#158371 - 2006-03-06 05:54 PM
Error Code 6 The handle is invalid - ADSI XP NOSP?
|
Shaun_Hill
Getting the hang of it
Registered: 2004-11-15
Posts: 50
Loc: JHB, South Africa
|
Hi,
My ADSI script works on nearly all computers but on machines like XP without a service pack, the ADSI script gives error code 6 The handle is invalid. I checked on the computer and ActiveDS.dll is in the system32 dir. Any ideas? In the mean time I will install SP2 and see if sorts it which it probably will.
ActiveDS.dll is File version 5.1.2600.0 (xpclient.010817-1148).
|
|
Top
|
|
|
|
#158373 - 2006-03-06 07:34 PM
Re: Error Code 6 The handle is invalid - ADSI XP NOSP?
|
Shaun_Hill
Getting the hang of it
Registered: 2004-11-15
Posts: 50
Loc: JHB, South Africa
|
Hi Shawn, I have been testing all over and it works properly on SP1 and SP2 and W2000 SP4 machines. Seems to just be those without any SP at all (the original XP). All the XP computers should be running SP2 so what I did was just put a check on ActiveDS.dll file version and exit the script if it's the wrong version (and log it for remediation). I must just get someone to install the SP. I haven't identified any w2000 machine without a SP so I'm not sure if the problem is also with them. Thanks for offering to test it though!
|
|
Top
|
|
|
|
|
#158375 - 2006-03-06 08:42 PM
Re: Error Code 6 The handle is invalid - ADSI XP NOSP?
|
Shaun_Hill
Getting the hang of it
Registered: 2004-11-15
Posts: 50
Loc: JHB, South Africa
|
mmm yes, I suppose it could be the ADO part that fails although all the machine are also supposed be using the latest MDAC (suppose things aren't the way they are supposed to be) Wsus client must be having a problem. O well either way though they need to install a service pack or MDAC... i'll make it somebody elses problem... by the way this script works like a charm and is finding a few failed migrations. I deleted my computer account from the old domain and it was then not able to logon. So im glad this script is out there now to find them otherwise the remediation would have been a disaster. 
|
|
Top
|
|
|
|
|
#158376 - 2006-03-06 10:11 PM
Re: Error Code 6 The handle is invalid - ADSI XP NOSP?
|
Howard Bullock
KiX Supporter
Registered: 2000-09-15
Posts: 5809
Loc: Harrisburg, PA USA
|
What about the user accounts? The logon script is based on the user's logon domain. Do you have this code in the script on both the old and new domains? Or have you disabled the old domain user accounts that have been migrated?
|
|
Top
|
|
|
|
|
#158377 - 2006-03-06 10:18 PM
Re: Error Code 6 The handle is invalid - ADSI XP NOSP?
|
Shawn
Administrator
Registered: 1999-08-13
Posts: 8611
|
Quote:
i'll make it somebody elses problem...
hehee, thats it. I like you. From now on you shall be "Teflon Shaun" ;0)
|
|
Top
|
|
|
|
|
#158379 - 2006-03-10 02:23 PM
Re: Error Code 6 The handle is invalid - ADSI XP NOSP?
|
Shaun_Hill
Getting the hang of it
Registered: 2004-11-15
Posts: 50
Loc: JHB, South Africa
|
Hi, sorry 4 delayed replay, been away a few days. Howard the script is being run manually currently on either domain. They are just using it for the time being to verify machines that have been migrated. I will probably add it tonight to the old domain logon scripts. Not sure if I will be allowed to add to to the new domain yet but we will see. Otherwise it will be run manually.
Please don't be harshly critical about the code, I know I'm still a newbie but it does what I need it to do.
P.S. I removed the section which aborts if the script detects XP without any service pack. As seen with previous post it gives Error code 6.
Teflon 
What do you mean? I don't get it...
Code:
Global $LogFile,$OldDomainName,$NewDomainName
;Configurable Section - Change according to your domain and log path, also note you must set the RootDSE for you AD domain in the 2 functions Checkuser, CheckComputer.
