Page 1 of 1 1
Topic Options
#138483 - 2005-04-22 07:51 PM Question regarding InContainer
oobnuker Offline
Getting the hang of it

Registered: 2003-12-09
Posts: 87
Loc: Oxford, CT
I have been working on a global login script for my company and everything is going really well thanks to the help I have received here. I have one question though regarding using the InContainer UDF.

The basic premise of my script is as such:
1 Global Script for ALL users.
Using InContainer and TrnaslateName, determine what OU the user is in, and what OU the computer is in.
Based on this information, run a drive mapping script, and a local computer script.

The script works great and I am slowly migrating our "legacy" scripts to this new one. On one particular Domain Controller, I have a significant delay and I can't seem to figure it out. Also note, the DCs are not part of my scope of responsibilities, and the server guys don't seem to care right now - but it is definitely a server issue since it works fine on all the other DCs. Obvisouly, the right choice would be to fix the server/AD, but in the short term, here is my question: I currently have 9 OUs that I am breaking out into different scripts, and by my script, I am basically running InContainer 9 times as such:

Code:

$DCR = InContainer("OU=DCR,DC=corp,DC=premcor,DC=tld","Computer")
$PAR = InContainer("OU=PAR,DC=corp,DC=premcor,DC=tld","Computer")
$LIR = InContainer("OU=LIR,DC=corp,DC=premcor,DC=tld","Computer")
$MER = InContainer("OU=Memphis,DC=corp,DC=premcor,DC=tld","Computer")
$BIR = InContainer("OU=BIR,OU=HQ,DC=corp,DC=premcor,DC=tld","Computer")
$HAT = InContainer("OU=HAT,OU=HQ,DC=corp,DC=premcor,DC=tld","Computer")
$HFR = InContainer("OU=HFR,OU=HQ,DC=corp,DC=premcor,DC=tld","Computer")
$HQ = InContainer("OU=HQ,DC=corp,DC=premcor,DC=tld","Computer")
$CITRIX = InContainer("OU=Metaframe,DC=corp,DC=premcor,DC=tld","Computer")



Also, I am doing this twice ( really like 18 times ) because I have to figure out Computer AND User. While it works and is quite fast most of the time, I can only imagine that 18 queries against AD might be bogging things down. So I wonder if there is a better way to do it - that's where you come in...


Any help would be appreciated. Thanks!

Top
#138484 - 2005-04-22 08:05 PM Re: Question regarding InContainer
Radimus Moderator Offline
Moderator
*****

Registered: 2000-01-06
Posts: 5187
Loc: Tampa, FL
Look in the incontainer() thread in the UDF forum, for some of my posts.

Like incontainer2
_________________________
How to ask questions the smart way <-----------> Before you ask

Top
#138485 - 2005-04-22 08:11 PM Re: Question regarding InContainer
Les Offline
KiX Master
*****

Registered: 2001-06-11
Posts: 12734
Loc: fortfrances.on.ca
Have you followed the discussion in the UDF's thread? Are you binding to the DC or GC?
You don't really say what you do with the results and what depth of the tree you are looking at. If you are looking at one specific tree depth, you could simply TranslateName() and then Split() the DN. That would be just two trips to the DC or GC.
_________________________
Give a man a fish and he will be back for more. Slap him with a fish and he will go away forever.

Top
#138486 - 2005-04-22 08:16 PM Re: Question regarding InContainer
oobnuker Offline
Getting the hang of it

Registered: 2003-12-09
Posts: 87
Loc: Oxford, CT
Thanks for the replies. I'll take a look at your alternative Radimus.

