Kixstart script explanation

Any Kixstart Expert to explain the code below:

Thank you

Function OtherADObject ($_Filter, optional $fnDomain,optional $_category)

	dim $fnFilter
	
	if $fnDomain=""
		$fnDomain="AD"
	endif
	
	$_aAttributes = "Name", "AdsPath"
	
	$_sADsPath = "LDAP://"+GetObject("LDAP://rootDSE").Get("defaultNamingContext")

	if $_category=""
		$_ADCategory="*"
	else
		$_ADCategory=$_category
	endif
	$fnFilter=$_Filter
	$fnstrFilter = "(&(objectCategory="+$_ADCategory+")("+$fnFilter+"))"  
	$_aResults = fnLDAPQuery($_aAttributes,$_sADsPath,$fnstrFilter,"Name")  
	; @ERROR " | " @SERROR ?  
  
	DIM $_Position[0],$_tmpObject[0]

	$i=0
	$k=1
	$l=0
	
	For $_c = 0 To UBound($_aResults) 
		For $_r = 1 To UBound($_aResults,2)		
				$_tmpObject[UBound($_tmpObject)]=$_aResults[$_c,1]
				ReDIM preserve $_tmpObject[UBound($_tmpobject)+1]
			;? $aResults[$c,$r] : $r=1 results in ldap dn path (eg ldap://cn=jdoe,dc=domain,dc=name)
			;? $aResults[$c,$r] : $r=0 results in name of object 
		Next 
	Next 
	
	if ubound($_tmpobject)>0
		ReDIM preserve $_tmpObject[UBound($_tmpobject)-1]
	endif
	
	$otherADObject=$_tmpObject

EndFunction



Function GetADAttribute($LDAP,$Attribute)

	$Object=GetObject($LDAP)
	
	If not @ERROR
		$_Attribute=$object.get($Attribute)
		
		If @ERROR
			$_Attribute=""
		EndIf	
		
	Else
		$_Attribute=""
	EndIf

	$GetADAttribute=$_Attribute

EndFunction

Function UsersOffice (optional $_userid)

	dim $office
	
	if not $_userid
		$_userid=@userid
	endif
	
	$ADCategory="Person"
	$Filter="sAMAccountName="+$_userid
  
	$aAttributes = "Name", "AdsPath"
	
	$strFilter = "(&(objectCategory="+$ADCategory+")("+$Filter+"))"  
	$aResults = fnLDAPQuery($aAttributes,$sADsPath,$strFilter,"Name")  
		; @ERROR " | " @SERROR ?  
  
	For $c = 0 To UBound($aResults) 
		For $r = 1 To UBound($aResults,2) 
			if instr ($aResults[$c,1],"ou=UK,")
				$office="UK"
			else
				$office="US"
			endif
		Next
	next

	$UsersOffice=$office

Endfunction

Function fnLDAPQuery($What,Optional $From,Optional $Filter,Optional $OrderBy,Optional $Scope,
    Optional $User,Optional $Pswd)
  
;$ADCategory="Person"
;$Filter=
  

;$aAttributes = "Name", "AdsPath"
;if @ldomain="AD" or @ldomain="devad"
;	$sADsPath = "LDAP://OU=MyDomain,"+GetObject("LDAP://rootDSE").Get("defaultNamingContext")
;else
;	$sADsPath = "LDAP://"+GetObject("LDAP://rootDSE").Get("defaultNamingContext")
;endif
;
;$testMode="y"
;if $testMode="y" and not instr (@LDOMAIN,"dev")
;	"You are not in dev domain.  Quitting."
;	exit
;endif
;
;$strFilter = "(&(objectCategory="+$ADCategory+")("+$Filter+"))"  
;$aResults = fnLDAPQuery($aAttributes,$sADsPath,$strFilter,"Name")  
; @ERROR " | " @SERROR ?  
  
