Link to home
Create AccountLog in
Avatar of QC20N
QC20NFlag for Denmark

asked on

Delete of AD account

Could someone help me with a litle wierd problem.

I try to bind a ad account in line 16. If it succeed it should proceed to line 18, but no matter of what, if the ad account is available or not it proceed to line 18.

If it could bind the account it should proceed to line 18 and if it couldn't it should proceed to line 29, right.

I get an error:

First chance exception at $7C812AFB. Exception class EOleException with message 'There is no such object on the server'. Process Project1.exe (15856)

And then my application just close.
procedure TForm1.DeleteAccount;
var
  strlocation : string;
  User : IAdsUser;
  Container : IADsContainer;
begin
  if ADOQuery1.FieldByName('Employee').AsString <> 'NA' then
  begin
    if ADOQuery1.FieldByName('PreWindowsEmploy').AsString <> '' then
    begin
      if pos('S',ADOQuery1.FieldByName('PreWindowsEmploy').AsString) <> 0 then
        strlocation := ',OU=USERS,OU=ANOTHERSITE,OU=COUNTRY,OU=FIRMNAME,DC=AD,DC=FIRMNAME,DC=ORG';
      if pos('D',ADOQuery1.FieldByName('PreWindowsEmploy').AsString) <> 0 then
        strlocation := ',OU=USERS,OU=SITE,OU=COUNTRY,OU=FIRMNAME,DC=AD,DC=ALFALAVAL,DC=ORG';
      try
        if SUCCEEDED(ADsGetObject('LDAP://CN=' + ADOQuery1.FieldByName('Employee').AsString + strlocation,IADsUser, User)) then
        begin
          if User.AccountDisabled then
          begin
            try
              ADsGetObject('LDAP://OU=USERS,OU=SITE,OU=COUNTRY,OU=FIRMNAME
,DC=AD,DC=FIRMNAME,DC=ORG', IADsContainer, Container);
              Container.Delete('User','cn=' + ADOQuery1.FieldByName('Employee').AsString);
              Container._Release;
            except on E:Exception do
            end;
            User := nil;
          end;
        end;
      except on E:Exception do
      end;
    end
    else
      strlocation := ',OU=USERS,OU=SITE,OU=COUNTRY,OU=FIRMNAME,DC=AD,DC=FIRMNAME,DC=ORG';
  end;
end;

Open in new window

Avatar of systan
systan
Flag of Philippines image

Why are you deleting those accounts?  I doubt your trying something different.  Whats the name of your application?
Avatar of QC20N

ASKER

Well, it is a part of a daily procedure I have in company when employee stops. Then I need to delete the account in our AD.
Oh, can't you use the server applications to delete users from AD?   Why build one.
Use an LDAP statement like ;

LDAP://domain/CN=...

replacing domain with your NT4 domain name aka. logon domain.
Avatar of QC20N

ASKER

Just for the record. This procedure work IF the user exists.

What my problem is that if the user dosen't exists then my program crash and give me the error.

Systan:
There is no fun to do this manually. The deletingpart is just a small job I have to do when I employee stops in our company.
Ok;
Did you manage to disable a user from this open post?
https://www.experts-exchange.com/questions/24713232/How-do-I-disabled-a-computer-by-using-ADSI.html

I don't know why you build tools like this, while you can use the AD application software, but for the record, I know you can do it.
Put a try..except end; around it. or use AD Search Object
I use  Marc Scheuner's TADSISearch object in ADSISearch.pas
http://adsi.mvps.org/adsi/Delphi/index.html   

...
slTemp := ADSISearch1.GetFirstRow();
    if Assigned(slTemp) then //success
....
Avatar of QC20N

ASKER

Guys:

My procedure works IF the user exists in AD, but if user dosen't exists my application crash.

Systan:
The link you have entered is a question I have created. And the question isen't about to disabled a user, but to disable a computer.

And yes, I know how to disable an account in AD.

Brianqochnauer:

Please, could you give a litle more details?
It's simple; getting an EOLEException when trying to bind to a non-existent object is expected and accepted behavior.

Either trap the exception with a Try Except (I assume you know how to do this)
or make sure the object exists before trying to bind to it,
 by using an AD search for the object.

I use the search method, if found, bind to the object else ignore;
I use  Marc Scheuner's TADSISearch object in ADSISearch.pas
http://adsi.mvps.org/adsi/Delphi/index.html   ('download' link on the page)
 Download this library and study it.

 
Avatar of QC20N

ASKER

But shouldn't the SUCCEEDED do the trick to handle if the user dosen't exists?
No, it never gets to SUCCEEDED because the exception is thrown.
It may work if you write it like this;
...
      try
        if OLECheck(ADsGetObject('LDAP://CN=' + ADOQuery1.FieldByName('Employee').AsString + strlocation,IADsUser, User)) then
        begin
          if User.AccountDisabled then
          begin
            try
              OleCheck(ADsGetObject('LDAP://OU=USERS,OU=SITE,OU=COUNTRY,OU=FIRMNAME
,DC=AD,DC=FIRMNAME,DC=ORG', IADsContainer, Container);
              Container.Delete('User','cn=' + ADOQuery1.FieldByName('Employee').AsString));
              Container._Release;
            except on E:Exception do
               begin
                   ShowMessage(e.message)
                end;

            end;
            User := nil;
          end;
        end;
                on E:Exception do
                begin
                  ShowMessage(e.message)
               end;

      end;
 
...
Avatar of QC20N

ASKER

When I do want you wrote I get this:
[DCC Error] Unit1.pas(484): E2012 Type of expression must be BOOLEAN

in the:

if OLECheck(ADsGetObject('LDAP://CN=' + ADOQuery1.FieldByName('Employee').AsString + strlocation,IADsUser, User)) then

Don't you think it would be a good learning experience to figure out that by yourself?
 Both OLECheck (borland) and ADsGetObject (microsoft) documented those calls well.
ASKER CERTIFIED SOLUTION
Avatar of briangochnauer
briangochnauer
Flag of United States of America image

Link to home
membership
Create an account to see this answer
Signing up is free. No credit card required.
Create Account