$LogFile = "\\hostname\INCOMING\MIGRATIONLOG.TXT"
$OldDomainName = "OLDDOMAIN"
$NewDomainName = "NEWDOMAIN"
;DO NOT MODIFY BELOW THIS LINE
;This is a Perfectly Migrated PC and User Account but is logging on to the wrong Domain
If @LDOMAIN = $OldDomainName AND IsMigrated($NewDomainName) = 1 AND CheckUser = 1 AND CheckComputer = 1
? "Logging onto " + @LDOMAIN + " Domain"
;? "Ignore - Debugging Purposes. Condition1"
? "User Account has been Migrated"
? "Computer Account has been Migrated"
? "Migration Success"
? "User logging on to incorrect domain"
If Open( 3 , $LogFile , 5 ) = 0
$x = WriteLine( 3 , "USERMIGRATED" + " " + @USERID + " " + "PCMIGRATED" + " " + @WKSTA + " " + "MIGRATIONSUCCESS" + " " + "Logging onto OLDDOMAIN" + " " + @DATE + " " + @TIME + @CRLF)
EndIf
Sleep 3
Endif
;This is a Perfectly Migrated PC and User Account and are logging onto the correct domain
If @LDOMAIN = $NewDomainName AND IsMigrated($NewDomainName) = 1 AND CheckUser = 1 AND CheckComputer = 1
? "Logging onto " + @LDOMAIN + " Domain"
;? "Ignore - Debugging Purposes. Condition2"
? "User Account has been Migrated"
? "Computer Account has been Migrated"
? "Migration Success"
? "User logging on to correct domain"
If Open( 3 , $LogFile , 5 ) = 0
$x = WriteLine( 3 , "USERMIGRATED" + " " + @USERID + " " + "PCMIGRATED" + " " + @WKSTA + " " + "MIGRATIONSUCCESS" + " " + "Logging onto NEWDOMAIN" + " " + @DATE + " " + @TIME + @CRLF)
EndIf
Sleep 3
Endif
;This is a failed Migration but User and Computer do exist in AD but logon to wrong domain
If @LDOMAIN = $OldDomainName AND IsMigrated($NewDomainName) = 0 AND CheckUser = 1 AND CheckComputer = 1
? "Logging onto " + @LDOMAIN + " Domain"
;? "Ignore - Debugging Purposes. Condition3"
? "User Account has been Migrated"
? "Computer Account has been Migrated"
? "Migration Failed!"
? "User logging on to incorrect domain"
If Open( 3 , $LogFile , 5 ) = 0
$x = WriteLine( 3 , "USERMIGRATED" + " " + @USERID + " " + "PCMIGRATED" + " " + @WKSTA + " " + "MIGRATIONFAILED" + " " + "Logging onto OLDDOMAIN" + " " + @DATE + " " + @TIME + @CRLF)
EndIf
Sleep 3
EndIf
;This is a failed Migration but User and Computer do exist in AD logon but are loggin on to new domain
If @LDOMAIN = $NewDomainName AND IsMigrated($NewDomainName) = 0 AND CheckUser = 1 AND CheckComputer = 1
? "Logging onto " + @LDOMAIN + " Domain"
;? "Ignore - Debugging Purposes. Condition4"
? "User Account has been Migrated"
? "Computer Account has been Migrated"
? "Migration Failed!"
? "User logging on to correct domain"
If Open( 3 , $LogFile , 5 ) = 0
$x = WriteLine( 3 , "USERMIGRATED" + " " + @USERID + " " + "PCMIGRATED" + " " + @WKSTA + " " + "MIGRATIONFAILED" + " " + "Logging onto NEWDOMAIN" + " " + @DATE + " " + @TIME + @CRLF)
EndIf
Sleep 3
EndIf
;This is a migrated computer but the user does not exist on AD
If IsMigrated($NewDomainName) = 1 AND CheckUser = 0 AND CheckComputer = 1
? "Logging onto " + @LDOMAIN + " Domain"
;? "Ignore - Debugging Purposes. Condition5"
? "User Account has Not been Migrated"
? "Computer Account has been Migrated"
? "Migration Success!"
? "User needs account created on AD"
If Open( 3 , $LogFile , 5 ) = 0
$x = WriteLine( 3 , "USERNOTMIGRATED" + " " + @USERID + " " + "PCMIGRATED" + " " + @WKSTA + " " + "MIGRATIONSUCCESS" + " " + @DATE + " " + @TIME + @CRLF)
EndIf
Sleep 3
EndIf
;This is a failed migration and the user also does not exist on AD
If @LDOMAIN = $OldDomainName AND IsMigrated($NewDomainName) = 0 AND CheckUser = 0 AND CheckComputer = 1
? "Logging onto " + @LDOMAIN + " Domain"
;? "Ignore - Debugging Purposes. Condition6"
? "User Account has Not been Migrated"
? "Computer Account has been Migrated"
? "Migration Failed!"
