Link to home
Start Free TrialLog in
Avatar of jskfan
jskfanFlag for Cyprus

asked on

Kixstart script explanation

Any Kixstart Expert to explain the code below:

Thank you

Function OtherADObject ($_Filter, optional $fnDomain,optional $_category)

	dim $fnFilter
	
	if $fnDomain=""
		$fnDomain="AD"
	endif
	
	$_aAttributes = "Name", "AdsPath"
	
	$_sADsPath = "LDAP://"+GetObject("LDAP://rootDSE").Get("defaultNamingContext")

	if $_category=""
		$_ADCategory="*"
	else
		$_ADCategory=$_category
	endif
	$fnFilter=$_Filter
	$fnstrFilter = "(&(objectCategory="+$_ADCategory+")("+$fnFilter+"))"  
	$_aResults = fnLDAPQuery($_aAttributes,$_sADsPath,$fnstrFilter,"Name")  
	; @ERROR " | " @SERROR ?  
  
	DIM $_Position[0],$_tmpObject[0]

	$i=0
	$k=1
	$l=0
	
	For $_c = 0 To UBound($_aResults) 
		For $_r = 1 To UBound($_aResults,2)		
				$_tmpObject[UBound($_tmpObject)]=$_aResults[$_c,1]
				ReDIM preserve $_tmpObject[UBound($_tmpobject)+1]
			;? $aResults[$c,$r] : $r=1 results in ldap dn path (eg ldap://cn=jdoe,dc=domain,dc=name)
			;? $aResults[$c,$r] : $r=0 results in name of object 
		Next 
	Next 
	
	if ubound($_tmpobject)>0
		ReDIM preserve $_tmpObject[UBound($_tmpobject)-1]
	endif
	
	$otherADObject=$_tmpObject

EndFunction



Function GetADAttribute($LDAP,$Attribute)

	$Object=GetObject($LDAP)
	
	If not @ERROR
		$_Attribute=$object.get($Attribute)
		
		If @ERROR
			$_Attribute=""
		EndIf	
		
	Else
		$_Attribute=""
	EndIf

	$GetADAttribute=$_Attribute

EndFunction

Function UsersOffice (optional $_userid)

	dim $office
	
	if not $_userid
		$_userid=@userid
	endif
	
	$ADCategory="Person"
	$Filter="sAMAccountName="+$_userid
  
	$aAttributes = "Name", "AdsPath"
	
	$strFilter = "(&(objectCategory="+$ADCategory+")("+$Filter+"))"  
	$aResults = fnLDAPQuery($aAttributes,$sADsPath,$strFilter,"Name")  
		; @ERROR " | " @SERROR ?  
  
	For $c = 0 To UBound($aResults) 
		For $r = 1 To UBound($aResults,2) 
			if instr ($aResults[$c,1],"ou=UK,")
				$office="UK"
			else
				$office="US"
			endif
		Next
	next

	$UsersOffice=$office

Endfunction

Function fnLDAPQuery($What,Optional $From,Optional $Filter,Optional $OrderBy,Optional $Scope,
    Optional $User,Optional $Pswd)
  
;$ADCategory="Person"
;$Filter=
  

;$aAttributes = "Name", "AdsPath"
;if @ldomain="AD" or @ldomain="devad"
;	$sADsPath = "LDAP://OU=MyDomain,"+GetObject("LDAP://rootDSE").Get("defaultNamingContext")
;else
;	$sADsPath = "LDAP://"+GetObject("LDAP://rootDSE").Get("defaultNamingContext")
;endif
;
;$testMode="y"
;if $testMode="y" and not instr (@LDOMAIN,"dev")
;	"You are not in dev domain.  Quitting."
;	exit
;endif
;
;$strFilter = "(&(objectCategory="+$ADCategory+")("+$Filter+"))"  
;$aResults = fnLDAPQuery($aAttributes,$sADsPath,$strFilter,"Name")  
; @ERROR " | " @SERROR ?  
  