Les, here is some more of the code to get a better understanding of what I am doing:
Code:

; Determine User and Computer Location in AD
$DCR = InContainer("OU=DCR,DC=corp,DC=premcor,DC=tld","User")
$PAR = InContainer("OU=PAR,DC=corp,DC=premcor,DC=tld","User")
$LIR = InContainer("OU=LIR,DC=corp,DC=premcor,DC=tld","User")
$MER = InContainer("OU=Memphis,DC=corp,DC=premcor,DC=tld","User")
$BIR = InContainer("OU=BIR,OU=HQ,DC=corp,DC=premcor,DC=tld","User")
$HAT = InContainer("OU=HAT,OU=HQ,DC=corp,DC=premcor,DC=tld","User")
$HFR = InContainer("OU=HFR,OU=HQ,DC=corp,DC=premcor,DC=tld","User")
$HQ = InContainer("OU=HQ,DC=corp,DC=premcor,DC=tld","User")

Select
Case $BIR[0]>0 $USERLOC = "BIR"
Case $HAT[0]>0 $USERLOC = "HAT"
Case $HFR[0]>0 $USERLOC = "HFR"
Case $HQ[0]>0 $USERLOC = "HQ"
Case $DCR[0]>0 $USERLOC = "DCR"
Case $PAR[0]>0 $USERLOC = "PAR"
Case $LIR[0]>0 $USERLOC = "LIR"
Case $MER[0]>0 $USERLOC = "MER"
EndSelect

$DCR = InContainer("OU=DCR,DC=corp,DC=premcor,DC=tld","Computer")
$PAR = InContainer("OU=PAR,DC=corp,DC=premcor,DC=tld","Computer")
$LIR = InContainer("OU=LIR,DC=corp,DC=premcor,DC=tld","Computer")
$MER = InContainer("OU=Memphis,DC=corp,DC=premcor,DC=tld","Computer")
$BIR = InContainer("OU=BIR,OU=HQ,DC=corp,DC=premcor,DC=tld","Computer")
$HAT = InContainer("OU=HAT,OU=HQ,DC=corp,DC=premcor,DC=tld","Computer")
$HFR = InContainer("OU=HFR,OU=HQ,DC=corp,DC=premcor,DC=tld","Computer")
$HQ = InContainer("OU=HQ,DC=corp,DC=premcor,DC=tld","Computer")
$CITRIX = InContainer("OU=Metaframe,DC=corp,DC=premcor,DC=tld","Computer")

Select
Case $BIR[0]>0 $ComputerLOC = "BIR"
Case $HAT[0]>0 $ComputerLOC = "HAT"
Case $HFR[0]>0 $ComputerLOC = "HFR"
Case $HQ[0]>0 $ComputerLOC = "HQ"
Case $DCR[0]>0 $ComputerLOC = "DCR"
Case $PAR[0]>0 $ComputerLOC = "PAR"
Case $LIR[0]>0 $ComputerLOC = "LIR"
Case $MER[0]>0 $ComputerLOC = "MER"
Case $CITRIX[0]>0 $ComputerLOC = "CITRIX"
EndSelect

Select
Case $ComputerLOC = "BIR" $LOCALSCRIPT = "BIRLOCAL.KIX"
Case $ComputerLOC = "HAT" $LOCALSCRIPT = "HATLOCAL.KIX"
Case $ComputerLOC = "HFR" $LOCALSCRIPT = "HFRLOCAL.KIX"
Case $ComputerLOC = "HQ" $LOCALSCRIPT = "HQLOCAL.KIX"
Case $ComputerLOC = "DCR" $LOCALSCRIPT = "DCRLOCAL.KIX"
Case $ComputerLOC = "PAR" $LOCALSCRIPT = "PARLOCAL.KIX"
Case $ComputerLOC = "LIR" $LOCALSCRIPT = "LIRLOCAL.KIX"
Case $ComputerLOC = "MER" $LOCALSCRIPT = "MERLOCAL.KIX"
Case $ComputerLOC = "CITRIX" $LOCALSCRIPT = "CITRIXLOCAL.KIX"
EndSelect

Select
Case $USERLOC = "BIR" $DMSCRIPT = "BIRDM.KIX"
Case $USERLOC = "HAT" $DMSCRIPT = "HATDM.KIX"
Case $USERLOC = "HFR" $DMSCRIPT = "HFRDM.KIX"
Case $USERLOC = "HQ" $DMSCRIPT = "HQDM.KIX"
Case $USERLOC = "DCR" $DMSCRIPT = "DCRDM.KIX"
Case $USERLOC = "PAR" $DMSCRIPT = "PARDM.KIX"
Case $USERLOC = "LIR" $DMSCRIPT = "LIRDM.KIX"
Case $USERLOC = "MER" $DMSCRIPT = "MERDM.KIX"
EndSelect

; Begin Drive Mappings

:DRIVES

; Debug Info
? "Running "+ "%logonserver%\netlogon\global\"+ $USERLOC +"\"+ $DMSCRIPT +"..."

