Different result with the same file - KiXtart.org

You are not logged in. [Log In] KiXtart.org website » Forums » KiXtart » Basic Scripting » Different result with the same file

Page 1 of 1

Topic Options

#203089 - 2011-09-15 05:17 PM

Different result with the same file

marvince Offline

Fresh Scripter

Registered: 2006-05-16
Posts: 19
Loc: Northern Hemisphere

Hi, I am having an issue where special characters are diplayed incorrectly.

I use this function to return the full ADSPATH:

Code:

	$UserName = "yourtestaccount"
	$UserAccountOU = GetUserOU($UserName + "@@yourdomain.com") 
	Function GetUserOU($UserName) 
		$aAttributes = "Name", "AdsPath"  
		$sADsPath = "LDAP://"+GetObject("LDAP://domain.com").Get("defaultNamingContext")  
		$strFilter = "(&(objectClass=User)(userPrincipalName=$UserName))"  
		$aResults = fnLDAPQuery($aAttributes,$sADsPath,$strFilter,"Name")  
	;	@ERROR " | " @SERROR ?  
		For $c = 0 to Ubound($aResults) 
		    For $r = 0 to UBound($aResults,2) 
		      $GetUserOU = $aResults[$c,$r]
		    Next 
		Next 
	EndFunction

Then I remove the "LDAP:\\" from the string, because I want to use DSQUERY:

Code:

	$UserOU = SubStr($UserAccountOU, Len("LDAP://")+1, Len($UserAccountOU)-Len("LDAP://")) ; remove "LDAP://" from string

Then I generate the following command file:

Code:

	If Open(1,"Test.cmd",5) = 0
		WriteLine(1,'@@echo off' + @CRLF)
		WriteLine(1,'dsquery user -name ' +chr(34) + '$UserName' + chr(34) + ' ' + chr(34) + $UserOU + chr(34) + @CRLF)
		WriteLine(1,'exit 0' + @CRLF)
	EndIf
	Close(1)
	Shell '%comspec% /C Test.cmd'

So far it works OK.

For the purpose of this test, we will use:

Code:

CN = Francis Bossé
UserName = fbosse@domain.com

Now strange things happen.
If I run the generated command file, I get this error:

Code:

	dsquery failed:Directory object not found.
	type dsquery /? for help.

So I said allright, lets check the content of the command file.
I do a type of the command file, I see:

Code:

	dsquery user -name "Francis BossÚ" "CN=Francis BossÚ,OU=LAPTOP,OU=CITY,OU=USERS,DC=domain,DC=com"
	exit 0

I open the command file from notepad, I see:

Code:

	dsquery user -name "Francis Bossé" "CN=Francis Bossé,OU=LAPTOP,OU=CITY,OU=USERS,DC=domain,DC=com"
	exit 0

I don't understand how I can produce different results from the same text file...
I suppose when I run the command file, it is read in the same format like the TYPE command?
Is there a way to fix this ? (please don't tell me not to use é in the name $;\)$ )

Top

#203092 - 2011-09-15 08:34 PM Re: Different result with the same file [Re: marvince]
ShaneEP ShaneEP MM club member Registered: 2002-11-29 Posts: 2127 Loc: Tulsa, OK	I believe its cmd that breaking the symbol, not kix (see sample below that works). Any reason why you don't build the query line and then run it in kix instead of writing it to a separate cmd file? Code: $nul = Open(1,@ScriptDir+"\test.txt",5) $nul = WriteLine(1,"Francis Bossé") $nul = Close(1) $nul = Open(1,@ScriptDir+"\test.txt") ? readline(1) $nul = Close(1) get $
Top

#203093 - 2011-09-15 10:14 PM Re: Different result with the same file [Re: marvince]
Glenn Barnas Glenn Barnas KiX Supporter Registered: 2003-01-28 Posts: 4402 Loc: New Jersey	Welcome to KORG! You see the wrong character when you "type" the command file because the file content is Unicode, while the console expects to display in ANSI. Notepad is capable of editing and displaying either, and detects which format to use. Open in Notepad, click File / Save As, give it a new name and choose ANSI as the Encoding file format. Then you should be able to display the new file contents via Type and get what's expected. You might want to detect special characters and replace them with Chr() functions so you get what you expect. Also, as Shane pointed out, you can do this directly from Kix.. Code: $Cmd = 'command to execute...' 'About to run ' $Cmd ? Shell $Cmd 'Result: ' @SERROR ? Glenn _________________________ Actually I am a Rocket Scientist! $\:D$
Top

