#138483 - 2005-04-22 07:51 PM
Question regarding InContainer
|
oobnuker
Getting the hang of it
Registered: 2003-12-09
Posts: 87
Loc: Oxford, CT
|
I have been working on a global login script for my company and everything is going really well thanks to the help I have received here. I have one question though regarding using the InContainer UDF.
The basic premise of my script is as such: 1 Global Script for ALL users. Using InContainer and TrnaslateName, determine what OU the user is in, and what OU the computer is in. Based on this information, run a drive mapping script, and a local computer script.
The script works great and I am slowly migrating our "legacy" scripts to this new one. On one particular Domain Controller, I have a significant delay and I can't seem to figure it out. Also note, the DCs are not part of my scope of responsibilities, and the server guys don't seem to care right now - but it is definitely a server issue since it works fine on all the other DCs. Obvisouly, the right choice would be to fix the server/AD, but in the short term, here is my question: I currently have 9 OUs that I am breaking out into different scripts, and by my script, I am basically running InContainer 9 times as such:
Code:
$DCR = InContainer("OU=DCR,DC=corp,DC=premcor,DC=tld","Computer") $PAR = InContainer("OU=PAR,DC=corp,DC=premcor,DC=tld","Computer") $LIR = InContainer("OU=LIR,DC=corp,DC=premcor,DC=tld","Computer") $MER = InContainer("OU=Memphis,DC=corp,DC=premcor,DC=tld","Computer") $BIR = InContainer("OU=BIR,OU=HQ,DC=corp,DC=premcor,DC=tld","Computer") $HAT = InContainer("OU=HAT,OU=HQ,DC=corp,DC=premcor,DC=tld","Computer") $HFR = InContainer("OU=HFR,OU=HQ,DC=corp,DC=premcor,DC=tld","Computer") $HQ = InContainer("OU=HQ,DC=corp,DC=premcor,DC=tld","Computer") $CITRIX = InContainer("OU=Metaframe,DC=corp,DC=premcor,DC=tld","Computer")
Also, I am doing this twice ( really like 18 times ) because I have to figure out Computer AND User. While it works and is quite fast most of the time, I can only imagine that 18 queries against AD might be bogging things down. So I wonder if there is a better way to do it - that's where you come in...
Any help would be appreciated. Thanks!
|
Top
|
|
|
|
#138484 - 2005-04-22 08:05 PM
Re: Question regarding InContainer
|
Radimus
Moderator
Registered: 2000-01-06
Posts: 5187
Loc: Tampa, FL
|
Look in the incontainer() thread in the UDF forum, for some of my posts.
Like incontainer2
|
Top
|
|
|
|
#138486 - 2005-04-22 08:16 PM
Re: Question regarding InContainer
|
oobnuker
Getting the hang of it
Registered: 2003-12-09
Posts: 87
Loc: Oxford, CT
|
Thanks for the replies. I'll take a look at your alternative Radimus.
