#138557 - 2005-04-23 05:44 AM
TranslateName() rewrite discussion thread
|
Howard Bullock
KiX Supporter
Registered: 2000-09-15
Posts: 5809
Loc: Harrisburg, PA USA
|
Please review this rewrite of Translate and comment. This is a precursor to a rewrite of InContainer(). This new TranslateName() UDF return all the desired name types with one bind to AD. The intent would be to execute this UDF once at the top of your script and save the names in a global array. You then can use one or more of the name types anywhere in the remaining code.
The UDFs like InContainer() and MakePathsFromADlocation() will no longer call TranslateName. They will be rewritten to accept the string represention of the name (Canonical or Distinguished) and not depend on an internal call to TranslateName().
Code:
$rc=SetOption("explicit","ON")
$Names = TranslateName (3, "", 3, @Domain + "\" + @wksta + "$", "1,2,3,4,5,6,7,8,9,10,11,12")
Dim $x
? "Ubound = " + ubound($names)
for $x=0 to ubound($Names)
? ""+ $x +": " + $Names[$x]
next
?
$Names = TranslateName (3, "", 3, @Ldomain + "\" + @userID, "1,2,3,4,5,6,7,8,9,10,11,12")
Dim $x
? "Ubound = " + ubound($names)
for $x=0 to ubound($Names)
? ""+ $x +": " + $Names[$x]
next
?
$Names = TranslateName (3, "", 3, @LDomain + "\" + @userid, 1)
? "DN = " + $Names[1]
;--------------------------------------------------------------------------------------------------
;FUNCTION TranslateName()
;
;AUTHOR Howard A. Bullock (hbullock@tycoelectronics.com)
;
;VERSION 3.0
;
;ACTION Translates from one name type to another. Good for converting an NT4 name
; like domain\user into an LDAP distinguished name or the reverse.
;
;SYNTAX TranslateName ($InitType, $BindName, $LookupNameType, $LookupName, $ReturnNameType)
;
;DATE 2005/04/22
;
;PARAMETERS $InitType (Required)
; - Integer value
; 1 = ADS_NAME_INITTYPE_DOMAIN
; Initializes a NameTranslate object by setting the domain that the object will bind to.
;
; 2 = ADS_NAME_INITTYPE_SERVER
; Initializes a NameTranslate object by setting the server that the object will bind to.
;
; 3 = ADS_NAME_INITTYPE_GC
; Initializes a NameTranslate object by locating the global catalog that the object will bind to.
;
; $BindName (Required)
; - String value
; If an $InitType = 3 (ADS_NAME_INITTYPE_GC), then the $BindName = "".
; InitTypes 1 and 2 require a name of a domain or server to be input. Note: "" may default
; to the current server or domain.
;
; $LookupNameType (Required)
; - Integer value
;
; $LookupName (Required)
; - String value see below
;
; $ReturnNameType (Required)
; - single Integer or comma separated string of numbers
;
; Documentation of Name Types. Lookup the more info on http://MSDN.Microsoft.com
; Not all name types work. The two that have been most useful to are "1" and "3"
;
; 1 = ADS_NAME_TYPE_1779
; Name format as specified in RFC 1779. For example, "CN=Jane Doe,CN=users, DC=Microsoft, DC=com".
;
; 2 = ADS_NAME_TYPE_CANONICAL
; Canonical name format. For example, "Microsoft.com/Users/Jane Doe".
;
; 3 = ADS_NAME_TYPE_NT4
; Account name format used in Microsoft® Windows© NT® 4.0. For example, "Microsoft\JaneDoe".
;
; 4 = ADS_NAME_TYPE_DISPLAY
; Display name format. For example, "Jane Doe".
;
; 5 = ADS_NAME_TYPE_DOMAIN_SIMPLE
; Simple domain name format. For example, "JaneDoe@Microsoft.com".
;
; 6 = ADS_NAME_TYPE_ENTERPRISE_SIMPLE
; Simple enterprise name format. For example, "JaneDoe@Microsoft.com".
;
; 7 = ADS_NAME_TYPE_GUID
; Global Unique Identifier format. For example, {95ee9fff-3436-11d1-b2b0-d15ae3ac8436}.
;
; 8 = ADS_NAME_TYPE_UNKNOWN
; Unknown name type. The system will try to make the best guess.
;
; 9 = ADS_NAME_TYPE_USER_PRINCIPAL_NAME
; User principal name format. For example, "JaneDoe@Fabrikam.com".
;
; 10 = ADS_NAME_TYPE_CANONICAL_EX
; Extended canonical name format. For example, "Microsoft.com/Users Jane Doe".
;
; 11 = ADS_NAME_TYPE_SERVICE_PRINCIPAL_NAME
; Service principal name format. For example, "www/www.microsoft.com@microsoft.com"
;
; 12 = ADS_NAME_TYPE_SID_OR_SID_HISTORY_NAME
; A SID string, as defined in the Security Descriptor Definition Language (SDDL), for either
; the SID of the current object or one from the object's SID history.
; For example, "O:AOG:DAD:(A;;RPWPCCDCLCSWRCWDWOGA;;;S-1-0-0)" For more information see
; Security Descriptor String Format under "Security" in the Microsoft Platform SDK documentation.
;
;REMARKS Not all name types seem to work. $ReturnNameType can be a single number or a comma separated
; list of numbers. The resulting array will have the coresponding array elements populated
; with the specific names requested.
;
;RETURNS This function returns a 13 element ARRAY. Use the array element that corresponds to the
; number of the name type listed above.
;
;DEPENDENCIES OS: Active Directory aware client
;
;EXAMPLES
;
; These two examples attempt to retrieve all names
; $Names = TranslateName (3, "", 3, "@Domain\@wksta$", "1,2,3,4,5,6,7,8,9,10,11,12")
; Dim $x
; ? "Ubound = " + ubound($names)
; for $x=0 to ubound($Names)
; ? ""+ $x +": " + $Names[$x]
; next
; ?
