Unlocker - LDAP (Perl) - Active Directory, 3rd Edition

Unlocker - LDAP (Perl)

This code can be found in Chapter 23 of Active Directory, 3rd Edition
Purchase XP Cookbook or Networking Recipes for only $25 plus shipping! While supplies last.
Find out how to download all of the Perl code from this site.
# From the book "Active Directory, Third Edition" 
# ISBN: 0-596-10173-2

# **********************************************************************
# How to unlock and enable a Active Directory user via arguments 
# to this script
# Parameters should be <domain> <username>, where domain specifies
# a fully qualified AD domain like dc=mycorp,dc=com
# **********************************************************************

use Win32::OLE;
use constant vbCrLf => "\r\n";
use constant vbTab => "\x09";

use strict;

my ($wshArgs, $objUser, $strOutput, $arrSearchResults);

# **********************************************************************
# Get the arguments
# **********************************************************************
$wshArgs = 
#### Error: Unexpected method of wscript.arguments at /PerlApp/VBSPerl/WScript.pm line 322, <FH> line 84.
;

# **********************************************************************
# If no arguments passed in, then quit
# **********************************************************************
if ($wshArgs->Count == 0) {
    print "ERROR: No arguments passed in.
    
    Please use AD-UNLOCK <domain> <username>
    
    \n";
    exit 0;
}

# **********************************************************************
# Error checking of the arguments could go here if we wanted to
# **********************************************************************

# **********************************************************************
# Use SearchAD function from the end of Chapter 22 to scan the entire
# Active Directory for this user and return the ADsPath. If the search
# failed for whatever reason, then quit
# **********************************************************************
if (!SearchAD('LDAP://' . $wshArgs(0), '(&(objectcategory=person)(objectClass=user)(sAMAccountName=' . $wshArgs(1) . '))', 'SubTree', 'ADsPath', $arrSearchResults)) {

    print "ERROR: No users found.
    
    \n";
    exit 0;
}
else {
    # **********************************************************************
    # Attempt to bind to the first ADsPath specified in the array
    # (as there should be only one)
    # **********************************************************************
    $objUser = Win32::OLE->GetObject(arrSearchResults(0, 0));
    if ((0 + Win32::OLE::LastError())) {
        print 'Error: Could not bind to the following user: ' . vbCrLf . vbCrLf . arrSearchResults(0, 0) . vbCrLf . vbCrLf, "\n";
        exit 0;
    }
    else {
        $strOutput = 'Connected to user ' . arrSearchResults(0, 0) . vbCrLf;
    }

    # **********************************************************************
    # Attempt to enable the user (but don't quit if you fail)
    # **********************************************************************
    Win32::OLE::LastError(0);
    $objUser->{AccountDisabled} = 0;
    $objUser->SetInfo();
    if ((0 + Win32::OLE::LastError())) {
        $strOutput = $strOutput . vbTab . 'Error: Could not enable the user.' . vbCrLf;
    }
    else {
        $strOutput = $strOutput . vbTab . 'User enabled.' . vbCrLf;
    }

    # **********************************************************************
    # Attempt to unlock the user
    # **********************************************************************
    Win32::OLE::LastError(0);
    $objUser->{IsAccountLocked} = 0;
    $objUser->SetInfo();
    if ((0 + Win32::OLE::LastError())) {
        $strOutput = $strOutput . vbTab . 'Error: Could not unlock the user.' . vbCrLf;
    }
    else {
        $strOutput = $strOutput . vbTab . 'User unlocked.' . vbCrLf;
    }

    print "$strOutput\n";
}
This code has been viewed 1125 times.
New from the creators of TechTasks.com: StatSheet.com