;$i=0

;For $c = 0 To UBound($aResults) 
;	For $r = 1 To UBound($aResults,2) 
		;? $aResults[$c,$r] : $r=1 results in ldap dn path (eg ldap://cn=jdoe,dc=domain,dc=name)
		;? $aResults[$c,$r] : $r=0 results in name of object 
;	Next 
;Next 



    DIM $oCon,$oCMD,$oRS,$sQ,$aR,$C,$R
    
    $sQ="<"+IIf($From="","LDAP://"+GetObject("LDAP://rootDSE").Get("defaultNamingContext"),
        $From)+">;"+$Filter+";"+IIf(VarType($What)>8192,Join($What,','),$What)+";"+
        IIf($Scope<>"base" AND $Scope<>"onelevel","subtree",$Scope)
    
    $oCon=CreateObject("ADODB.Connection")
    $oCon.Provider="ADsDSOObject"
    $oCon.Properties("Encrypt Password").Value=1
    $oCon.Properties("ADSI Flag").Value=1
    If $User AND $Pswd
        $oCon.Properties("User ID").Value=$User
        $oCon.Properties("Password").Value=$Pswd
    EndIf
    $oCon.Open("Active Directory Provider")
     
    $oCMD=CreateObject("ADODB.Command")
    $oCMD.ActiveConnection=$oCon
    $oCMD.CommandText=$sQ
    $oCMD.Properties("Page Size").Value=1000
    $oCMD.Properties("Timeout").Value=30
    $oCMD.Properties("Cache Results").Value=0
    
    If InSTR($OrderBy,"distinguishedName")
        $oRS=CreateObject("ADODB.Recordset")
        $oRS.CursorLocation=3
        $oRS.Sort=$OrderBy
        $oRS.Open($sQ,$oCon,0,1,1)
    Else
        If $OrderBy
            $oCMD.Properties("Sort On").Value=$OrderBy
        EndIf
        $oRS=$oCMD.Execute
    EndIf
    If @ERROR Exit @ERROR EndIf
    If $oRS.BOF AND $oRS.EOF Exit @ERROR EndIf
    
    $aR = $oRS.GetRows()
    DIM $aFR[UBound($aR,2),UBound($aR,1)]
    For $R=0 To UBound($aR,2)
        For $C=0 To UBound($aR,1)
            $aFR[$R,$C]=$aR[$C,$R]
        Next
    Next
    
    $fnLDAPQuery=$aFR

EndFunction

function FindAuthenticatingDC ()

	$objDomain=GetObject("LDAP://RootDSE")
	$objDC=$objDomain.GET("dnshostname")
	$FindAuthenticatingDC=$objDC
	
endfunction

function AddSiebelGroup ($_User,$_Group)

	$_UserObj=GetObject("LDAP://"+$_User)
	$_UserObj.wwwHomePage=$_Group
	$_UserObj.Setinfo
	
endfunction

function removeSiebelGroup($_User)

	dim $_UserObj

	$_UserObj=getObject("LDAP://"+$_User)
	$_UserObj.wwwHomePage=" "
	$_UserObj.SetInfo
	
endfunction

function MemberOf ($_LDAP,$_GroupName)
	
	dim $ADCategory, $filter, $aAttributes, $strFilter
	dim $nestedGroup[0]
	
	$ADCategory="Group"
	$Filter="Name="+$_GroupName
	$aAttributes = "Name", "AdsPath"
	
	$strFilter = "(&(objectClass="+$ADCategory+")("+$Filter+"))"  
	$_aResults = fnLDAPQuery($aAttributes,$sADsPath,$strFilter,"Name")  
		; @ERROR " | " @SERROR ?  
  
	For $c = 0 To UBound($_aResults) 
		For $r = 1 To UBound($_aResults,2) 
			$GroupObj=getObject($_aResults[$c,1])
			$Members=$groupObj.Getex("Member")
			
			for each $Member in $members
				if "LDAP://"+$member=$_LDAP
					$MemberOf=1
				endif
				