Les, here is some more of the code to get a better understanding of what I am doing: Code:
; Determine User and Computer Location in AD $DCR = InContainer("OU=DCR,DC=corp,DC=premcor,DC=tld","User") $PAR = InContainer("OU=PAR,DC=corp,DC=premcor,DC=tld","User") $LIR = InContainer("OU=LIR,DC=corp,DC=premcor,DC=tld","User") $MER = InContainer("OU=Memphis,DC=corp,DC=premcor,DC=tld","User") $BIR = InContainer("OU=BIR,OU=HQ,DC=corp,DC=premcor,DC=tld","User") $HAT = InContainer("OU=HAT,OU=HQ,DC=corp,DC=premcor,DC=tld","User") $HFR = InContainer("OU=HFR,OU=HQ,DC=corp,DC=premcor,DC=tld","User") $HQ = InContainer("OU=HQ,DC=corp,DC=premcor,DC=tld","User") Select Case $BIR[0]>0 $USERLOC = "BIR" Case $HAT[0]>0 $USERLOC = "HAT" Case $HFR[0]>0 $USERLOC = "HFR" Case $HQ[0]>0 $USERLOC = "HQ" Case $DCR[0]>0 $USERLOC = "DCR" Case $PAR[0]>0 $USERLOC = "PAR" Case $LIR[0]>0 $USERLOC = "LIR" Case $MER[0]>0 $USERLOC = "MER" EndSelect $DCR = InContainer("OU=DCR,DC=corp,DC=premcor,DC=tld","Computer") $PAR = InContainer("OU=PAR,DC=corp,DC=premcor,DC=tld","Computer") $LIR = InContainer("OU=LIR,DC=corp,DC=premcor,DC=tld","Computer") $MER = InContainer("OU=Memphis,DC=corp,DC=premcor,DC=tld","Computer") $BIR = InContainer("OU=BIR,OU=HQ,DC=corp,DC=premcor,DC=tld","Computer") $HAT = InContainer("OU=HAT,OU=HQ,DC=corp,DC=premcor,DC=tld","Computer") $HFR = InContainer("OU=HFR,OU=HQ,DC=corp,DC=premcor,DC=tld","Computer") $HQ = InContainer("OU=HQ,DC=corp,DC=premcor,DC=tld","Computer") $CITRIX = InContainer("OU=Metaframe,DC=corp,DC=premcor,DC=tld","Computer") Select Case $BIR[0]>0 $ComputerLOC = "BIR" Case $HAT[0]>0 $ComputerLOC = "HAT" Case $HFR[0]>0 $ComputerLOC = "HFR" Case $HQ[0]>0 $ComputerLOC = "HQ" Case $DCR[0]>0 $ComputerLOC = "DCR" Case $PAR[0]>0 $ComputerLOC = "PAR" Case $LIR[0]>0 $ComputerLOC = "LIR" Case $MER[0]>0 $ComputerLOC = "MER" Case $CITRIX[0]>0 $ComputerLOC = "CITRIX" EndSelect Select Case $ComputerLOC = "BIR" $LOCALSCRIPT = "BIRLOCAL.KIX" Case $ComputerLOC = "HAT" $LOCALSCRIPT = "HATLOCAL.KIX" Case $ComputerLOC = "HFR" $LOCALSCRIPT = "HFRLOCAL.KIX" Case $ComputerLOC = "HQ" $LOCALSCRIPT = "HQLOCAL.KIX" Case $ComputerLOC = "DCR" $LOCALSCRIPT = "DCRLOCAL.KIX" Case $ComputerLOC = "PAR" $LOCALSCRIPT = "PARLOCAL.KIX" Case $ComputerLOC = "LIR" $LOCALSCRIPT = "LIRLOCAL.KIX" Case $ComputerLOC = "MER" $LOCALSCRIPT = "MERLOCAL.KIX" Case $ComputerLOC = "CITRIX" $LOCALSCRIPT = "CITRIXLOCAL.KIX" EndSelect Select Case $USERLOC = "BIR" $DMSCRIPT = "BIRDM.KIX" Case $USERLOC = "HAT" $DMSCRIPT = "HATDM.KIX" Case $USERLOC = "HFR" $DMSCRIPT = "HFRDM.KIX" Case $USERLOC = "HQ" $DMSCRIPT = "HQDM.KIX" Case $USERLOC = "DCR" $DMSCRIPT = "DCRDM.KIX" Case $USERLOC = "PAR" $DMSCRIPT = "PARDM.KIX" Case $USERLOC = "LIR" $DMSCRIPT = "LIRDM.KIX" Case $USERLOC = "MER" $DMSCRIPT = "MERDM.KIX" EndSelect
; Begin Drive Mappings :DRIVES
; Debug Info ? "Running "+ "%logonserver%\netlogon\global\"+ $USERLOC +"\"+ $DMSCRIPT +"..."
Call "%logonserver%\netlogon\global\"+ $USERLOC +"\"+ $DMSCRIPT
; ======================================================================== ; Begin Local Scripts :LOCAL
; Debug Info ? "Running "+ "%logonserver%\netlogon\global\"+ $USERLOC +"\"+ $LOCALSCRIPT +"..."
Call "%logonserver%\netlogon\global\"+ $USERLOC +"\"+ $LOCALSCRIPT
; ========================================================================
Pardon my (likely) hacked up script, but I'm learning...
