如何使用VBScript从LDAP获取Active Directory拨入权限设置?
在Active Directory中,有一个名为“拨入”的选项卡,该选项卡下有一个单选按钮控件,具有三种设置:如何使用VBScript从LDAP获取Active Directory拨入权限设置?,vbscript,active-directory,permissions,ldap,Vbscript,Active Directory,Permissions,Ldap,在Active Directory中,有一个名为“拨入”的选项卡,该选项卡下有一个单选按钮控件,具有三种设置: Allow Access Deny Access Control access through remote access policy 我想编写一个VBScript来获取用户名,并返回该用户的设置。 (实际上我正在修改一个现有的VBScript,这就是为什么我不得不使用该工具的原因) 最好的方法是什么?这里是我能想到的最好的解决方案。很容易修改它以输出所有用户的设置 Main F
Allow Access
Deny Access
Control access through remote access policy
我想编写一个VBScript来获取用户名,并返回该用户的设置。
(实际上我正在修改一个现有的VBScript,这就是为什么我不得不使用该工具的原因)
最好的方法是什么?这里是我能想到的最好的解决方案。很容易修改它以输出所有用户的设置
Main
Function Main
'Usage: cscript /nologo lookup.vbs mydomain username
Wscript.Echo CanDialIn(Wscript.Arguments(0), Wscript.Arguments(1))
Main = 0
End Function
Function CanDialIn(domainname, username)
'Take a user name and query whether they have permission to Dial in or not
'http://www.microsoft.com/technet/scriptcenter/resources/qanda/aug05/hey0825.mspx
Const ADS_SCOPE_SUBTREE = 2
Dim objConnection
Dim objCommand
Dim objRecordSet
Set objConnection = CreateObject("ADODB.Connection")
Set objCommand = CreateObject("ADODB.Command")
objConnection.Provider = "ADsDSOObject"
objConnection.Open "Active Directory Provider"
Set objCommand.ActiveConnection = objConnection
objCommand.Properties("Page Size") = 1000
objCommand.Properties("Searchscope") = ADS_SCOPE_SUBTREE
'Three possible values for msNPAllowDialin:
'TRUE = "Allow Access"
'FALSE = "Deny Access"
'EMPTY = "Control access through remote access policy"
objCommand.CommandText = _
"SELECT msNPAllowDialin FROM 'LDAP://dc=" & domainname & ",dc=com' WHERE objectCategory='user' AND sAMAccountName = '" & username & "'"
On Error Resume Next
Set objRecordSet = objCommand.Execute
if objRecordSet.EOF then
CanDialIn = "Could not find user " & username
else
if objRecordSet.Fields("msNPAllowDialin").Value = True then
CanDialIn = "Allow"
else
if objRecordSet.Fields("msNPAllowDialin").Value = False then
CanDialIn = "Deny"
else
CanDialIn = "Control"
end if
end if
end if
End Function