Call "%logonserver%\netlogon\global\"+ $USERLOC +"\"+ $DMSCRIPT

; ========================================================================
; Begin Local Scripts
:LOCAL

; Debug Info
? "Running "+ "%logonserver%\netlogon\global\"+ $USERLOC +"\"+ $LOCALSCRIPT +"..."

Call "%logonserver%\netlogon\global\"+ $USERLOC +"\"+ $LOCALSCRIPT

; ========================================================================



Pardon my (likely) hacked up script, but I'm learning...

I changed the binding to the Logon Server that is servicing the logon per another suggestion in my original thread.


Edited by oobnuker (2005-04-22 08:17 PM)

Top
#138487 - 2005-04-22 08:28 PM Re: Question regarding InContainer
Les Offline
KiX Master
*****

Registered: 2001-06-11
Posts: 12734
Loc: fortfrances.on.ca
I still don't know what other levels of OU may exist but I do see you look at the fisrt and second OU levels. As long as the OUs you are looking for are unique, regardless of what parents they may have, you could simply AScan() for them.

Double Split() the DN first on on ',DC=' and discard all the DC parts and then on the ',OU=' which will put all your OUs in an array that you AScan().
_________________________
Give a man a fish and he will be back for more. Slap him with a fish and he will go away forever.

Top
#138488 - 2005-04-22 08:39 PM Re: Question regarding InContainer
Howard Bullock Offline
KiX Supporter
*****

Registered: 2000-09-15
Posts: 5809
Loc: Harrisburg, PA USA
I agree that Radimus has found the short coming of the intial implementation of these UDFs. They need to be written and used differently than the way they are currently written and documented. I have been lookng in top my own corporate logon script and found too many calls to Translatename(). As soon as I rationalize my own needs and recode, I will repost the new UDFs soon.
_________________________
Home page: http://www.kixhelp.com/hb/

Top
#138489 - 2005-04-22 08:43 PM Re: Question regarding InContainer
oobnuker Offline
Getting the hang of it

Registered: 2003-12-09
Posts: 87
Loc: Oxford, CT
Quote:

I agree that Radimus has found the short coming of the intial implementation of these UDFs. They need to be written and used differently than the way they are currently written and documented. I have been lookng in top my own corporate logon script and found too many calls to Translatename(). As soon as I rationalize my own needs and recode, I will repost the new UDFs soon.




For us, right now, it's not a big deal because I am only looking for location basically, and I don't have too many OUs that I am looking for, and if I didn't have a screwed up server it wouldn't be an issue as the script runs pretty quickly now, but I await your revised code.

Thanks everyone.
_________________________
-- oobnuker - .KIX hack - no really.

Top
#138490 - 2005-04-22 09:21 PM Re: Question regarding InContainer
maciep Offline
Korg Regular
*****

Registered: 2002-06-14
Posts: 947
Loc: Pittsburgh
To elaborate on what Les suggested, here's some code that might be able to condense things for you a little. I can't really test it though, so i'm not if works or not.

Code:

$DN = TranslateName (3, "", 3, "@Domain\@wksta$", 1)
$DN = $DN[0]
$DN = split($DN,',DC=')[0]
$DN = split($DN,',OU=')
$ubound = ubound($DN)
if $ubound > 1
$computerLoc = $DN[$ubound]
$secondLevel = $DN[$ubound-1]
if $computerLoc = 'HQ'
if instr('BIR;HAT;HFR',$secondLevel)
$computerLoc = $secondLevel
endif
endif
endif
if $computerLoc = 'Metaframe'
$computerLoc = 'CITRIX'
endif
? $computerLoc


Top
#138491 - 2005-04-22 09:26 PM Re: Question regarding InContainer
oobnuker Offline
Getting the hang of it

Registered: 2003-12-09
Posts: 87
Loc: Oxford, CT
Quote:

To elaborate on what Les suggested, here's some code that might be able to condense things for you a little. I can't really test it though, so i'm not if works or not.

