#140781 - 2005-06-02 06:08 AM
Re: Problem with TranslateName
|
Howard Bullock
KiX Supporter
Registered: 2000-09-15
Posts: 5809
Loc: Harrisburg, PA USA
|
TranslateName relies on the SamAccountName property on the AD account. First use LDP.exe to review the object you want to lookup. Make sure that the SamAccountName matches what you are using as the name to query. Make sure that any new objects like new user and computer accounts have time to replicate fully.
Have you examined the error codes returned by TranslateName? Did the INIT fail or the SET fail? If these two succeed then the GET should have no problem.
|
|
Top
|
|
|
|
|
#140782 - 2005-06-02 01:33 PM
Re: Problem with TranslateName
|
oobnuker
Getting the hang of it
Registered: 2003-12-09
Posts: 87
Loc: Oxford, CT
|
These are not new users, and the SamAccountName matches perfectly.
The problem I am having is that NOTHING is returned. No $ReturnName, no $Error, and no $ErrorText, so in my code:
Code:
$DN = TranslateName (3, "", 3, "@Domain\@wksta$", 1)
$DN = $DN[0]
$DN = split($DN,',DC=')[0]
$DN = Split($DN,',OU=')
$ubound = ubound($DN)
If $ubound > 1
$ComputerLOC = $DN[$ubound]
$secondLevel = $DN[$ubound-1]
If $ComputerLOC = 'HQ'
if instr('BIR;HAT;HFR',$secondLevel)
$ComputerLOC = $secondLevel
EndIf
EndIf
EndIf
If $DN[1] = "Metaframe"
$ComputerLOC = "CITRIX"
EndIf
If $DN[1] = "Memphis"
$ComputerLOC = "MER"
EndIf
$DN is not populated at all and I get an error at the line If $DN[1] yadda - "Array reference out of Bounds" or something like that...
_________________________
--
oobnuker - .KIX hack - no really.
|
|
Top
|
|
|
|
|
#140785 - 2005-06-02 05:09 PM
Re: Problem with TranslateName
|
Howard Bullock
KiX Supporter
Registered: 2000-09-15
Posts: 5809
Loc: Harrisburg, PA USA
|
Based on you use of the inputs in TranslateName (3, "", 3, "@Domain\@wksta$", 1), you client can not find the global catalog. This may be a DNS issue.
Try binding to the domain as another test.
TranslateName (1, @Domain, 3, "@Domain\@wksta$", 1)
|
|
Top
|
|
|
|
|
#140786 - 2005-06-02 05:44 PM
Re: Problem with TranslateName
|
oobnuker
Getting the hang of it
Registered: 2003-12-09
Posts: 87
Loc: Oxford, CT
|
Quote:
Based on you use of the inputs in TranslateName (3, "", 3, "@Domain\@wksta$", 1), you client can not find the global catalog. This may be a DNS issue.
Try binding to the domain as another test.
TranslateName (1, @Domain, 3, "@Domain\@wksta$", 1)
I tried the following:
Code:
;$DN = TranslateName (1, @DOMAIN, 3, "@Domain\@wksta$", 1)
;$DN = TranslateName (3, "", 3, "@Domain\@wksta$", 1)
$DN = TranslateName (2, "HQDC1", 3, "@Domain\@wksta$", 1)
And I get the same error each time.
Edit: And furthermore - I don't understand how a DNS issue can be user specific. Not that I am doubting you, I'm just stumped on this one...
Edited by oobnuker (2005-06-02 05:46 PM)
_________________________
--
oobnuker - .KIX hack - no really.
|
|
Top
|
|
|
|
|
#140787 - 2005-06-02 05:53 PM
Re: Problem with TranslateName
|
Howard Bullock
KiX Supporter
Registered: 2000-09-15
Posts: 5809
Loc: Harrisburg, PA USA
|
So you are saying that from the same computer one user gets data returned and a different user does not?
|
|
Top
|
|
|
|
|
#140793 - 2005-06-02 08:10 PM
Re: Problem with TranslateName
|
oobnuker
Getting the hang of it
Registered: 2003-12-09
Posts: 87
Loc: Oxford, CT
|
OK - I found some .VBS code that returns the DN and the query works logged in as the user that can not seem to get it via the TranslateName UDF. I will attach the code here for reference:
Code:
On Error Resume Next
Dim oUser,oArgs
Set oArgs=WScript.Arguments
strUser=oArgs(0)
UserDN=GetDN(strUser)
WScript.Echo UserDN
WScript.quit
Function GetDN(samAccount)
On Error Resume Next
GetDN=samAccount & " NotFound"
set RootDSE=GetObject("LDAP://RootDSE")
set myDomain=GetObject("LDAP://"&RootDSE.get("DefaultNamingContext"))
'the query should all be on one line
strQuery="Select sAMAccountname,cn,distinguishedname from
'broken line
'" & myDomain.ADSPath & "' Where objectcategory='person' AND objectclass='user'" & " AND sAMAccountName='" & samAccount & "'"
set cat=GetObject("GC:")
for each obj in cat
set GC=obj
Next
AdsPath=GC.ADSPath
Set conn=Createobject("ADODB.Connection")
Set cmd=CreateObject("ADODB.Command")
conn.Provider="ADSDSOObject"
conn.Open
set cmd.ActiveConnection=conn
Set RS=conn.Execute(strQuery)
Do while not RS.EOF
GetDN=rs.Fields("distinguishedname")
rs.movenext
Loop
rs.Close
conn.Close
Set conn=Nothing
set cmd=Nothing
set RootDSE=Nothing
set cat=Nothing
set RS=nothing
End Function
'EOF
Returns the full Distinguished Name of the user account that is having the problem doing the same thing with the UDF. I have been discussing the Computer's OU lookup, but I am also looking up the User's OU with this:
Code:
$DN2 = TranslateName (3, "", 3, "@LDomain\@USERID", 1)
Which returns nothing.