;$i=0

;For $c = 0 To UBound($aResults) 
;	For $r = 1 To UBound($aResults,2) 
		;? $aResults[$c,$r] : $r=1 results in ldap dn path (eg ldap://cn=jdoe,dc=domain,dc=name)
		;? $aResults[$c,$r] : $r=0 results in name of object 
;	Next 
;Next 



    DIM $oCon,$oCMD,$oRS,$sQ,$aR,$C,$R
    
    $sQ="<"+IIf($From="","LDAP://"+GetObject("LDAP://rootDSE").Get("defaultNamingContext"),
        $From)+">;"+$Filter+";"+IIf(VarType($What)>8192,Join($What,','),$What)+";"+
        IIf($Scope<>"base" AND $Scope<>"onelevel","subtree",$Scope)
    
    $oCon=CreateObject("ADODB.Connection")
    $oCon.Provider="ADsDSOObject"
    $oCon.Properties("Encrypt Password").Value=1
    $oCon.Properties("ADSI Flag").Value=1
    If $User AND $Pswd
        $oCon.Properties("User ID").Value=$User
        $oCon.Properties("Password").Value=$Pswd
    EndIf
    $oCon.Open("Active Directory Provider")
     
    $oCMD=CreateObject("ADODB.Command")
    $oCMD.ActiveConnection=$oCon
    $oCMD.CommandText=$sQ
    $oCMD.Properties("Page Size").Value=1000
    $oCMD.Properties("Timeout").Value=30
    $oCMD.Properties("Cache Results").Value=0
    
    If InSTR($OrderBy,"distinguishedName")
        $oRS=CreateObject("ADODB.Recordset")
        $oRS.CursorLocation=3
        $oRS.Sort=$OrderBy
        $oRS.Open($sQ,$oCon,0,1,1)
    Else
        If $OrderBy
            $oCMD.Properties("Sort On").Value=$OrderBy
        EndIf
        $oRS=$oCMD.Execute
    EndIf
    If @ERROR Exit @ERROR EndIf
    If $oRS.BOF AND $oRS.EOF Exit @ERROR EndIf
    
    $aR = $oRS.GetRows()
    DIM $aFR[UBound($aR,2),UBound($aR,1)]
    For $R=0 To UBound($aR,2)
        For $C=0 To UBound($aR,1)
            $aFR[$R,$C]=$aR[$C,$R]
        Next
    Next
    
    $fnLDAPQuery=$aFR

EndFunction

function FindAuthenticatingDC ()

	$objDomain=GetObject("LDAP://RootDSE")
	$objDC=$objDomain.GET("dnshostname")
	$FindAuthenticatingDC=$objDC
	
endfunction

function AddSiebelGroup ($_User,$_Group)

	$_UserObj=GetObject("LDAP://"+$_User)
	$_UserObj.wwwHomePage=$_Group
	$_UserObj.Setinfo
	
endfunction

function removeSiebelGroup($_User)

	dim $_UserObj

	$_UserObj=getObject("LDAP://"+$_User)
	$_UserObj.wwwHomePage=" "
	$_UserObj.SetInfo
	
endfunction

function MemberOf ($_LDAP,$_GroupName)
	
	dim $ADCategory, $filter, $aAttributes, $strFilter
	dim $nestedGroup[0]
	
	$ADCategory="Group"
	$Filter="Name="+$_GroupName
	$aAttributes = "Name", "AdsPath"
	
	$strFilter = "(&(objectClass="+$ADCategory+")("+$Filter+"))"  
	$_aResults = fnLDAPQuery($aAttributes,$sADsPath,$strFilter,"Name")  
		; @ERROR " | " @SERROR ?  
  
