May 162011

Just realised that I haven’t had any posts about ADSi errors that you may encounter.
Here is a link to the common errors : Link

Most of the time, you will run up against these errors when you are querying users or groups and they don’t exist or an attribute / property does not exist.
The script will tell you which line you’ve went wrong on, but rarely ever gives you an idea on how to solve the issue. That page will give you a quick idea on how to resolve it.

May 152011

I have recently come across a situation where I need to determine whether an account is locked or not.
Conveniently, the IADsUser interface provides a property that is exactly what I need !.
This little code block will return a true or false depending on whether the account is locked or not, with true representing a locked account.

var objUser = GetObject("LDAP://cn=user,ou=users,dc=example,dc=com");
var boolUsrLocked = objUser.isAccountLocked;
return boolUsrLocked;

Apr 242011

Hi All,

I’ve been making a few scripts lately to modify a user using Javascript rather than VB.
I prefer working with Javascript as it suits my purpose a bit better as I can use variable size arrays to make it do what I want.

I start off with the Distinguished Name (DN) of the object, which can be obtained with :

function GetDN(strUsername) {
var rootdse = GetObject("LDAP://RootDSE");
var objUserDN = new ActiveXObject("NameTranslate");

objUserDN.Init(1,"DOMAIN NAME HERE");
objUserDN.Set(3,"DOMAIN NAME HERE\\"+strUsername);
strUserDN = objUserDN.get(1)
return strUserDN;

That code will get the DN of the user in question. Whether you integrate it into the script itself or use a function that is seperate from the main script is up to you.
I have used a function in this case.

I have posted a way to obtain the Domain Name for this script here.

After you have obtained the DN of the user, you will now need to create an object for the user so we can manipulate the user’s details.

var objUser = GetObject("LDAP://"+strUserDN);

We can now access the properties of the user via the objUser object.
To see what the properties contain already, you can use this :

var strUserDesc = objUser.description;

To modify any properties, the put method is used :

objUser.Put("description","This is the new description");
objUser.Put("profile","This is the new profile path");

The SetInfo method is used to commit changes into AD.
Hopefully no errors will come up when you try to commit the changes, and you have successfully modified a user using Javascript !.

All the properties can be found on the MSDN (reference 4).

Reference :
1. IADsNameTranslate Interface
3. ADS_NAME_TYPE_ENUM Enumeration
4. IADsUser Interface

Dec 282010

I have found being able to ping from a webpage useful on occasion so I thought I would post up a few snippets that I used to ping computers.

var oLoc = new ActiveXObject('WbemScripting.SWbemLocator');
var oSrv = oLoc.ConnectServer(null,'/root/cimv2');
var PingServer = new Enumerator(oSrv.ExecQuery('SELECT * FROM Win32_PingStatus WHERE Address = "' + Computer + '" AND Timeout = 5000'));
var respcode = PingServer.item().StatusCode;
if(respcode == 0) {
alert("Reply from "+Computer)
} else {
alert("Error pinging "+Computer+"\nError Code : "+respcode);

That’s pretty much a cut down version of what I use, it’s missing all the HTML obviously but that’s the core of it.
The “Computer” variable is the address or hostname that you want to ping, and “Timeout” is the maximum time before the ping times out in milliseconds.

Now a quick explanation :
First couple of lines creates the ActiveX Object and starts a connection using WMI
Third line creates the Enumerator object that contains the results from the query that returns the ping results.
Fourth and Fifth lines get to the results and returns the Status Code respectively.
From there, a response of 0 means the ping was good, otherwise anything else means it was bad.
This link has the list of status codes and their meanings.

I have used this at work to see if computers are online quickly as I have this and a few other useful scripts running in a little window off to the side.