#203098 - 2011-09-18 01:47 AM Re: Different result with the same file [Re: Glenn Barnas]
marvince marvince Fresh Scripter Registered: 2006-05-16 Posts: 19 Loc: Northern Hemisphere	Thank you ShaneEP for your help! Thank you Glenn for the welcome and your help (nice website you have)! My objective is to build the CMD file which should contain the full DSQUERY command syntax, parameters, and values. Unfortunately, I have to pass the CN= value (which I get from the LDAP query function (GetUserOU)) to the command DSQUERY USER -NAME . I checked various ways to start the CMD shell within KIX: Code: Shell '%comspec% /A /C Test.cmd' This should "Causes the output of internal commands to a pipe or file to be ANSI". Code: Shell '%comspec% /U /C Test.cmd' This should "Causes the output of internal commands to a pipe or file to be Unicode". But I was not able to get good results. Is there a way, from KIX, to create the CMD file in ANSI format? Edited by marvince (2011-09-18 02:15 AM)
Top

#203099 - 2011-09-18 02:20 AM Re: Different result with the same file [Re: marvince]
ShaneEP ShaneEP MM club member Registered: 2002-11-29 Posts: 2127 Loc: Tulsa, OK	I think at the point of trying to run the command file, the char is already converted, so it wouldnt be any use to try different command options. Why not just do it in kix instead of from a cmd file?... Code: Shell 'dsquery user -name "'+$UserName+'" "'+$UserOU+'"'
Top

#203100 - 2011-09-18 02:26 AM

Re: Different result with the same file [Re: ShaneEP]

ShaneEP Offline

MM club member

Registered: 2002-11-29
Posts: 2127
Loc: Tulsa, OK

Full code...

Code:

$UserName = "yourtestaccount"

$UserAccountOU = GetUserOU($UserName+"@@yourdomain.com") 
$UserOU = Split($UserAccountOU,""LDAP://"")[1]

Shell 'dsquery user -name "'+$UserName+'" "'+$UserOU+'"'

Function GetUserOU($UserName) 
	$aAttributes = "Name", "AdsPath"  
	$sADsPath = "LDAP://"+GetObject("LDAP://domain.com").Get("defaultNamingContext")  
	$strFilter = "(&(objectClass=User)(userPrincipalName=$UserName))"  
	$aResults = fnLDAPQuery($aAttributes,$sADsPath,$strFilter,"Name")  
;	@ERROR " | " @SERROR ?  
	For $c = 0 to Ubound($aResults) 
	    For $r = 0 to UBound($aResults,2) 
	      $GetUserOU = $aResults[$c,$r]
	    Next 
	Next 
EndFunction

Top

#203101 - 2011-09-18 03:10 AM Re: Different result with the same file [Re: ShaneEP]
Allen Allen KiX Supporter Registered: 2003-04-19 Posts: 4567 Loc: USA	I'm having a hard time grasping what you are trying to accomplish with the dsquery command. It seems like no matter what it is we should be able to do it completely in kix.
Top

#203102 - 2011-09-18 03:45 AM Re: Different result with the same file [Re: Allen]
marvince marvince Fresh Scripter Registered: 2006-05-16 Posts: 19 Loc: Northern Hemisphere	Thank you ShaneEP for the extra help, I will try it. I should have explained the whole purpose of what I am trying to achieve: I want a number of different regular users to do certain actions in the Active Directory, but without giving them any permissions and explaining the DO's and DONT's. So I build a front-end with KIX, which ask questions, validate the answers, and then generates the command file to be performed. This allows a structured and controlled way of allowing this type of action; we feel it answers our needs for simple delegation and security. Then the command file is copied to a folder where it is triggered for execution by an elevated domain account. The command file is validated prior to execution, and an audit trail is kept. I have, in the user front-end, some security validation, such as is the user allowed to perform this action on the destination account, does the destination account exist, etc. So basically I have broken in 2 different parts the whole process, without giving regular user permissions in the Active Directory, plus the user is happy to just answer a few questions. The process works no problem when the CN doesn't have special characters, like é, è, ç etc. I might look at this from the wrong angle, and am very open to look at other ways of doing it, I just need the guidance. Edited by marvince (2011-09-18 04:51 AM)
Top

#203104 - 2011-09-19 04:27 PM Re: Different result with the same file [Re: marvince]
Glenn Barnas Glenn Barnas KiX Supporter Registered: 2003-01-28 Posts: 4402 Loc: New Jersey	Well Halle-freain'-leulla!!! Someone who understands separation of privilege! $\:D$ I applaud you and your efforts!! This idea is similar to how we perform admin tasks during login, when the user performs a detection & drops a request file if the detection results in an install/update process. I haven't encountered issues with special or unicode chars in this model, but I can see where they'd be an issue in AD when dealing with user names or locations. Check the Kixtart UDF Library on my web site and grab the AtoU UDF. It's actually a pair of UDFs that do simple ASCII/Unicode translations. They might be of help in your situation. If not directly useful, they might provide some ideas for your specific need. The AtoU UDF was developed when we needed to query AD to perform Exchange to Archive data migrations, so it might just be what you need. Glenn _________________________ Actually I am a Rocket Scientist! $\:D$
Top

