Re: Error using LDAP query
- From: "Marty List" <usenet@xxxxxxxxxxxx>
- Date: Mon, 18 Jul 2005 07:24:32 -0600
>From what I've read we still haven't identified exactly which line is
failing. I know you said this line is failing:
Set oUser = GetObject("LDAP://"; & oADSysInfo.UserName)
But it could be because the line before it (Set oADSysInfo =
CreateObject("ADSystemInfo")) failed to set oADSysInfo to a valid object.
For troubleshooting, try running this simple script as a user (non-Domain
Admin) and post the output.
On Error GoTo 0
Set oADSysInfo = CreateObject("ADSystemInfo")
WScript.Echo oADSysInfo.UserName
Set oUser = GetObject("LDAP://"; & oADSysInfo.UserName)
WScript.Echo oUser.distinguishedName
Set oUser = Nothing
' For troubleshooting, try again with the domain specified:
Set oUser = GetObject("LDAP://"; & oADSysInfo.DomainDNSName & _
"/" & oADSysInfo.UserName)
WScript.Echo oUser.distinguishedName
"David" <David@xxxxxxxxxxxxxxxxxxxxxxxxx> wrote in message
news:C8374F35-3C1E-4744-91F7-422361D8AAFD@xxxxxxxxxxxxxxxx
> Richard--
>
> Thanks again for the reply. Absolutely my users are logging into their
> workstations as domain users, no local login. I have tried three different
> users, on three seperate workstations and get the same error. The
> difference
> I can find, again, is that I am domain administrator, which I don't see
> why
> this would be relevant for scripting. I created a script, just so you
> know,
> that was simple "IF Then Else" statements checking for group membership,
> and
> it worked great. When I went to this method however, is when I started
> running into issues. I have another Network Administrator that i work with
> at
> another site, set him up to use the script I am having trouble with now,
> and
> works great for him, catch is again, that he is a domain admin. I am at my
> wits end with this, I just don't understand why it is returning a null
> value.
>
> I found this earlier looking through some of the archived posts, please
> review below:
>
> First guess is a non-string varible. Maybe try:
>>
>> Response.Write CurrentUser.MemberOf
>>
>> to see what the value actually is. And if it's 0 groups you may be
>> returning a NULL.
>>
>> You might fix it with:
>>
>> GroupList = "" & CurrentUser.MemberOf
>> strGroups = LCase(Join(GroupList))
>>
>> The empty pair of quotes added to the front results in a string to
>> process.
>>
>> Jeff
>
>
>
> The user in this case was having similiar issues, however, he was getting
> errors when the user was a member of 0 groups or >1. Don't know if this
> helps
> any, but thought I would point out, I think y ou even replied to this one.
>
> Thanks
>
>
> "Richard Mueller [MVP]" wrote:
>
>> Hi,
>>
>> If your clients are XP, they have the ADSystemInfo object, so don't worry
>> about that. Most likely all of your users have "Domain Users" as their
>> primary and this group will not be included in memberOf. If a user is a
>> member of at least 2 other groups, the Join will work. You get the error
>> on
>> "Set oUser". Your script runs without error for me when I am logged into
>> a
>> domain. But, I repeated this while logged in locally and got an error on
>> the
>> same line. At a command prompt the error was "No mapping between account
>> names and security IDs was done" (no source). Could your users be logged
>> in
>> locally rather than into the domain? Finally, does it matter which
>> machine
>> the user logs into? For testing, you don't need to run this as a logon
>> script, since I believe it should behave the same if you just run it at a
>> command prompt.
>>
>> --
>> Richard
>> Microsoft MVP Scripting and ADSI
>> Hilltop Lab web site - http://www.rlmueller.net
>> --
>> "David" <David@xxxxxxxxxxxxxxxxxxxxxxxxx> wrote in message
>> news:C6AF3E19-06BD-4595-A423-E50C3D139EE6@xxxxxxxxxxxxxxxx
>> > Thank you for your reply. I have tested on three users, all being a
>> > member
>> of
>> > no less than two groups and recieved the error. However, let me make
>> > sure
>> I
>> > understand you correctly. One of the users I tested on, was a member of
>> > a
>> > created group we will call "test group", and also a member of "Domain
>> Users"
>> > that is relevant to the script. So I am assuming you are referring to
>> > the
>> > "domain user" group as being the primary. However, in another instance,
>> > I
>> > tested on one of my users who is a member of two created groups other
>> > than
>> > "Domain Users". So I dont think this could be the issue.