; $Names = TranslateName (3, "", 3, "@LDomain\@userid", "1,2,3,4,5,6,7,8,9,10,11,12")
; Dim $x
; ? "Ubound = " + ubound($names)
; for $x=0 to ubound($Names)
; ? ""+ $x +": " + $Names[$x]
; next
;
; Get Distinguished Name (Name type #1)
; $Names = TranslateName (3, "", 3, "@LDomain\@userid", 1)
; ? "DN = " + $Names[1]
;
;
Function TranslateName ($InitType, $BindName, $LookupNameType, $LookupName, $ReturnNameType)
Dim $NameTranslate, $Error, $ErrorText, $ReturnNameArray[12], $GetNameArray, $value
$Error = 0
$ErrorText = ""
$ReturnName = ""
$NameTranslate = CREATEOBJECT ("NameTranslate")
$Error = @error
$ErrorText = @serror
if $Error = 0
$NameTranslate.Init ($InitType, $BindName)
$Error = @error
$ErrorText = @serror
if $Error = 0
$NameTranslate.Set ($LookupNameType, $LookupName)
$Error = @error
$ErrorText = @serror
if $Error = 0
Dim $index
$GetNameArray = split($ReturnNameType, ",")
for $index=0 to ubound($GetNameArray)
$value = $GetNameArray[$index]
$ReturnNameArray[$value] = $NameTranslate.Get($value)
next
else
exit $Error
endif
else
exit $Error
endif
else
exit $Error
endif
$TranslateName = $ReturnNameArray
Endfunction
Edited by Howard Bullock (2005-04-23 03:33 PM)
|
|
Top
|
|
|
|
#138558 - 2005-04-23 06:25 AM
Re: TranslateName() rewrite discussion thread
|
Les
KiX Master
Registered: 2001-06-11
Posts: 12734
Loc: fortfrances.on.ca
|
I like the concept and testing the code over 28.8 dialup, it is bearable.
Present code missing a couple of DIMs $Names, $ReturnName
Duplicate DIM of $X
With the inclusion of the NoMacrosInStrings option in 4.5 perhaps the examples should be new school.
I know Shawn, go ahead... cry your eyes out.
$Names = TranslateName (3, "", 3, @Domain+"\"+@wksta+"$", "1,2,3,4,5,6,7,8,9,10,11,12")
_________________________
Give a man a fish and he will be back for more. Slap him with a fish and he will go away forever.
|
|
Top
|
|
|
|
|
#138560 - 2005-04-23 03:30 PM
Re: TranslateName() rewrite discussion thread
|
Howard Bullock
KiX Supporter
Registered: 2000-09-15
Posts: 5809
Loc: Harrisburg, PA USA
|
The duplicate Dim of $x I only see in the couple examples. I intended each to be a standalone example. I do not see an y $x in the UDF itself.
Since I no longer will be returning the error text, I guess I can cleanup the extra $Error and $ErrorText vars.
I will cleanup the Macros in the string...
Presently I still need two binds to get names for the user and a second call for the names for the workstation. I would like to get the both with one bind. So I think I will look at this some more and loop the SET for a comma separated input name.
My intent would be to be able to pass in both the Ldomain\user and Domain\workstation names. I am not sure if I like the concatenation of the two values as input or somehow getting two input vars.
|
|
Top
|
|
|
|
|
#138561 - 2005-04-23 11:47 PM
Re: TranslateName() rewrite discussion thread
|
kholm
Korg Regular
Registered: 2000-06-19
Posts: 714
Loc: Randers, Denmark
|
Howard,
Might I sugest, that you do not 'disturb' the original TranslateName() function!
Your idea of returning all possible translations can be usefull in logon-scripts. But if you use TranslateName() in interactive scripts,
you would know exactly what returnvalue you want, so the new version would be overkill here.
My suggestion is; Make a new funktion ie. TranslateToNames()
BTW: All my scripts dealing with AD couldn't work if i didn't have TranslateName(), It is GOLD, so I suggest you make the platinum version,
and call it TranslateToNames() 
-Erik
|
|
Top
|
|
|
|
|
#138562 - 2005-04-24 01:28 PM
Re: TranslateName() rewrite discussion thread
|
Howard Bullock
KiX Supporter
Registered: 2000-09-15
Posts: 5809
Loc: Harrisburg, PA USA
|
Thanbks for the suggestion and letting me know you like the function. This new function design does not have to bring back all names. It only brings back what you want and request. See the last example where it only brings back the DN. I think that this new code is simply more efficient when more than one name type is desired.
When I examined my logon script after Radimus opened the discussion, I notice I also caused extra traffic and deley because I had other functions calling the TranslateName UDF internally. I used primarily the DB and canonical names. There is really no need to bind to the AD more than once to get back both names. Binding is expensive and is where the delay accumulates with each occurrance.
With this change and some other function design changes, scripts can be more efficient. If you retrieve the name(s) you need and store the value early in the script, you can simply pass the value to any other function that uses the DN or Canonical name. But if you like the current functionality, you can continue to call the TranslateName UDF as many times as you like. You would just have to change the [0] array index to the number of the name type you want to use. [1] in the case DN. The error text is not longer contained in the array that is returned.
Truly, the script for some people does not need to change. The real requirement as Radimus pointed out is it usage. You should use it a little as possible and pass the resulting data.
|
|
Top
|
|
|
|
Moderator: Glenn Barnas, NTDOC, Arend_, Jochen, Radimus, Allen, ShaneEP, Ruud van Velsen, Mart
|
0 registered
and 369 anonymous users online.
|
|
|