				$MemberObj=getObject("LDAP://"+$member)

				if instr($memberObj.ObjectCategory,"Group")
					$nestedGroup[ubound($nestedGroup)]=$memberObj.distinguishedName
					redim preserve $nestedGroup[ubound($nestedGroup)+1]
				endif
								
			next
			
			
			do
				$GroupAdded=0
				for each $ngroup in $nestedGroup
					if $ngroup<>""
						$groupObj=getobject("LDAP://"+$ngroup)
						$Members=$groupObj.getex("Member")

						for each $member in $members				
							$memberObj=getobject("LDAP://"+$member)
					
							if instr($MemberObj.ObjectCategory,"Group")
								$isMember=0
								for each $ngroup2 in $nestedGroup
									if $ngroup2=$memberObj.distinguishedname
										$isMember=1
									endif
								next
						
								if $isMember=0
									$nestedGroup[ubound($nestedGroup)]=$memberObj.distinguishedName
									redim preserve $nestedGroup[ubound($nestedGroup)+1]
									$GroupAdded=1
								endif						
							endif
						next
					endif
				next
				
			until $GroupAdded=0
			
			if ubound ($nestedGroup)>0
				redim preserve $nestedGroup[ubound($nestedGroup)-1]
			endif


			for each $ngroup in $nestedGroup
				if $nGroup<>""
					$groupObj=getobject("LDAP://"+$ngroup)
					$members=$groupObj.getex("Member")
				
					for each $member in $members
						$memberObj=getobject("LDAP://"+$member)
						if "LDAP://"+$member=$_LDAP
							$MemberOf=1
						endif
					next				
				endif
			next
			
		Next
	next

endfunction

function validateUser($fnUsername,$fnPassword)

	dim $fnADS_Secure_Authentication, $fnADS_Use_Encryption, $fnLDAP, $fnDSO, $fnObjUser
	
	
	$fnADS_Secure_Authentication=1
	$fnADS_Use_Encryption=2
	$validateUser=0
	
;	$fnLDAP=OtherADObject("sAMAccountName="+$fnUsername)
;	?$fnLDAP[0]
;	$fnObjDSO=GetObject("LDAP:")
;	$fnObjUser=$fnObjDSO.OpenDSObject($fnLDAP[0], "AD\"+$fnUsername,$fnPassword,$fnADS_Secure_Authentication,$fnADS_Use_Encryption)
;	$fnObjUser=$fnObjDSO.OpenDSObject("LDAP://cn=Brian Lee,ou=test,ou=MyDomain,dc=ad,dc=ewsad,dc=net", "151984",'nji9)OKM',1,2)

	$fnObject=GetObject("LDAP:").OpenDSObject('LDAP://dc=MyDomain,dc=corp','MyDomain\'+$fnUsername,$fnPassWord,$fnADS_Secure_Authentication or $fnADS_Use_Encryption)
	
	if @error=0
		$ValidateUser=1
	endif
	
endfunction


function LastLogin ($fnUsername)

	$fnDCs="szntdc01","szntdc02";,"szntdc03"
	for each $fnDC in $fnDCs
		$fnUserObj=getObject("WinNT://"+$fnDC+"/"+$fnUsername+",user")
		$fnTmpDate=split($fnUserObj.LastLogin," ")
		if $fnPrevDate<>""
			if $fnprevDate<stddate($fnTmpDate[0])
				$fnPrevDate=stddate($fnTmpDate[0])
				$fnPrevTimeStamp=$fnUserObj.LastLogin
			endif
		else
			if instr ($fnTmpDate[0],"/")
				$fnPrevDate=stddate($fnTmpDate[0])
				$fnPrevTimeStamp=$fnUserObj.LastLogin
			endif
		endif
	next

	if instr ($fnPrevTimeStamp,"/")
		?"Last known logon was on "+$fnPrevTimeStamp
	else
		?"Could not find last known logon."
	endif

endfunction

function MemberOfOffice ($_LDAP,$_GroupName)
	
	dim $ADCategory, $filter, $aAttributes, $strFilter
	dim $nestedGroup[0]
	
	$sADsPath="LDAP://MyDomain.inc"
	$ADCategory="Group"
	$Filter="Name="+$_GroupName
	$aAttributes = "Name", "AdsPath"
	
	$strFilter = "(&(objectClass="+$ADCategory+")("+$Filter+"))"  
	$_aResults = fnLDAPQuery($aAttributes,$sADsPath,$strFilter,"Name")  
		; @ERROR " | " @SERROR ?  
  