	For $c = 0 To UBound($_aResults) 
		For $r = 1 To UBound($_aResults,2) 
			$GroupObj=getObject($_aResults[$c,1])
			$Members=$groupObj.Getex("Member")
			
			for each $Member in $members
				if "LDAP://"+$member=$_LDAP
					$MemberOf=1
				endif
				
				$MemberObj=getObject("LDAP://"+$member)

				if instr($memberObj.ObjectCategory,"Group")
					$nestedGroup[ubound($nestedGroup)]=$memberObj.distinguishedName
					redim preserve $nestedGroup[ubound($nestedGroup)+1]
				endif
								
			next
			
			
			do
				$GroupAdded=0
				for each $ngroup in $nestedGroup
					if $ngroup<>""
						$groupObj=getobject("LDAP://"+$ngroup)
						$Members=$groupObj.getex("Member")

						for each $member in $members				
							$memberObj=getobject("LDAP://"+$member)
					
							if instr($MemberObj.ObjectCategory,"Group")
								$isMember=0
								for each $ngroup2 in $nestedGroup
									if $ngroup2=$memberObj.distinguishedname
										$isMember=1
									endif
								next
						
								if $isMember=0
									$nestedGroup[ubound($nestedGroup)]=$memberObj.distinguishedName
									redim preserve $nestedGroup[ubound($nestedGroup)+1]
									$GroupAdded=1
								endif						
							endif
						next
					endif
				next
				
			until $GroupAdded=0
			
			if ubound ($nestedGroup)>0
				redim preserve $nestedGroup[ubound($nestedGroup)-1]
			endif


			for each $ngroup in $nestedGroup
				if $nGroup<>""
					$groupObj=getobject("LDAP://"+$ngroup)
					$members=$groupObj.getex("Member")
				
					for each $member in $members
						$memberObj=getobject("LDAP://"+$member)
						if "LDAP://"+$member=$_LDAP
							$MemberOf=1
						endif
					next				
				endif
			next
			
		Next
	next

endfunction

function validateUser($fnUsername,$fnPassword)

	dim $fnADS_Secure_Authentication, $fnADS_Use_Encryption, $fnLDAP, $fnDSO, $fnObjUser
	
	
	$fnADS_Secure_Authentication=1
	$fnADS_Use_Encryption=2
	$validateUser=0
	
;	$fnLDAP=OtherADObject("sAMAccountName="+$fnUsername)
;	?$fnLDAP[0]
;	$fnObjDSO=GetObject("LDAP:")
;	$fnObjUser=$fnObjDSO.OpenDSObject($fnLDAP[0], "AD\"+$fnUsername,$fnPassword,$fnADS_Secure_Authentication,$fnADS_Use_Encryption)
;	$fnObjUser=$fnObjDSO.OpenDSObject("LDAP://cn=Brian Lee,ou=test,ou=MyDomain,dc=ad,dc=ewsad,dc=net", "151984",'nji9)OKM',1,2)

	$fnObject=GetObject("LDAP:").OpenDSObject('LDAP://dc=MyDomain,dc=corp','MyDomain\'+$fnUsername,$fnPassWord,$fnADS_Secure_Authentication or $fnADS_Use_Encryption)
	
	if @error=0
		$ValidateUser=1
	endif
	
endfunction


function LastLogin ($fnUsername)

	$fnDCs="szntdc01","szntdc02";,"szntdc03"
	for each $fnDC in $fnDCs
		$fnUserObj=getObject("WinNT://"+$fnDC+"/"+$fnUsername+",user")
		$fnTmpDate=split($fnUserObj.LastLogin," ")
		if $fnPrevDate<>""
			if $fnprevDate<stddate($fnTmpDate[0])
				$fnPrevDate=stddate($fnTmpDate[0])
				$fnPrevTimeStamp=$fnUserObj.LastLogin
			endif
		else
			if instr ($fnTmpDate[0],"/")
				$fnPrevDate=stddate($fnTmpDate[0])
				$fnPrevTimeStamp=$fnUserObj.LastLogin
			endif
		endif
	next

	if instr ($fnPrevTimeStamp,"/")
		?"Last known logon was on "+$fnPrevTimeStamp
	else
		?"Could not find last known logon."
	endif

endfunction

function MemberOfOffice ($_LDAP,$_GroupName)
	
	dim $ADCategory, $filter, $aAttributes, $strFilter
	dim $nestedGroup[0]
	
	$sADsPath="LDAP://MyDomain.inc"
	$ADCategory="Group"
	$Filter="Name="+$_GroupName
	$aAttributes = "Name", "AdsPath"
	
	$strFilter = "(&(objectClass="+$ADCategory+")("+$Filter+"))"  
	$_aResults = fnLDAPQuery($aAttributes,$sADsPath,$strFilter,"Name")  
		; @ERROR " | " @SERROR ?  
  