? "User logging on to incorrect domain"
? "User needs account created on AD"
If Open( 3 , $LogFile , 5 ) = 0
$x = WriteLine( 3 , "USERNOTMIGRATED" + " " + @USERID + " " + "PCMIGRATED" + " " + @WKSTA + " " + "MIGRATIONFAILED" + " " + "Logging onto OLDDOMAIN" + " " @DATE + " " + @TIME + @CRLF)
EndIf
Sleep 3
EndIf
;This is computer that hasn't been migrated but a user account exists for the user on AD
If IsMigrated($NewDomainName) = 0 AND CheckUser = 1 AND CheckComputer = 0
? "Logging onto " + @LDOMAIN + " Domain"
;? "Ignore - Debugging Purposes. Condition7"
? "User Account has been Migrated"
? "Computer Account has Not been Migrated"
? "Migration Not Started!"
If Open( 3 , $LogFile , 5 ) = 0
$x = WriteLine( 3 , "USERMIGRATED" + " " + @USERID + " " + "PCNOTMIGRATED" + " " + @WKSTA + " " + "MIGRATIONNOTSTARTED" + " " + @DATE + " " + @TIME + @CRLF)
EndIf
Sleep 3
EndIf
;This is computer that hasn't been migrated and a user account does not exist for the user on AD
If IsMigrated($NewDomainName) = 0 AND CheckUser = 0 AND CheckComputer = 0
? "Logging onto " + @LDOMAIN + " Domain"
;? "Ignore - Debugging Purposes. Condition8"
? "User Account has Not been Migrated"
? "Computer Account has Not been Migrated"
? "Migration Not Started!"
? "User needs account created on AD"
If Open( 3 , $LogFile , 5 ) = 0
$x = WriteLine( 3 , "USERNOTMIGRATED" + " " + @USERID + " " + "PCNOTMIGRATED" + " " + @WKSTA + " " + "MIGRATIONNOTSTARTED" + " " + @DATE + " " + @TIME + @CRLF)
EndIf
Sleep 3
EndIf
Function CheckUser()
Dim $Con ;(As ADODB.Connection)
Dim $Cmd ;(As ADODB.Command)
Dim $Rs ;(As ADODB.Command)
Dim $Root
;RootDSE for Domain - cannot be dynamic because you not logged onto AD
Dim $sDomain
;Configure RootDSE
$sDomain = "DC=gaming,DC=tsogosun,DC=com"
Dim $OU
Dim $Domain
Dim $sADsPath
Dim $sFilter
Dim $sAttribsToReturn
Dim $sDepth
Dim $strCount
Global $CheckUser
$strName = @UserID
If $strName = ""
? "No username was specified. "
Exit
EndIf
; Create ADO connection object for Active Directory
$Con = CreateObject("ADODB.Connection")
$Con.Provider = "ADsDSOObject"
$Con.Open ;"Active Directory Provider"
; Create ADO command object for the connection.
$Cmd = CreateObject("ADODB.Command")
$Cmd.ActiveConnection = $Con
$Domain = GetObject("LDAP://" + $sDomain)
$sADsPath = "<" + $Domain.ADsPath + ">"
; Build the filter element of the commandtext
If ($strName = "")
? "Error Nothing in Search String"
Exit
Else
$sFilter = "(&(objectCategory=person)(objectClass=user)(sAMAccountName=" + $strName + "))"
EndIf
; Build the returned attributes element of the commandtext.
$sAttribsToReturn = "sAMAccountName"
; Build the depth element of the commandtext.
$sDepth = "subTree"
; Assemble the commandtext.
$Cmd.CommandText = $sADsPath + ";" + $sFilter + ";" + $sAttribsToReturn + ";" + $sDepth
; Execute the query.