#203105 - 2011-09-19 08:27 PM Re: Different result with the same file [Re: Glenn Barnas]
ShaneEP ShaneEP MM club member Registered: 2002-11-29 Posts: 2127 Loc: Tulsa, OK	Maybe just write the command files to .kix instead of .cmd?
Top

#203107 - 2011-09-19 09:39 PM Re: Different result with the same file [Re: Glenn Barnas]
marvince marvince Fresh Scripter Registered: 2006-05-16 Posts: 19 Loc: Northern Hemisphere	Originally Posted By: Glenn Barnas Well Halle-freain'-leulla!!! Someone who understands separation of privilege! $\:D$ I applaud you and your efforts!! Thank you $\:\)$ Originally Posted By: Glenn Barnas Check the Kixtart UDF Library on my web site and grab the AtoU UDF. It's actually a pair of UDFs that do simple ASCII/Unicode translations. They might be of help in your situation. If not directly useful, they might provide some ideas for your specific need. The AtoU UDF was developed when we needed to query AD to perform Exchange to Archive data migrations, so it might just be what you need. I browsed the library on your website and found some interesting stuff! Did a quick try with: Code: Break On $Username = "fbosse" $UserAccountOU = GetUserOU($UserName+"@@emcobp.com") ? $UserAccountOU $UserOU = SubStr($UserAccountOU, Len("LDAP://")+1, Len($UserAccountOU)-Len("LDAP://")) ; remove "LDAP://" from string ? $UserOU $CmdLine = 'dsquery user -name ' + chr(34) + $UserName + chr(34) + ' ' + chr(34) + $UserOU + chr(34) + ' ' ? $CmdLine ? UtoA($CmdLine) ? AtoU($CmdLine) Quit The result: Code: C:\temp>kix32 test.kix LDAP://CN=Francis Bossé,OU=LAPTOP,OU=LASALLE,OU=BP_USERS,DC=emcobp,DC=com CN=Francis Bossé,OU=LAPTOP,OU=LASALLE,OU=BP_USERS,DC=emcobp,DC=com dsquery user -name "fbosse" "CN=Francis Bossé,OU=LAPTOP,OU=LASALLE,OU=BP_USERS,DC=emcobp,DC=com" ♫û☼♀♂ ♀♀♀ 64007300710075006500720079002000750073006500720020002d006e0061006d00650020002200660062006f0073007300000043003d0063006f006d0022002000 C:\temp> I don't understand the results! So I have some work to do $\:\)$
Top

#203108 - 2011-09-19 11:05 PM

Re: Different result with the same file [Re: marvince]

ShaneEP Offline

MM club member

Registered: 2002-11-29
Posts: 2127
Loc: Tulsa, OK

Another options...I saw some examples of dsquery that used *'s as wildcards. Maybe just a quick Split/Join on a few characters is all you need.

Code:

Break On
$Username = "fbosse"
$UserAccountOU = GetUserOU($UserName+"@@emcobp.com") 
? $UserAccountOU
$UserOU = Split($UserAccountOU,"LDAP://")[1]   ; remove "LDAP://" from string	

If InStr($UserOU,Chr(233))
   $UserOU = Join(Split($UserOU,Chr(233)),"*")   ; if é is in string, it is replaced with a *
Endif
? $UserOU

$CmdLine = 'dsquery user -name ' + chr(34) + $UserName + chr(34) + ' ' + chr(34) + $UserOU + chr(34) + ' '
? $CmdLine
Quit

Top

#203110 - 2011-09-20 01:21 PM Re: Different result with the same file [Re: ShaneEP]
NTDOC NTDOC Administrator Registered: 2000-07-28 Posts: 11631 Loc: CA	Well hopefully just a minor character escape issue or something along those lines. Not as secure but your method would allow some delegation that the ADUC GUI would not easily allow delegation of. Though one could also build a very secure delegation method using MS SQL as well which also provides an excellent audit trail. Not sure but I think it is Howard that does that and even changes the Windows account password for it quite often if not daily. But then you do need to know SQL pretty well also. More fun to hand roll one if you have the time for sure. There is also Desktop Authority for those that don't have time or desire to hand roll one. (better have some budget money though) $\:D$ http://www.scriptlogic.com/
Top

#203114 - 2011-09-20 03:27 PM Re: Different result with the same file [Re: marvince]
Glenn Barnas Glenn Barnas KiX Supporter Registered: 2003-01-28 Posts: 4402 Loc: New Jersey	I'd try UtoA only on the user name, not the entire command line. Code: $UserName = UtoA($UserName) I'm not positive that it will solve your issue, but it's a good try. Display the results of the $UserName before/after the conversion to see if it helps. Also, here's an alternative to remove "LDAP://" from a string Code: $UserOU = Join(Split($UserOU, 'LDAP://'), '') This splits the string into an array using "LDAP://" as a delimiter. The array is joined into a string, using nothing as a delimiter. The result is that the original delimiter is removed from the string. Shane's example also works, but only for this specific example (one instance of the removed text at the beginning of the string). I'll take a look at the special char issue and see if it's really a Unicode/ASCII issue. Glenn _________________________ Actually I am a Rocket Scientist! $\:D$
Top

