Link to home
Start Free TrialLog in
Avatar of ccsoitd1
ccsoitd1

asked on

useraccountcontrol flags

I'm trying to use an autoit script to determine what combination of flags are in use on a local user account.

Whats the easiest way to do that?
Avatar of KenMcF
KenMcF
Flag of United States of America image

Here is a link with all the flags.

http://support.microsoft.com/kb/305144

I have not used autoit so I do not know if there is an easy way. But there are other utilities out there that make this easier.
ADFIND
Powershell with Quest AD CmdLets or MS cmdlets.
Avatar of ccsoitd1
ccsoitd1

ASKER

i have that page, and i know what the flags are but what i'm not sure about is how to extract specific flags.

Auto it is very similar to vbscript, so if i could even get the vbs script to do it i can manipulate it to work in autoit.
ASKER CERTIFIED SOLUTION
Avatar of KenMcF
KenMcF
Flag of United States of America image

Link to home
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
Start Free Trial
Avatar of matrixnz
While I'm a big AutoIT fan and you probably could do this with the AD UDF, even if it doesn't you can easily add to it as long as you know the object type
http://www.autoitscript.com/forum/index.php?showtopic=106163

But if you just want to list all users objects to CSV for example than I would recommend ADFind as ccsoitd1 suggested, it's very easy to use and will get you the results very quickly.

http://www.joeware.net/freetools/tools/adfind/usage.htm

Example:
ADFind.exe -b dc=domain,dc=co,dc=nz -f "&(objectcategory=person)(objectclass=user)" -nodn -csv {attribute1} {attribute2} -tdc>>ADUsers.csv

The {attribute*} can be exchanged for attributes like cn givenName if you only want to return these attributes or leave the {attribute}s out to return all results for the object/class.

I also use this in conjunction with AutoIT sometimes for example:
$RUN_ADFIND = Run(@ScriptDir & '\ADFind.exe -b dc=domain,dc=co,dc=nz -f "&(objectcategory=person)(objectclass=user)" -nodn -csv {attribute1} {attribute2} -tdc', '', @SW_HIDE, $STDOUT_CHILD)
$CHK_ADOUTPUT = ''
While 1
  $CHK_ADOUTPUT &= StdoutRead($RUN_ADFIND)
  If @errot Then ExitLoop
WEnd

If Stringinstr($CHK_ADOUTPUT, @CRLF) Then $VAR_ADOUTPUT = StringSplit($CHK_ADOUTPUT, @CRLF, 1)
....

You can then use the information as an array, split each line with comma and use the information within.

If you do know exactly what attributes you're looking for then you probably just use the AD UDF.

Hope that made sense.

Cheers

That was exactly the script i was looking for thank you.