=AD,DC=FIRMNAME,DC=ORG', IADsContainer, Container);
              Container.Delete('User','cn=' + ADOQuery1.FieldByName('Employee').AsString);
              Container._Release;
            except on E:Exception do
            end;
            User := nil;
          end;
        end;
      except on E:Exception do
      end;
    end
    else
      strlocation := ',OU=USERS,OU=SITE,OU=COUNTRY,OU=FIRMNAME,DC=AD,DC=FIRMNAME,DC=ORG';
  end;
end;

Open in new window

QC20NAsked:
Who is Participating?
 
briangochnauerCommented:
if OLECheck(ADsGetObject('LDAP://CN=' + ADOQuery1.FieldByName('Employee').AsString + strlocation,IADsUser, User)=S_OK) then
0
 
systanCommented:
Why are you deleting those accounts?  I doubt your trying something different.  Whats the name of your application?
0
 
QC20NAuthor Commented:
Well, it is a part of a daily procedure I have in company when employee stops. Then I need to delete the account in our AD.
0
Free Tool: Path Explorer

An intuitive utility to help find the CSS path to UI elements on a webpage. These paths are used frequently in a variety of front-end development and QA automation tasks.

One of a set of tools we're offering as a way of saying thank you for being a part of the community.

 
systanCommented:
Oh, can't you use the server applications to delete users from AD?   Why build one.
0
 
briangochnauerCommented:
Use an LDAP statement like ;

LDAP://domain/CN=...

replacing domain with your NT4 domain name aka. logon domain.
0
 
QC20NAuthor Commented:
Just for the record. This procedure work IF the user exists.

What my problem is that if the user dosen't exists then my program crash and give me the error.

Systan:
There is no fun to do this manually. The deletingpart is just a small job I have to do when I employee stops in our company.
0
 
systanCommented:
Ok;
Did you manage to disable a user from this open post?
http://www.experts-exchange.com/Programming/Languages/Pascal/Delphi/Q_24713232.html

I don't know why you build tools like this, while you can use the AD application software, but for the record, I know you can do it.
0
 
briangochnauerCommented:
Put a try..except end; around it. or use AD Search Object
I use  Marc Scheuner's TADSISearch object in ADSISearch.pas
http://adsi.mvps.org/adsi/Delphi/index.html   

...
slTemp := ADSISearch1.GetFirstRow();
    if Assigned(slTemp) then //success
....
0
 
QC20NAuthor Commented:
Guys:

My procedure works IF the user exists in AD, but if user dosen't exists my application crash.

Systan:
The link you have entered is a question I have created. And the question isen't about to disabled a user, but to disable a computer.

And yes, I know how to disable an account in AD.

Brianqochnauer:

Please, could you give a litle more details?
0
 
briangochnauerCommented:
It's simple; getting an EOLEException when trying to bind to a non-existent object is expected and accepted behavior.

Either trap the exception with a Try Except (I assume you know how to do this)
or make sure the object exists before trying to bind to it,
 by using an AD search for the object.

I use the search method, if found, bind to the object else ignore;
I use  Marc Scheuner's TADSISearch object in ADSISearch.pas
http://adsi.mvps.org/adsi/Delphi/index.html   ('download' link on the page)
 Download this library and study it.

 
0
 
QC20NAuthor Commented:
But shouldn't the SUCCEEDED do the trick to handle if the user dosen't exists?
0
 
briangochnauerCommented:
No, it never gets to SUCCEEDED because the exception is thrown.
0
 
briangochnauerCommented:
It may work if you write it like this;
...
      try
        if OLECheck(ADsGetObject('LDAP://CN=' + ADOQuery1.FieldByName('Employee').AsString + strlocation,IADsUser, User)) then
        begin
          if User.AccountDisabled then
          begin
            try
              OleCheck(ADsGetObject('LDAP://OU=USERS,OU=SITE,OU=COUNTRY,OU=FIRMNAME
,DC=AD,DC=FIRMNAME,DC=ORG', IADsContainer, Container);
              Container.Delete('User','cn=' + ADOQuery1.FieldByName('Employee').AsString));
              Container._Release;
            except on E:Exception do
               begin
                   ShowMessage(e.message)
                end;

            end;
            User := nil;
          end;
        end;
                on E:Exception do
                begin
                  ShowMessage(e.message)
               end;

      end;
 
...
0
 
QC20NAuthor Commented:
When I do want you wrote I get this:
[DCC Error] Unit1.pas(484): E2012 Type of expression must be BOOLEAN

in the:

if OLECheck(ADsGetObject('LDAP://CN=' + ADOQuery1.FieldByName('Employee').AsString + strlocation,IADsUser, User)) then

0
 
briangochnauerCommented:
Don't you think it would be a good learning experience to figure out that by yourself?
 Both OLECheck (borland) and ADsGetObject (microsoft) documented those calls well.
0
Question has a verified solution.

Are you are experiencing a similar issue? Get a personalized answer when you ask a related question.

Have a better answer? Share it in a comment.

All Courses

From novice to tech pro — start learning today.