Still celebrating National IT Professionals Day with 3 months of free Premium Membership. Use Code ITDAY17

x
?
Solved

Delete of AD account

Posted on 2010-09-08
15
Medium Priority
?
880 Views
Last Modified: 2012-06-27
Could someone help me with a litle wierd problem.

I try to bind a ad account in line 16. If it succeed it should proceed to line 18, but no matter of what, if the ad account is available or not it proceed to line 18.

If it could bind the account it should proceed to line 18 and if it couldn't it should proceed to line 29, right.

I get an error:

First chance exception at $7C812AFB. Exception class EOleException with message 'There is no such object on the server'. Process Project1.exe (15856)

And then my application just close.
procedure TForm1.DeleteAccount;
var
  strlocation : string;
  User : IAdsUser;
  Container : IADsContainer;
begin
  if ADOQuery1.FieldByName('Employee').AsString <> 'NA' then
  begin
    if ADOQuery1.FieldByName('PreWindowsEmploy').AsString <> '' then
    begin
      if pos('S',ADOQuery1.FieldByName('PreWindowsEmploy').AsString) <> 0 then
        strlocation := ',OU=USERS,OU=ANOTHERSITE,OU=COUNTRY,OU=FIRMNAME,DC=AD,DC=FIRMNAME,DC=ORG';
      if pos('D',ADOQuery1.FieldByName('PreWindowsEmploy').AsString) <> 0 then
        strlocation := ',OU=USERS,OU=SITE,OU=COUNTRY,OU=FIRMNAME,DC=AD,DC=ALFALAVAL,DC=ORG';
      try
        if SUCCEEDED(ADsGetObject('LDAP://CN=' + ADOQuery1.FieldByName('Employee').AsString + strlocation,IADsUser, User)) then
        begin
          if User.AccountDisabled then
          begin
            try
              ADsGetObject('LDAP://OU=USERS,OU=SITE,OU=COUNTRY,OU=FIRMNAME
,DC=AD,DC=FIRMNAME,DC=ORG', IADsContainer, Container);
              Container.Delete('User','cn=' + ADOQuery1.FieldByName('Employee').AsString);
              Container._Release;
            except on E:Exception do
            end;
            User := nil;
          end;
        end;
      except on E:Exception do
      end;
    end
    else
      strlocation := ',OU=USERS,OU=SITE,OU=COUNTRY,OU=FIRMNAME,DC=AD,DC=FIRMNAME,DC=ORG';
  end;
end;

Open in new window

0
Comment
Question by:QC20N
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
  • 7
  • 5
  • 3
15 Comments
 
LVL 14

Expert Comment

by:systan
ID: 33626228
Why are you deleting those accounts?  I doubt your trying something different.  Whats the name of your application?
0
 

Author Comment

by:QC20N
ID: 33626298
Well, it is a part of a daily procedure I have in company when employee stops. Then I need to delete the account in our AD.
0
 
LVL 14

Expert Comment

by:systan
ID: 33627290
Oh, can't you use the server applications to delete users from AD?   Why build one.
0
What does it mean to be "Always On"?

Is your cloud always on? With an Always On cloud you won't have to worry about downtime for maintenance or software application code updates, ensuring that your bottom line isn't affected.

 
LVL 5

Expert Comment

by:briangochnauer
ID: 33627608
Use an LDAP statement like ;

LDAP://domain/CN=...

replacing domain with your NT4 domain name aka. logon domain.
0
 

Author Comment

by:QC20N
ID: 33634037
Just for the record. This procedure work IF the user exists.

What my problem is that if the user dosen't exists then my program crash and give me the error.

Systan:
There is no fun to do this manually. The deletingpart is just a small job I have to do when I employee stops in our company.
0
 
LVL 14

Expert Comment

by:systan
ID: 33635406
Ok;
Did you manage to disable a user from this open post?
http://www.experts-exchange.com/Programming/Languages/Pascal/Delphi/Q_24713232.html

I don't know why you build tools like this, while you can use the AD application software, but for the record, I know you can do it.
0
 
LVL 5

Expert Comment

by:briangochnauer
ID: 33636391
Put a try..except end; around it. or use AD Search Object
I use  Marc Scheuner's TADSISearch object in ADSISearch.pas
http://adsi.mvps.org/adsi/Delphi/index.html   

...
slTemp := ADSISearch1.GetFirstRow();
    if Assigned(slTemp) then //success
....
0
 

Author Comment

by:QC20N
ID: 33645794
Guys:

My procedure works IF the user exists in AD, but if user dosen't exists my application crash.