>> >
>> > All my clients are Windows XP Pro SP1 or 2. I am not sure what you are
>> > referring to as registering ADSystemInfo, is there a certain .dll file
>> > you
>> > are referring to. And if this is the case, it seems odd that all
>> > machines
>> I
>> > have tested or users for that matter did not have this file registered,
>> which
>> > would really create an issue for me and any other admin in the world
>> wanting
>> > to use scripts of this magnitude.
>> >
>> > Thank you again.
>> >
>> > "Richard Mueller [MVP]" wrote:
>> >
>> > > Hi,
>> > >
>> > > The script you posted requires Windows 2000 or above. Any clients
>> > > with
>> Win9x
>> > > or NT will not have have the ADSystemInfo object. My guess is that
>> > > the
>> error
>> > > is raised because ADSystemInfo is not registered on the machine.
>> > >
>> > > Also, the script will raise an error if the user has only one or no
>> entries
>> > > in the memberOf collection. The memberOf collection does not include
>> > > the
>> > > "primary" group of the user. If memberOf has one group, it will be
>> > > data
>> type
>> > > "String". If it has no group memberships it will be Empty. Only if
>> > > there
>> are
>> > > at lease two groups will it be "Variant()" (an array) that the Join
>> function
>> > > can handle without error. I have used code similar to:
>> > >
>> > > arrstrGroups = oUser.memberOf
>> > > If IsEmpty(arrstrGroups) Then
>> > > sGroups = ""
>> > > ElseIf (TypeName(arrstrGroups) = "String") Then
>> > > sGroups = LCase(arrstrGroups)
>> > > Else
>> > > sGroups = LCases(Join(arrstrGroups))
>> > > End If
>> > >
>> > > For example logon scripts, including some that work on Win9x and NT
>> clients,
>> > > see this link:
>> > >
>> > > http://www.rlmueller.net/freecode2.htm
>> > >
>> > > Basically, on older clients you must retrieve the UserName from the
>> > > WshNetwork object, then use the NameTranslate object to convert this
>> > > to
>> the
>> > > Distinguished Name of the user. The NameTranslate object is available
>> > > on
>> any
>> > > client with DSClient installed, or W2k and above. I hope this helps.
>> > >
>> > > --
>> > > Richard
>> > > Microsoft MVP Scripting and ADSI
>> > > Hilltop Lab web site - http://www.rlmueller.net
>> > > --
>> > > "David" <David@xxxxxxxxxxxxxxxxxxxxxxxxx> wrote in message
>> > > news:9935D23A-48C8-4FAA-9D1B-EE069878C901@xxxxxxxxxxxxxxxx
>> > > > I looked up the error codes and could not really find anything.
>> > > > error
>> > > codes
>> > > > as follows
>> > > >
>> > > > 0x80005000
>> > > > source: (null)
>> > > >
>> > > > Thanks
>> > > >
>> > > > "Marty List" wrote:
>> > > >
>> > > > >
>> > > > > You said this line "fails with numbers":
>> > > > > Set oUser = GetObject("LDAP://"; & oADSysInfo.UserName)
>> > > > >
>> > > > > Those numbers are probably error codes, and they might help you
>> > > > > (an
>> > > others
>> > > > > here) troubleshoot this. If that line is failing, it probably
>> > > > > means
>> the
>> > > > > line before it (Set oADSysInfo = CreateObject("ADSystemInfo"))
>> > > > > has
>> > > failed
>> > > > > and now oADSysInfo is null and can't be used in the next line.
>> > > > >
>> > > > >
>> > > > > "David" <David@xxxxxxxxxxxxxxxxxxxxxxxxx> wrote in message
>> > > > > news:3173A0F9-7293-4ECF-B085-6BEECE739406@xxxxxxxxxxxxxxxx
>> > > > > > The user is a local admin of the machine. I have researched
>> > > > > > this
>> > > script
>> > > > > > thoroughly, and the lines of code I included in the post are
>> correct.
>> > > To
>> > > > > > anwser your question, the users does have full control of that
>> > > > > > dll
>> > > file.
>> > > > > >
>> > > > > > Thanks for the reply, any other suggestions.