$Rs = CreateObject("ADODB.Recordset")
$Rs = $Cmd.Execute
$strCount = $rs.RecordCount
If ($strCount > 0)
$CheckUser=("1")
Else
$CheckUser=("0")
EndIf
If (@ERROR <>0)
? "Error - " + @SERROR
If Open( 3 , $LogFile , 5 ) = 0
$x = WriteLine( 3 , @USERID + " " + @WKSTA + " " + "An Error Occurred " + @SERROR + " " + @DATE + " " + @TIME + @CRLF)
EndIf
EndIf
EndFunction
Function CheckComputer()
Dim $Con ;(As ADODB.Connection)
Dim $Cmd ;(As ADODB.Command)
Dim $Rs ;(As ADODB.Command)
Dim $Root
;RootDSE for Domain - cannot be dynamic because you not logged onto AD
Dim $sDomain
;Configure RootDSE
$sDomain = "DC=gaming,DC=tsogosun,DC=com"
Dim $OU
Dim $Domain
Dim $sADsPath
Dim $sFilter
Dim $sAttribsToReturn
Dim $sDepth
Dim $strCount
Global $CheckComputer
$strName = @WKSTA
If $strName = ""
? "No computer name was specified. "
Exit
EndIf
; Create ADO connection object for Active Directory
$Con = CreateObject("ADODB.Connection")
$Con.Provider = "ADsDSOObject"
$Con.Open ;"Active Directory Provider"
; Create ADO command object for the connection.
$Cmd = CreateObject("ADODB.Command")
$Cmd.ActiveConnection = $Con
$Domain = GetObject("LDAP://" + $sDomain)
$sADsPath = "<" + $Domain.ADsPath + ">"
; Build the filter element of the commandtext
If ($strName = "")
? "Error Nothing in Search String"
Exit
Else
$sFilter = "(&(objectCategory=computer)(objectClass=computer)(name=" + $strName + "))"
EndIf
; Build the returned attributes element of the commandtext.
$sAttribsToReturn = "name"
; Build the depth element of the commandtext.
$sDepth = "subTree"
; Assemble the commandtext.
$Cmd.CommandText = $sADsPath + ";" + $sFilter + ";" + $sAttribsToReturn + ";" + $sDepth
; Execute the query.
$Rs = CreateObject("ADODB.Recordset")
$Rs = $Cmd.Execute
$strCount = $rs.RecordCount
If ($strCount > 0)
$CheckComputer = 1
Else
$CheckComputer = 0
EndIf
If (@ERROR <>0)
? "Error - " + @SERROR
If Open( 3 , $LogFile , 5 ) = 0
$x = WriteLine( 3 , @USERID + " " + @WKSTA + " " + "An Error Occurred " + @SERROR + " " + @DATE + " " + @TIME + @CRLF)
EndIf
EndIf
EndFunction
Function IsMigrated($NewDomain)
If @Domain = $NewDomain
$IsMigrated = 1
Else
$IsMigrated = 0
EndIf
EndFunction
|
|
Top
|
|
|
|
|
#158381 - 2006-03-10 03:03 PM
Re: Error Code 6 The handle is invalid - ADSI XP NOSP?
|
Shaun_Hill
Getting the hang of it
Registered: 2004-11-15
Posts: 50
Loc: JHB, South Africa
|
Lol, i'm just passing the buck... We have many in Africa!
|
|
Top
|
|
|
|
|
#158383 - 2006-03-10 03:20 PM
Re: Error Code 6 The handle is invalid - ADSI XP NOSP?
|
Howard Bullock
KiX Supporter
Registered: 2000-09-15
Posts: 5809
Loc: Harrisburg, PA USA
|
The handle is invalid would seem to apply to a COM operation. I would recommend that you starting debugging this by adding @error<>0 If statments to you code where you instantiate COM objects.
Example:
Code:
$Cmd = CreateObject("ADODB.Command")
if @error<>0
'CreateObject("ADODB.Command"): ' + @serror ?
endif
$Cmd.ActiveConnection = $Con
$Domain = GetObject("LDAP://" + $sDomain)
if @error<>0
'GetObject("LDAP://' + $sDomain + '"): ' + @serror
endif
By doing this you will know what particular line of code failed and why.
|
|
Top
|
|
|
|
Moderator: Shawn, ShaneEP, Ruud van Velsen, Arend_, Jochen, Radimus, Glenn Barnas, Allen, Mart
|
1 registered
(Allen)
and 483 anonymous users online.
|
|
|
