In this section, you continue the creation of the NTAdmin.DLL COM server application started in Chapter 3.
Just as in previous chapters, a class module within an ActiveX DLL will handle the manipulation of the IADsUser interface.
Open the NTAdmin ActiveX DLL Visual Basic project that was started in Chapter 3. You can also download the project from http://www.newriders.com/adsi .
If you are adding to the NTAdmin project, add a new class module to the project. If this is a new project, make sure to set a reference to Active DS Type Library.
Name the new module NTUserManagement .
Enter the following code into the General Declarations section of the class module:
Public Function QueryUserProperty(ByVal TargetUserDomain As String, ByVal TargetUserName As String, ByVal PropertyToQuery As String) As Variant On Error Resume Next Dim User As IADsUser Set User = GetObject("WinNT://" & TargetUserDomain & "/" & TargetUserName &,user") Select Case UCase(PropertyToQuery) Case "FULLNAME" QueryUserProperty = User.FullName Case "DESCRIPTION" QueryUserProperty = User.Description Case "ACCOUNTDISABLED" QueryUserProperty = User.AccountDisabled Case "ISACCOUNTLOCKED" QueryUserProperty = User.IsAccountLocked Case "PROFILE""" QueryUserProperty = User.Profile Case "LOGINSCRIPT" QueryUserProperty = User.LoginScript Case "HOMEDIRECTORY" QueryUserProperty = User.HomeDirectory Case "HOMEDIRDRIVE" QueryUserProperty = User.Get("HomeDirDrive") Case "LOGINHOURS" Dim TimeEntry As Variant Dim Restriction As Integer For Each TimeEntry In User.LoginHours If TimeEntry < 255 Then Restriction = 1 Next If Restriction = 1 Then QueryUserProperty = False Else QueryUserProperty = True End If Case "ACCOUNTEXPIRATIONDATE" QueryUserProperty = User.AccountExpirationDate Case "ACCOUNTTYPE" Dim Flags As Long Flags = User.Get("UserFlags") If (Flags And &H100) <> 0 Then QueryUserProperty = "LOCAL" Else QueryUserProperty = "GLOBAL" End If Case "BADLOGINCOUNT" QueryUserProperty = User.BadLoginCount Case "LASTLOGIN" QueryUserProperty = User.LastLogin Case "LASTLOGOFF" QueryUserProperty = User.LastLogoff Case "PASSWORDEXPIRED" QueryUserProperty = User.Get("PasswordExpired") Case "PASSWORDMINIMUMLENGTH" QueryUserProperty = User.PasswordMinimumLength Case "PASSWORDREQUIRED" QueryUserProperty = User.PasswordRequired Case "PASSWORDAGE" QueryUserProperty = User.Get("PasswordAge") End Select End Function Public Function SetUserProperty(ByVal TargetUserDomain As String, ByVal TargetUserName As String, ByVal PropertyToQuery As String, ByVal NewValue As Variant) As Boolean On Error Resume Next Dim User As IADsUser Set User = GetObject("WinNT://" & TargetUserDomain & "/" & TargetUserName & ",user") Select Case UCase(PropertyToQuery) Case "FULLNAME" User.FullName = NewValue Case "DESCRIPTION" User.Description = NewValue Case "ACCOUNTDISABLED" User.AccountDisabled = NewValue Case "ISACCOUNTLOCKED" User.IsAccountLocked = NewValue Case "PROFILE" User.Profile = NewValue Case "LOGINSCRIPT" User.LoginScript = NewValue Case "HOMEDIRECTORY" User.HomeDirectory = NewValue Case "HOMEDIRDRIVE" Call User.Put("HomeDirDrive", NewValue) Case "ACCOUNTEXPIRATIONDATE" User.AccountExpirationDate = NewValue Case "ACCOUNTTYPE" Dim Flags As Long Flags = User.Get("UserFlags") If (Flags And &H200) <> 0 Then User.Put "UserFlags", Flags Xor & H200 User.SetInfo Flags = User.Get("UserFlags") User.Put "UserFlags", Flags Xor & H100 Else If (Flags And & H100) <> 0 Then User.Put "UserFlags", Flags Xor & H100 User.SetInfo Flags = User.Get("UserFlags") User.Put "UserFlags", Flags Xor & H200 End If End If Case "PASSWORDEXPIRED" Call User.Put("PasswordExpired", NewValue) Case "PASSWORDREQUIRED" User.PasswordRequired = NewValue End Select User.SetInfo If Err.Number = 0 Then SetUserProperty = True Else SetUserProperty = False End Function Public Function ChangeUserPassword(ByVal TargetUserDomain As String, ByVal TargetUserName As String, ByVal OldPassword As String, ByVal NewPassword As String) As Boolean Dim User As IADsUser Set User = GetObject("WinNT://" & TargetUserDomain & "/" & TargetUserName & ",user") Call User.ChangePassword(OldPassword, NewPassword) If Err.Number = 0 Then ChangeUserPassword = True Else ChangeUserPassword = False End Function Public Function SetUserPassword(ByVal TargetUserDomain As String, ByVal & TargetUserName As String, ByVal NewPassword As String) As Boolean Dim User As IADsUser Set User = GetObject("WinNT://" & TargetUserDomain & "/" & TargetUserName & ",user") Call User.SetPassword(NewPassword) If Err.Number = 0 Then SetUserPassword = True Else SetUserPassword = False End Function Public Function UserFlag(ByVal TargetUserDomain As String, ByVal TargetUserName As String, ByVal Action As String, ByVal UserFlagConstant As String) As Boolean Dim User As IADsUser Dim Flags As Long Set User = GetObject("WinNT://" & TargetUserDomain & "/" & TargetUserName & ",user") Flags = User.Get("UserFlags") Select Case UCase(UserFlagConstant) Case "PASSWD_CANT_CHANGE" Select Case UCase(Action) Case "SET" User.Put "UserFlags", Flags Or &H40 User.SetInfo If Err.Number = 0 Then UserFlag = True Else UserFlag = False Case "QUERY" If (Flags And &H40) <> 0 Then UserFlag = True Else UserFlag = False End If Case "TOGGLE" User.Put "UserFlags", Flags Xor & H40 User.SetInfo If Err.Number = 0 Then UserFlag = True Else UserFlag = False End Select Case "DONT_EXPIRE_PASSWD" Select Case UCase(Action) Case "SET" User.Put "UserFlags", Flags Or &H10000 User.SetInfo If Err.Number = 0 Then UserFlag = True Else UserFlag = False Case "QUERY" If (Flags And &H10000) <> 0 Then UserFlag = True Else UserFlag = False End If Case "TOGGLE" User.Put "UserFlags", Flags Xor &H10000 User.SetInfo If Err.Number = 0 Then UserFlag = True Else UserFlag = False End Select End Select End Function Public Function SetLogonWorkstations(ByVal TargetUserDomain As String, ByVal TargetUserName As String, ByVal Action As String, ByVal Value As String) As Boolean On Error Resume Next Dim User As IADsUser Dim Workstation As Variant Dim NewElement() As Variant Dim i As Long Dim Entry As Variant Dim EmptyArray As Integer Dim ValueAlreadyExists As Integer Set User = GetObject("WinNT://" & TargetUserDomain & "/" & TargetUserName & ",user") Select Case UCase(Action) Case "ADD" If IsArray(User.LoginWorkstations) = True Then For Each Entry In User.LoginWorkstations i = UBound(NewElement) + 1 ReDim Preserve NewElement(i) NewElement(i) = Entry If Entry = "" Then EmptyArray = 1 If Entry = Value Then ValueAlreadyExists = 1 Next If EmptyArray = 1 Then User.LoginWorkstations = Array(Value) User.SetInfo Else If ValueAlreadyExists <> 1 Then i = UBound(NewElement) + 1 ReDim Preserve NewElement(i) NewElement(i) = Value User.LoginWorkstations = NewElement User.SetInfo End If End If Else If User.LoginWorkstations <> Value Then User.LoginWorkstations = Array(User.LoginWorkstations, Value) User.SetInfo End If End If Case "REMOVE" If IsArray(User.LoginWorkstations) = True Then For Each Entry In User.LoginWorkstations If UCase(Value) <> UCase(Entry) Then i = UBound(NewElement) + 1 ReDim Preserve NewElement(i) NewElement(i) = Entry End If Next User.LoginWorkstations = NewElement User.SetInfo Debug.Print "here" & Err.Number Else If User.LoginWorkstations = Value Then User.LoginWorkstations = Array("") User.SetInfo End If End If End Select If (Err.Number = 0 Or Err.Number = 9 Or Err.Number = 92) Then SetLogonWorkstations = True Else SetLogonWorkstations = False End If End Function Public Function EnumerateLogonWorkstations(ByVal TargetUserDomain As String, ByVal TargetUserName As String) As Variant On Error Resume Next Dim User As IADsUser Dim Workstation As Variant Dim NewElement() As Variant Dim i As Long Set User = GetObject("WinNT://" & TargetUserDomain & "/" & TargetUserName & ",user") If User.LoginWorkstations = "" Then For Each Workstation In User.LoginWorkstations i = UBound(NewElement) + 1 ReDim Preserve NewElement(i) NewElement(i) = Workstation Next EnumerateLogonWorkstations = NewElement Else EnumerateLogonWorkstations = Array(User.LoginWorkstations) End If End Function
Compile the code as NTAdmin.DLL.
Save and close the NTAdmin project.
Tip
You can download the Visual Basic 6.0 project or a pre-compiled version of NTAdmin.DLL from http://www.newriders.com/adsi .
With the NTUserManagement class module created, you can access this function from any programming language that supports OLE automation, including Visual Basic, VBScript, and JavaScript.
Tip
To instantiate the object, follow the appropriate syntax found in Chapter 3. Substitute the NTUserManagement class name where necessary .
