PHWinfo - Afficher un message

11/10/2007, 18h21

mayoza wrote;

> The following script returns the policy in the AD. Can you me with
> one
> thing, I dont want to supply the parameters like dc="?", I want the script
> to
> run under the AD that the user is currently logon to.
>
> ---------------------
> Const MIN_IN_DAY = 1440
> Const SEC_IN_MIN = 60
>
> Set objDomain = GetObject("WinNT://fabrikam")
> Set objAdS = GetObject("LDAP://dc=fabrikam,dc=com")
>
> intMaxPwdAgeSeconds = objDomain.Get("MaxPasswordAge")
> intMinPwdAgeSeconds = objDomain.Get("MinPasswordAge")
> intLockOutObservationWindowSeconds =
> objDomain.Get("LockoutObservationInterval")
> intLockoutDurationSeconds = objDomain.Get("AutoUnlockInterval")
> intMinPwdLength = objAds.Get("minPwdLength")
>
> intPwdHistoryLength = objAds.Get("pwdHistoryLength")
> intPwdProperties = objAds.Get("pwdProperties")
> intLockoutThreshold = objAds.Get("lockoutThreshold")
> intMaxPwdAgeDays = _
> ((intMaxPwdAgeSeconds/SEC_IN_MIN)/MIN_IN_DAY) & " days"
> intMinPwdAgeDays = _
> ((intMinPwdAgeSeconds/SEC_IN_MIN)/MIN_IN_DAY) & " days"
> intLockOutObservationWindowMinutes = _
> (intLockOutObservationWindowSeconds/SEC_IN_MIN) & " minutes"
>
> If intLockoutDurationSeconds <> -1 Then
> intLockoutDurationMinutes = _
> (intLockOutDurationSeconds/SEC_IN_MIN) & " minutes"
> Else
> intLockoutDurationMinutes = _
> "Administrator must manually unlock locked accounts"
> End If
>
> WScript.Echo "maxPwdAge = " & intMaxPwdAgeDays
> WScript.Echo "minPwdAge = " & intMinPwdAgeDays
> WScript.Echo "minPwdLength = " & intMinPwdLength
> WScript.Echo "pwdHistoryLength = " & intPwdHistoryLength
> WScript.Echo "pwdProperties = " & intPwdProperties
> WScript.Echo "lockOutThreshold = " & intLockoutThreshold
> WScript.Echo "lockOutObservationWindow = " &
> intLockOutObservationWindowMinutes
> WScript.Echo "lockOutDuration = " & intLockoutDurationMinutes
> ---------

You can use the RootDSE object to retrieve the Distinguished Name of the
domain the current user authenticated to. If you need the NetBIOS domain
name for the WinNT provider as well, you can use the DomainShortName
property of the ADSystemInfo object. For example:
=========
Set objRootDSE = GetObject("LDAP://RootDSE")
strDNSDomain = objRootDSE.Get("defaultNamingContext")

Set objSysInfo = CreateObject("ADSystemInfo")
strNTDomain = objSysInfo.domainShortName

Set objAds = GetObject("LDAP://" & strDNSDomain)
Set objDomain = GetObject("WinNT://" & strNTDomain)

--
Richard Mueller
Microsoft MVP Scripting and ADSI
Hilltop Lab - http://www.rlmueller.net
--

11/10/2007, 18h21	#1
Richard Mueller [MVP] Messages: n/a Hébergeur:	Re: generic Domain(AD) connection mayoza wrote; > The following script returns the policy in the AD. Can you me with > one > thing, I dont want to supply the parameters like dc="?", I want the script > to > run under the AD that the user is currently logon to. > > --------------------- > Const MIN_IN_DAY = 1440 > Const SEC_IN_MIN = 60 > > Set objDomain = GetObject("WinNT://fabrikam") > Set objAdS = GetObject("LDAP://dc=fabrikam,dc=com") > > intMaxPwdAgeSeconds = objDomain.Get("MaxPasswordAge") > intMinPwdAgeSeconds = objDomain.Get("MinPasswordAge") > intLockOutObservationWindowSeconds = > objDomain.Get("LockoutObservationInterval") > intLockoutDurationSeconds = objDomain.Get("AutoUnlockInterval") > intMinPwdLength = objAds.Get("minPwdLength") > > intPwdHistoryLength = objAds.Get("pwdHistoryLength") > intPwdProperties = objAds.Get("pwdProperties") > intLockoutThreshold = objAds.Get("lockoutThreshold") > intMaxPwdAgeDays = _ > ((intMaxPwdAgeSeconds/SEC_IN_MIN)/MIN_IN_DAY) & " days" > intMinPwdAgeDays = _ > ((intMinPwdAgeSeconds/SEC_IN_MIN)/MIN_IN_DAY) & " days" > intLockOutObservationWindowMinutes = _ > (intLockOutObservationWindowSeconds/SEC_IN_MIN) & " minutes" > > If intLockoutDurationSeconds <> -1 Then > intLockoutDurationMinutes = _ > (intLockOutDurationSeconds/SEC_IN_MIN) & " minutes" > Else > intLockoutDurationMinutes = _ > "Administrator must manually unlock locked accounts" > End If > > WScript.Echo "maxPwdAge = " & intMaxPwdAgeDays > WScript.Echo "minPwdAge = " & intMinPwdAgeDays > WScript.Echo "minPwdLength = " & intMinPwdLength > WScript.Echo "pwdHistoryLength = " & intPwdHistoryLength > WScript.Echo "pwdProperties = " & intPwdProperties > WScript.Echo "lockOutThreshold = " & intLockoutThreshold > WScript.Echo "lockOutObservationWindow = " & > intLockOutObservationWindowMinutes > WScript.Echo "lockOutDuration = " & intLockoutDurationMinutes > --------- You can use the RootDSE object to retrieve the Distinguished Name of the domain the current user authenticated to. If you need the NetBIOS domain name for the WinNT provider as well, you can use the DomainShortName property of the ADSystemInfo object. For example: ========= Set objRootDSE = GetObject("LDAP://RootDSE") strDNSDomain = objRootDSE.Get("defaultNamingContext") Set objSysInfo = CreateObject("ADSystemInfo") strNTDomain = objSysInfo.domainShortName Set objAds = GetObject("LDAP://" & strDNSDomain) Set objDomain = GetObject("WinNT://" & strNTDomain) -- Richard Mueller Microsoft MVP Scripting and ADSI Hilltop Lab - http://www.rlmueller.net --