Code:

$DN = TranslateName (3, "", 3, "@Domain\@wksta$", 1)
$DN = $DN[0]
$DN = split($DN,',DC=')[0]
$DN = split($DN,',OU=')
$ubound = ubound($DN)
if $ubound > 1
$computerLoc = $DN[$ubound]
$secondLevel = $DN[$ubound-1]
if $computerLoc = 'HQ'
if instr('BIR;HAT;HFR',$secondLevel)
$computerLoc = $secondLevel
endif
endif
endif
if $computerLoc = 'Metaframe'
$computerLoc = 'CITRIX'
endif
? $computerLoc






Thanks - I'll give it a try.
_________________________
-- oobnuker - .KIX hack - no really.

Top
#138492 - 2005-04-22 09:39 PM Re: Question regarding InContainer
Les Offline
KiX Master
*****

Registered: 2001-06-11
Posts: 12734
Loc: fortfrances.on.ca
Hmm... not quite what I had in mind. Here is an example of the double Split():

comma delimited string or array question


Edited by Les (2005-04-23 01:04 AM)
_________________________
Give a man a fish and he will be back for more. Slap him with a fish and he will go away forever.

Top
#138493 - 2005-04-22 10:18 PM Re: Question regarding InContainer
Radimus Moderator Offline
Moderator
*****

Registered: 2000-01-06
Posts: 5187
Loc: Tampa, FL
I basically do this (I only check User OU... I do computer location by subnet)

Code:

$ldap = TranslateName(1, @domain, 3, @ldomain+'\'+@userid, 1)
$OU = LDAPArray($ldap[0],'OU')[1]
$UserProperties = GetObject("LDAP://"+$LDAP[0])
$FirstName = $userProperties.FirstName
$LastName = $userProperties.LastName
$Description = $userProperties.Description
$Orgcode = left($Description,instr($description,';')-1)
$BudgetEntity = right($Description,instrrev($description,';')-1)
$UserProperties = 0

;Function to split distinguished user name into array elements for inventory
Function LDAPArray($ldap, optional $filter)
dim $item, $element, $temp
if not instr("CN OU DC",$filter)
$filter=''
endif
$item=-1
$tarr = split($ldap,',')
for $element = 0 to ubound($tarr)
$temp=$tarr[$element]
if left($temp,2)=$filter or $filter=''
$item=$item+1
redim preserve $LDAParray[$item]
$LDAParray[$item]=right($temp,len($temp)-3)
endif
next
endfunction



_________________________
How to ask questions the smart way <-----------> Before you ask

Top
#138494 - 2005-04-22 10:59 PM Re: Question regarding InContainer
NTDOC Administrator Offline
Administrator
*****

Registered: 2000-07-28
Posts: 11623
Loc: CA
Les, your link appears to be invalid at the moment.
Top
#138495 - 2005-04-23 01:01 AM Re: Question regarding InContainer
Les Offline
KiX Master
*****

Registered: 2001-06-11
Posts: 12734
Loc: fortfrances.on.ca
so, then why did you not just fix it?
_________________________
Give a man a fish and he will be back for more. Slap him with a fish and he will go away forever.

Top
Page 1 of 1 1


Moderator:  Jochen, Allen, Radimus, Glenn Barnas, ShaneEP, Ruud van Velsen, Arend_, Mart 
Hop to:
Shout Box

Who's Online
1 registered (Allen) and 466 anonymous users online.
Newest Members
gespanntleuchten, DaveatAdvanced, Paulo_Alves, UsTaaa, xxJJxx
17864 Registered Users

Generated in 0.065 seconds in which 0.023 seconds were spent on a total of 12 queries. Zlib compression enabled.

Search the board with:
superb Board Search
or try with google:
Google
Web kixtart.org