Use Table 4.1 to help you use the proper syntax for each of the methods of the NTUserManagement interface:
Action | Syntax |
---|---|
Query User Full Name | QueryUserProperty("Target_User_Domain", "Target_User_Name","FullName") |
Query User Description | QueryUserProperty("Target_User_Domain", "Target_User_Name""Description") |
Determine if Account is Disabled or Enabled | QueryUserProperty("Target_User_Domain", "Target_User_Name""AccountDisabled") |
Determine Account Lockout Status | QueryUserProperty("Target_User_Domain" "Target_User_Name", "IsAccountLocked") |
Query User Profile Path | QueryUserProperty("Target_User_Domain", "Target_User_Name","Profile") |
Query Login Script | QueryUserProperty("Target_User_Domain", "Target_User_Name","LoginScript") |
Query Home Directory Path | QueryUserProperty("Target_User_Domain", "Target_User_Name","HomeDirectory") |
Query Home Directory Drive Mapping | QueryUserProperty("Target_User_Domain", "Target_User_Name","HomeDirDrive") |
Query Existence of Login Hour Restrictions | QueryUserProperty("Target_User_Domain", "Target_User_Name","LoginHours") |
Query Account Expiration Date | QueryUserProperty("Target_User_Domain", "Target_User_Name","AccountExpirationDate") |
Query Account Type (local or global) | QueryUserProperty("Target_User_Domain", "Target_User_Name","AccountType") |
Query Bad Login Count | QueryUserProperty("Target_User_Domain", "Target_User_Name","BadLoginCount") |
Query Last Login | QueryUserProperty("Target_User_Domain", "Target_User_Name","LastLogin") |
Query Last Logoff | QueryUserProperty("Target_User_Domain", "Target_User_Name","LastLogoff") |
Query Password Expired | QueryUserProperty("Target_User_Domain", "Target_User_Name","PasswordExpired") |
Query Password Minimum Length | QueryUserProperty("Target_User_Domain", "Target_User_Name","PasswordMinimumLength") |
Query Password Required | QueryUserProperty("Target_User_Domain", "Target_User_Name","PasswordRequired") |
Query Password Age | QueryUserProperty("Target_User_Domain", "Target_User_Name","PasswordAge") |
Set User Full Name | SetUserProperty("Target_User_Domain", "Target_User_Name","FullName","NewValue") |
Set User Description | SetUserProperty("Target_User_Domain", "Target_User_Name","Description", "NewValue") |
Set Account Disabled Bit | SetUserProperty("Target_User_Domain", "Target_User_Name","AccountDisabled",True) |
Reset Account Lockout | SetUserProperty("Target_User_Domain", "Target_User_Name","IsAccountLocked",True) |
Set User Profile Path | SetUserProperty("Target_User_Domain", "Target_User_Name","Profile","NewValue") |
Set Login Script | SetUserProperty("Target_User_Domain", "Target_User_Name","LoginScript","NewValue") |
Set Home Directory Path | SetUserProperty("Target_User_Domain", "Target_User_Name","HomeDirectory", "NewValue") |
Set Home Directory Drive Mapping | SetUserProperty("Target_User_Domain", "Target_User_Name","HomeDirDrive", "NewValue") |
Set Account Expiration Date | SetUserProperty("Target_User_Domain", "Target_User_Name","AccountExpirationDate", #NewValue#) |
Toggle Account Type | SetUserProperty("Target_User_Domain", "Target_User_Name","AccountType") |
Set Password Expired | SetUserProperty("Target_User_Domain", "Target_User_Name","PasswordExpired",True) |
Set Password Required | SetUserProperty("Target_User_Domain", "Target_User_Name","PasswordRequired",True) |
Change User Password | ChangeUserPassword("Target_User_Domain", "Target_User_Name","Old_Password","New_ Password") |
Set User Password | SetUserPassword("Target_User_Domain", "Target_User_Name","New_Password") |
Query "User Cannot Change Password" bit | UserFlag("Target_User_Domain", "Target_User_ Name","Query", "PASSWD_CANT_CHANGE") |
Set "User Cannot Change Password" bit | UserFlag("Target_User_Domain","Target_User_ Name","Set", "PASSWD_CANT_CHANGE") |
Toggle "User Cannot Change Password" bit | UserFlag("Target_User_Domain","Target_User_ Name","Toggle","PASSWD_CANT_CHANGE") |
Query "Password Never Expires" bit | UserFlag("Target_User_Domain","Target_User_ Name","Query","DONT_EXPIRE_PASSWD") |
Set "Password NeverExpires" bit | UserFlag("Target_User_Domain", "Target_User_Name","Set","DONT_EXPIRE_ PASSWD") |
Toggle "Password Never Expires" bit | UserFlag("Target_User_Domain"," Target_User_Name","Toggle","DONT_EXPIRE_ PASSWD") |
Add Logon Workstation | SetLogonWorkstations("Target_User_Domain"," Target_User_Name","Add","New_Logon_ Workstation") |
Remove Logon Workstation | SetLogonWorkstations("Target_User_ Domain", "Target_User_Name","Remove", "Workstation_To_Remove") |
Enumerate Logon Workstations | For Each Item In EnumerateLogonWorkstations ("Target_User_Domain","Target_User_Name") |
Debug.Print Item | |
Next |
Top |