#203116 - 2011-09-20 04:30 PM Re: Different result with the same file [Re: Glenn Barnas]
ShaneEP ShaneEP MM club member Registered: 2002-11-29 Posts: 2127 Loc: Tulsa, OK	There are only a few chars that I know of that could possibly be in someones name, so if my last example works, I would go that route and just add a couple more split/joins with the wildcards. A lot easier than adding more UDFs and messing about with the unicode/ascii stuff. But thats just my opinion.
Top

#203119 - 2011-09-21 03:30 AM Re: Different result with the same file [Re: ShaneEP]
marvince marvince Fresh Scripter Registered: 2006-05-16 Posts: 19 Loc: Northern Hemisphere	Thank you Glenn for the tip on Join/Split $\:\)$ The function UtoA($UserName) does not work $\:$$ Thank you ShaneEP for your input. I agree with your solution: manipulate the string to replace special chars (such as é,è,ù,etc) by * $\:$$ NTDOC, yes I like more fun and will do it myself! :P Thank you everyone for your input and time. I will post my results when I have something useable!
Top

#203120 - 2011-09-21 03:47 AM Re: Different result with the same file [Re: marvince]
marvince marvince Fresh Scripter Registered: 2006-05-16 Posts: 19 Loc: Northern Hemisphere	Ah ah what a little Google search can do for you: Code: dsquery * -filter "&(objectcategory=user)(samaccountname=fbosse)" -attr objectsid This will help me simplify my code I think... I know its not KIX... and I should be able to do it only with KIX. But you can't dissociate laziness from the command line $;\)$
Top

#203122 - 2011-09-21 02:29 PM Re: Different result with the same file [Re: marvince]
Glenn Barnas Glenn Barnas KiX Supporter Registered: 2003-01-28 Posts: 4402 Loc: New Jersey	OK - since the wildcard works, the question becomes "can dsquery return multiple matching results, and if so, NOW WHAT??" $\:o$ How do you select the correct entry when there are multiple matches? Should not be difficult, but should be considered in your logic. For example "Frank Bossé" and "Frank Bosserino" - searching for "Boss" could return both. Without doing any additional research, I'd ask "can I use a '?' instead of '' to match a single character wildcard?". If so, I'd write a little UDF to scan a word and replace any extended character with a "?". Something like Code: ; Returns a word with "?" replacing any non-ASCII char Function PlainNameWC($_Name) Dim $_P, $_C ; pointer, character Dim $_New ; new name For $P = 1 to Len($_Name) ; enumerate string $_C = SubStr($_Name, $_P, 1) ; get char If Asc($_C) > 127 ; if non-ascii $_New = $_New + '?' ; append wildcard Else ; otherwise $_New = $_New + $_C ; append char EndIf Next $NewNameWC = $_New ; return altered name Exit 0 EndFunction This is untested; use at your own risk; your mileage may vary; Don't try this at home... $\:\)$ Glenn _________________________ Actually I am a Rocket Scientist! $\:D$
Top

#203125 - 2011-09-21 09:56 PM Re: Different result with the same file [Re: Glenn Barnas]
ShaneEP ShaneEP MM club member Registered: 2002-11-29 Posts: 2127 Loc: Tulsa, OK	Glenn, my assumption was that there may be more than 1 match, but only one would have the passed username. The special char only shows in the OU for the user. However, as always, there is a strong possibility that I am mistaken. $;\)$
Top

#203127 - 2011-09-22 04:25 PM Re: Different result with the same file [Re: ShaneEP]
Glenn Barnas Glenn Barnas KiX Supporter Registered: 2003-01-28 Posts: 4402 Loc: New Jersey	Hey - I wasn't implying that the process was right or wrong, just making sure that all of the potential situations were considered, no matter how likely (or unlikely!). I don't have any users with special chars that I can test with, either, so I'm just throwing ideas out there for you guys to consider. You aren't the only member of the "Mistaken" club! $\:\)$ (My membership ID is pretty low!) $;\)$ Glenn _________________________ Actually I am a Rocket Scientist! $\:D$
Top

Page 1 of 1

Previous Topic View All Topics

Index Next Topic

Moderator: Jochen, Allen, Radimus, Glenn Barnas, ShaneEP, Ruud van Velsen, Arend_, Mart

Hop to:

Shout Box

Search the board with:
superb Board Search
or try with google:

	Web kixtart.org