I changed the binding to the Logon Server that is servicing the logon per another suggestion in my original thread.
Edited by oobnuker (2005-04-22 08:17 PM)
|
Top
|
|
|
|
#138488 - 2005-04-22 08:39 PM
Re: Question regarding InContainer
|
Howard Bullock
KiX Supporter
Registered: 2000-09-15
Posts: 5809
Loc: Harrisburg, PA USA
|
I agree that Radimus has found the short coming of the intial implementation of these UDFs. They need to be written and used differently than the way they are currently written and documented. I have been lookng in top my own corporate logon script and found too many calls to Translatename(). As soon as I rationalize my own needs and recode, I will repost the new UDFs soon.
|
Top
|
|
|
|
#138490 - 2005-04-22 09:21 PM
Re: Question regarding InContainer
|
maciep
Korg Regular
Registered: 2002-06-14
Posts: 947
Loc: Pittsburgh
|
To elaborate on what Les suggested, here's some code that might be able to condense things for you a little. I can't really test it though, so i'm not if works or not.
Code:
$DN = TranslateName (3, "", 3, "@Domain\@wksta$", 1) $DN = $DN[0] $DN = split($DN,',DC=')[0] $DN = split($DN,',OU=') $ubound = ubound($DN) if $ubound > 1 $computerLoc = $DN[$ubound] $secondLevel = $DN[$ubound-1] if $computerLoc = 'HQ' if instr('BIR;HAT;HFR',$secondLevel) $computerLoc = $secondLevel endif endif endif if $computerLoc = 'Metaframe' $computerLoc = 'CITRIX' endif ? $computerLoc
|
Top
|
|
|
|
#138491 - 2005-04-22 09:26 PM
Re: Question regarding InContainer
|
oobnuker
Getting the hang of it
Registered: 2003-12-09
Posts: 87
Loc: Oxford, CT
|
Quote:
To elaborate on what Les suggested, here's some code that might be able to condense things for you a little. I can't really test it though, so i'm not if works or not.
Code:
$DN = TranslateName (3, "", 3, "@Domain\@wksta$", 1) $DN = $DN[0] $DN = split($DN,',DC=')[0] $DN = split($DN,',OU=') $ubound = ubound($DN) if $ubound > 1 $computerLoc = $DN[$ubound] $secondLevel = $DN[$ubound-1] if $computerLoc = 'HQ' if instr('BIR;HAT;HFR',$secondLevel) $computerLoc = $secondLevel endif endif endif if $computerLoc = 'Metaframe' $computerLoc = 'CITRIX' endif ? $computerLoc
Thanks - I'll give it a try.
_________________________
--
oobnuker - .KIX hack - no really.
|
Top
|
|
|
|
#138493 - 2005-04-22 10:18 PM
Re: Question regarding InContainer
|
Radimus
Moderator
Registered: 2000-01-06
Posts: 5187
Loc: Tampa, FL
|
I basically do this (I only check User OU... I do computer location by subnet)
Code:
$ldap = TranslateName(1, @domain, 3, @ldomain+'\'+@userid, 1) $OU = LDAPArray($ldap[0],'OU')[1] $UserProperties = GetObject("LDAP://"+$LDAP[0]) $FirstName = $userProperties.FirstName $LastName = $userProperties.LastName $Description = $userProperties.Description $Orgcode = left($Description,instr($description,';')-1) $BudgetEntity = right($Description,instrrev($description,';')-1) $UserProperties = 0
;Function to split distinguished user name into array elements for inventory Function LDAPArray($ldap, optional $filter) dim $item, $element, $temp if not instr("CN OU DC",$filter) $filter='' endif $item=-1 $tarr = split($ldap,',') for $element = 0 to ubound($tarr) $temp=$tarr[$element] if left($temp,2)=$filter or $filter='' $item=$item+1 redim preserve $LDAParray[$item] $LDAParray[$item]=right($temp,len($temp)-3) endif next endfunction
|
Top
|
|
|
|
Moderator: Jochen, Allen, Radimus, Glenn Barnas, ShaneEP, Ruud van Velsen, Arend_, Mart
|
1 registered
(Allen)
and 466 anonymous users online.
|
|
|