Edited by oobnuker (2005-06-02 08:12 PM)
|
|
Top
|
|
|
|
|
#140794 - 2005-06-02 08:58 PM
Re: Problem with TranslateName
|
Chris S.
MM club member
Registered: 2002-03-18
Posts: 2368
Loc: Earth
|
Give fnLDAPQuery() a try. Here is an example for the current workstation...
Code:
; == Return the distinguishedName for the computer ===================
$aAttributes = "distinguishedName"
$sADsPath = "LDAP://"+GetObject("LDAP://rootDSE").Get("defaultNamingContext")
$strFilter = "(&(objectClass=Computer)(Name="+@WKSTA+"))"
$aResults = fnLDAPQuery($aAttributes,$sADsPath,$strFilter)
@ERROR " | " @SERROR ?
For Each $Result in $aResults
$Result ?
Next
|
|
Top
|
|
|
|
|
#140795 - 2005-06-02 09:00 PM
Re: Problem with TranslateName
|
Howard Bullock
KiX Supporter
Registered: 2000-09-15
Posts: 5809
Loc: Harrisburg, PA USA
|
Trying to determine if this is a permissions issue.
Place the user account that does not work into the domain Adminstorators group. From the computer that you have been doing the previous testing, does the script work with th the user being a domain admin?
|
|
Top
|
|
|
|
|
#140797 - 2005-06-02 09:23 PM
Re: Problem with TranslateName
|
oobnuker
Getting the hang of it
Registered: 2003-12-09
Posts: 87
Loc: Oxford, CT
|
Quote:
Trying to determine if this is a permissions issue.
Place the user account that does not work into the domain Adminstorators group. From the computer that you have been doing the previous testing, does the script work with th the user being a domain admin?
I tried this this morning and it didn't work. I double checked that the replication had gone through and it had. Domain Admins was not the answer...
In the meantime, with that piece of .VBS I have managed to insert a work around by modifying the VBS script to also look for computer accounts. I needed to get something in place because the entire script revolves around the OU info for the user and system - it is my brainchild and we will eventually be implementing it for 2500 users.
Code:
;Determine Computer OU
? Color $SC1 "- Querying Active Directory..."
$DN = TranslateName (3, "", 3, "@Domain\@wksta$", 1)
$DN = $DN[0]
:LOOKUPFAILED
$DN = split($DN,',DC=')[0]
$DN = Split($DN,',OU=')
$ubound = ubound($DN)
If $ubound > 1
$ComputerLOC = $DN[$ubound]
$secondLevel = $DN[$ubound-1]
If $ComputerLOC = 'HQ'
if instr('BIR;HAT;HFR',$secondLevel)
$ComputerLOC = $secondLevel
EndIf
EndIf
EndIf
If UBound($DN) > 0
Select
Case $DN[1] = "Metaframe" $ComputerLOC = "CITRIX"
Case $DN[1] = "Memphis" $ComputerLOC = "MER"
EndSelect
Else
? Color $SC3 "- Please Wait..." Color $SC1
Shell "%COMSPEC% /C cscript.exe /NoLogo @LDrive\Global\computerdn.vbs @wksta$ > %TEMP%\cdn.txt"
Shell "%COMSPEC% /C cscript.exe /NoLogo @LDrive\Global\userdn.vbs @USERID > %TEMP%\udn.txt"
$FH = FreeFileHandle()
$ = Open($FH, "%TEMP%\cdn.txt")
$DN = ReadLine($FH)
$ = Close($FH)
$FH = FreeFileHandle()
$ = Open($FH, "%TEMP%\udn.txt")
$LOOKUPFAILED = "1"
$DN2 = ReadLine($FH)
$ = Close($FH)
Goto LOOKUPFAILED
EndIf
;Determine User OU
If $LOOKUPFAILED <> "1"
$DN2 = TranslateName (3, "", 3, "@LDomain\@USERID", 1)
$DN2 = $DN2[0]
EndIf
$DN2 = split($DN2,',DC=')[0]
$DN2 = Split($DN2,',OU=')
$ubound = ubound($DN2)
If $ubound > 1
$USERLOC = $DN2[$ubound]
$secondLevel = $DN2[$ubound-1]
If $USERLOC = 'HQ'
if instr('BIR;HAT;HFR',$secondLevel)
$USERLOC = $secondLevel
EndIf
EndIf
EndIf
It works, but there is now obviously a dely as it shells out to run the VBS.
I am really curious as to why this is happening, and I would rather not go with the VBS solution long term.
Thanks for all of your help with this!
Edited by oobnuker (2005-06-02 09:25 PM)
_________________________
--
oobnuker - .KIX hack - no really.
|
|
Top
|
|
|
|
Moderator: Jochen, Allen, Radimus, Glenn Barnas, ShaneEP, Ruud van Velsen, Arend_, Mart
|
1 registered
(Allen)
and 1198 anonymous users online.
|
|
|