>> > > > > >
>> > > > > > "Marty List" wrote:
>> > > > > >
>> > > > > >>
>> > > > > >> This script runs on Windows XP SP1 with a domain account that
>> > > > > >> is
>> not
>> > > a
>> > > > > >> member of Domain Admins or the local Administrators:
>> > > > > >>
>> > > > > >> On Error GoTo 0
>> > > > > >> Set oADSysInfo = CreateObject("ADSystemInfo")
>> > > > > >> WScript.Echo oADSysInfo.UserName
>> > > > > >> Set oUser = GetObject("LDAP://"; & oADSysInfo.UserName)
>> > > > > >> WScript.Echo oUser.distinguishedName
>> > > > > >> Set oUser = Nothing
>> > > > > >> ' For troubleshooting, try again with the domain specified:
>> > > > > >> Set oUser = GetObject("LDAP://"; & oADSysInfo.DomainDNSName & _
>> > > > > >> "/" & oADSysInfo.UserName)
>> > > > > >> WScript.Echo oUser.distinguishedName
>> > > > > >>
>> > > > > >>
>> > > > > >> Make sure the users have read access to this file:
>> > > > > >> %SystemRoot%\system32\Activeds.dll
>> > > > > >>
>> > > > > >>
>> > > > > >>
>> > > > > >> "David" <David@xxxxxxxxxxxxxxxxxxxxxxxxx> wrote in message
>> > > > > >> news:AF09C4C5-86ED-4C90-A5AA-A9D8750162C0@xxxxxxxxxxxxxxxx
>> > > > > >> > I have currently wrote a logon script for my domain user
>> accounts.
>> > > The
>> > > > > >> script
>> > > > > >> > basically query's AD for group membership and then maps
>> > > > > >> > drives
>> > > > > >> accordingly. I
>> > > > > >> > tested the script on myself and all was fine. I tested on a
>> couple
>> > > of
>> > > > > >> users
>> > > > > >> > and I get errors, nothing works. I get an error with nubmers
>> and
>> > > > > >> > "source:null" on the same line every time:
>> > > > > >> >
>> > > > > >> > Set oUser = GetObject("LDAP://"; & oADSysInfo.UserName)
>> > > > > >> >
>> > > > > >> > The script basically is general and includes this:
>> > > > > >> >
>> > > > > >> > Dim oNetwork
>> > > > > >> > Dim oADSysinfo
>> > > > > >> > Dim oUser
>> > > > > >> > Dim sGroups
>> > > > > >> >
>> > > > > >> > 'Defining values and querying AD for user information
>> > > > > >> >
>> > > > > >> > Set oNetwork = CreateObject("WScript.Network")
>> > > > > >> > Set oADSysInfo = CreateObject("ADSystemInfo")
>> > > > > >> > Set oUser = GetObject("LDAP://"; & oADSysInfo.UserName)
>> > > > > >> > sGroups = LCase(Join(oUser.MemberOf))
>> > > > > >> >
>> > > > > >> > 'Checking group membership and mapping appropriate drive
>> > > > > >> >
>> > > > > >> > 'Mapping the H: drive for users per group membership
>> > > > > >> >
>> > > > > >> > If Instr(sGroups, G_MEM) Then
>> > > > > >> > oNetwork.MapNetworkDrive "H:", "\\server\share
>> > > > > >> > End If
>> > > > > >> >
>> > > > > >> > More to this script, but this is the most relavent part. Can
>> anyone
>> > > > > >> > help
>> > > > > >> > please. The only thing different is that I am a domain
>> > > > > >> > admin,
>> but
>> > > of
>> > > > > >> course
>> > > > > >> > everyone cannot be a domain admin.
>> > > > > >> >
>> > > > > >> > Thanks
>> > > > > >> >
>> > > > > >> >
>> > > > > >> >
>> > > > > >>
>> > > > > >>
>> > > > > >>
>> > > > >
>> > > > >
>> > > > >
>> > >
>> > >
>> > >
>>
>>
>>
.
- Follow-Ups:
- Re: Error using LDAP query
- From: Richard Mueller [MVP]
- Re: Error using LDAP query
- References:
- Error using LDAP query
- From: David
- Re: Error using LDAP query
- From: Marty List
- Re: Error using LDAP query
- From: David
- Re: Error using LDAP query
- From: Marty List
- Re: Error using LDAP query
- From: David
- Re: Error using LDAP query
- From: Richard Mueller [MVP]
- Re: Error using LDAP query
- From: David
- Re: Error using LDAP query
- From: Richard Mueller [MVP]
- Re: Error using LDAP query
- From: David
- Error using LDAP query
- Prev by Date: Re: script to stop a service
- Next by Date: Re: move files based on modified date
- Previous by thread: Re: Error using LDAP query
- Next by thread: Re: Error using LDAP query
- Index(es):
Relevant Pages
|