	For $c = 0 To UBound($_aResults) 
		For $r = 1 To UBound($_aResults,2) 
			$GroupObj=getObject($_aResults[$c,1])
			$Members=$groupObj.Getex("Member")
			
			for each $Member in $members
				if "LDAP://"+$member=$_LDAP
					$MemberOfOffice=1
				endif
				
				$MemberObj=getObject("LDAP://"+$member)

				if instr($memberObj.ObjectCategory,"Group")
					$nestedGroup[ubound($nestedGroup)]=$memberObj.distinguishedName
					redim preserve $nestedGroup[ubound($nestedGroup)+1]
				endif
								
			next
			
			
			do
				$GroupAdded=0
				for each $ngroup in $nestedGroup
					if $ngroup<>""
						$groupObj=getobject("LDAP://"+$ngroup)
						$Members=$groupObj.getex("Member")

						for each $member in $members				
							$memberObj=getobject("LDAP://"+$member)
					
							if instr($MemberObj.ObjectCategory,"Group")
								$isMember=0
								for each $ngroup2 in $nestedGroup
									if $ngroup2=$memberObj.distinguishedname
										$isMember=1
									endif
								next
						
								if $isMember=0
									$nestedGroup[ubound($nestedGroup)]=$memberObj.distinguishedName
									redim preserve $nestedGroup[ubound($nestedGroup)+1]
									$GroupAdded=1
								endif						
							endif
						next
					endif
				next
				
			until $GroupAdded=0
			
			if ubound ($nestedGroup)>0
				redim preserve $nestedGroup[ubound($nestedGroup)-1]
			endif


			for each $ngroup in $nestedGroup
				if $nGroup<>""
					$groupObj=getobject("LDAP://"+$ngroup)
					$members=$groupObj.getex("Member")
				
					for each $member in $members
						$memberObj=getobject("LDAP://"+$member)
						if "LDAP://"+$member=$_LDAP
							$MemberOfOffice=1
						endif
					next				
				endif
			next
			
		Next
	next

endfunction


Function isDisabled ($_LDAPString)

		$fnFOO=0
		$fnUserObj=getObject($_LDAPString)
		if $fnUserobj.accountexpirationdate and $fnUserobj.accountexpirationdate<>"1/1/1970"
			$fnTMPDate=split($fnUserObj.AccountExpirationDate," ")
			;?stddate($fnTMPDate[0])+" "+@date+" "+$fnUserObj.AccountExpirationDate
;			if @date>stddate($fnUserObj.AccountExpirationDate); and datecalc(stddate($fnUserObj.AccountExpirationDate),@date)<16
			if @date>stddate($fnTMPDate[0]); and datecalc(stddate($fnUserObj.AccountExpirationDate),@date)<16
				$fnFOO=1
			endif
		endif

		if $fnUserObj.AccountDisabled
			$fnFOO=1
		endif
		
		$isDisabled=$fnFOO
endFunction

Open in new window

SOLUTION
Avatar of Steven Harris
Steven Harris
Flag of United States of America image
Link to home
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
Start Free Trial
Avatar of jskfan
jskfan
Flag of Cyprus image

ASKER

https://www.experts-exchange.com/questions/28270146/Kixstart-script.html

I have posted the master script on the link above, this script will call 3 other scripts, that I attached to the master script.

SInce they are long script, I have posted 4 separate questions .
ASKER CERTIFIED SOLUTION
Avatar of Steven Harris
Steven Harris
Flag of United States of America image
Link to home
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
Start Free Trial
Avatar of jskfan
jskfan
Flag of Cyprus image

ASKER

Thanks