Systan:
The link you have entered is a question I have created. And the question isen't about to disabled a user, but to disable a computer.

And yes, I know how to disable an account in AD.

Brianqochnauer:

Please, could you give a litle more details?
0
 
LVL 5

Expert Comment

by:briangochnauer
ID: 33645915
It's simple; getting an EOLEException when trying to bind to a non-existent object is expected and accepted behavior.

Either trap the exception with a Try Except (I assume you know how to do this)
or make sure the object exists before trying to bind to it,
 by using an AD search for the object.

I use the search method, if found, bind to the object else ignore;
I use  Marc Scheuner's TADSISearch object in ADSISearch.pas
http://adsi.mvps.org/adsi/Delphi/index.html   ('download' link on the page)
 Download this library and study it.

 
0
 

Author Comment

by:QC20N
ID: 33646282
But shouldn't the SUCCEEDED do the trick to handle if the user dosen't exists?
0
 
LVL 5

Expert Comment

by:briangochnauer
ID: 33649331
No, it never gets to SUCCEEDED because the exception is thrown.
0
 
LVL 5

Expert Comment

by:briangochnauer
ID: 33649451
It may work if you write it like this;
...
      try
        if OLECheck(ADsGetObject('LDAP://CN=' + ADOQuery1.FieldByName('Employee').AsString + strlocation,IADsUser, User)) then
        begin
          if User.AccountDisabled then
          begin
            try
              OleCheck(ADsGetObject('LDAP://OU=USERS,OU=SITE,OU=COUNTRY,OU=FIRMNAME
,DC=AD,DC=FIRMNAME,DC=ORG', IADsContainer, Container);
              Container.Delete('User','cn=' + ADOQuery1.FieldByName('Employee').AsString));
              Container._Release;
            except on E:Exception do
               begin
                   ShowMessage(e.message)
                end;

            end;
            User := nil;
          end;
        end;
                on E:Exception do
                begin
                  ShowMessage(e.message)
               end;

      end;
 
...
0
 

Author Comment

by:QC20N
ID: 33660228
When I do want you wrote I get this:
[DCC Error] Unit1.pas(484): E2012 Type of expression must be BOOLEAN

in the:

if OLECheck(ADsGetObject('LDAP://CN=' + ADOQuery1.FieldByName('Employee').AsString + strlocation,IADsUser, User)) then

0
 
LVL 5

Expert Comment

by:briangochnauer
ID: 33661386
Don't you think it would be a good learning experience to figure out that by yourself?
 Both OLECheck (borland) and ADsGetObject (microsoft) documented those calls well.
0
 
LVL 5

Accepted Solution

by:
briangochnauer earned 500 total points
ID: 33690785
if OLECheck(ADsGetObject('LDAP://CN=' + ADOQuery1.FieldByName('Employee').AsString + strlocation,IADsUser, User)=S_OK) then
0

Featured Post

VIDEO: THE CONCERTO CLOUD FOR HEALTHCARE

Modern healthcare requires a modern cloud. View this brief video to understand how the Concerto Cloud for Healthcare can help your organization.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

The uses clause is one of those things that just tends to grow and grow. Most of the time this is in the main form, as it's from this form that all others are called. If you have a big application (including many forms), the uses clause in the in…
In my programming career I have only very rarely run into situations where operator overloading would be of any use in my work.  Normally those situations involved math with either overly large numbers (hundreds of thousands of digits or accuracy re…
In this video you will find out how to export Office 365 mailboxes using the built in eDiscovery tool. Bear in mind that although this method might be useful in some cases, using PST files as Office 365 backup is troublesome in a long run (more on t…
We’ve all felt that sense of false security before—locking down external access to a database or component and feeling like we’ve done all we need to do to secure company data. But that feeling is fleeting. Attacks these days can happen in many w…
Suggested Courses

705 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question