	For $c = 0 To UBound($_aResults) 
		For $r = 1 To UBound($_aResults,2) 
			$GroupObj=getObject($_aResults[$c,1])
			$Members=$groupObj.Getex("Member")
			
			for each $Member in $members
				if "LDAP://"+$member=$_LDAP
					$MemberOfOffice=1
				endif
				
				$MemberObj=getObject("LDAP://"+$member)

				if instr($memberObj.ObjectCategory,"Group")
					$nestedGroup[ubound($nestedGroup)]=$memberObj.distinguishedName
					redim preserve $nestedGroup[ubound($nestedGroup)+1]
				endif
								
			next
			
			
			do
				$GroupAdded=0
				for each $ngroup in $nestedGroup
					if $ngroup<>""
						$groupObj=getobject("LDAP://"+$ngroup)
						$Members=$groupObj.getex("Member")

						for each $member in $members				
							$memberObj=getobject("LDAP://"+$member)
					
							if instr($MemberObj.ObjectCategory,"Group")
								$isMember=0
								for each $ngroup2 in $nestedGroup
									if $ngroup2=$memberObj.distinguishedname
										$isMember=1
									endif
								next
						
								if $isMember=0
									$nestedGroup[ubound($nestedGroup)]=$memberObj.distinguishedName
									redim preserve $nestedGroup[ubound($nestedGroup)+1]
									$GroupAdded=1
								endif						
							endif
						next
					endif
				next
				
			until $GroupAdded=0
			
			if ubound ($nestedGroup)>0
				redim preserve $nestedGroup[ubound($nestedGroup)-1]
			endif


			for each $ngroup in $nestedGroup
				if $nGroup<>""
					$groupObj=getobject("LDAP://"+$ngroup)
					$members=$groupObj.getex("Member")
				
					for each $member in $members
						$memberObj=getobject("LDAP://"+$member)
						if "LDAP://"+$member=$_LDAP
							$MemberOfOffice=1
						endif
					next				
				endif
			next
			
		Next
	next

endfunction


Function isDisabled ($_LDAPString)

		$fnFOO=0
		$fnUserObj=getObject($_LDAPString)
		if $fnUserobj.accountexpirationdate and $fnUserobj.accountexpirationdate<>"1/1/1970"
			$fnTMPDate=split($fnUserObj.AccountExpirationDate," ")
			;?stddate($fnTMPDate[0])+" "+@date+" "+$fnUserObj.AccountExpirationDate
;			if @date>stddate($fnUserObj.AccountExpirationDate); and datecalc(stddate($fnUserObj.AccountExpirationDate),@date)<16
			if @date>stddate($fnTMPDate[0]); and datecalc(stddate($fnUserObj.AccountExpirationDate),@date)<16
				$fnFOO=1
			endif
		endif

		if $fnUserObj.AccountDisabled
			$fnFOO=1
		endif
		
		$isDisabled=$fnFOO
endFunction

Open in new window

jskfanAsked:
Who is Participating?
I wear a lot of hats...

"The solutions and answers provided on Experts Exchange have been extremely helpful to me over the last few years. I wear a lot of hats - Developer, Database Administrator, Help Desk, etc., so I know a lot of things but not a lot about one thing. Experts Exchange gives me answers from people who do know a lot about one thing, in a easy to use platform." -Todd S.

Steven HarrisPresidentCommented:
What exactly are you trying to figure out?  This is not one script, but a few together, each of them working with Active Directory and LDAP.
0
jskfanAuthor Commented:
http://www.experts-exchange.com/Programming/Languages/Scripting/Q_28270146.html

I have posted the master script on the link above, this script will call 3 other scripts, that I attached to the master script.

SInce they are long script, I have posted 4 separate questions .
0
Steven HarrisPresidentCommented:
These scripts are settings AD and LDAP queries as variables.
0

Experts Exchange Solution brought to you by

Your issues matter to us.

Facing a tech roadblock? Get the help and guidance you need from experienced professionals who care. Ask your question anytime, anywhere, with no hassle.

Start your 7-day free trial
jskfanAuthor Commented:
Thanks
0
It's more than this solution.Get answers and train to solve all your tech problems - anytime, anywhere.Try it for free Edge Out The Competitionfor your dream job with proven skills and certifications.Get started today Stand Outas the employee with proven skills.Start learning today for free Move Your Career Forwardwith certification training in the latest technologies.Start your trial today
VB Script

From novice to tech pro — start learning today.