FiveTech Support Forums

FiveWin / Harbour / xBase community
Board indexAll discussionsLogin (GitHub)
Board index FiveWin for Harbour/xHarbour Help on authenticating user thru windows domains
carlos vargas
Posts: 1789
Joined: Tue Oct 11, 2005 05:01 PM
Re: Help on authenticating user thru windows domains
Posted: Mon Nov 24, 2014 03:16 PM
sin probar, pero la idea es esta.
no estoy muy claro si la funcion CreateObject puede crear estos tipos de objectos no solo los de excel.
indicanos los errores que aparecen
Code (fw): Select all Collapse
#include "fivewin.ch"
procedure main()
   ?Authenticated("cvarga","HolaMundo2014", "TESTDOM" )
return
   
Function Authenticated(cUserID, cPassword, cDNSDomain)
   local oRootDSE, oDSO, oU
 
   default cDNSDomain := ""
   
   If empty( cDNSDomain )
     oRootDSE = CreateObject( "LDAP://RootDSE" )
     cDNSDomain = oRootDSE:Get( "defaultNamingContext" )
   EndIf
    
    TRY
       oDSO = CreateObject( "LDAP:" )
       oU = oDSO:OpenDSObject( "LDAP://" +  cDNSDomain, cUserID, cPassword, 1 )
       lError := .f.
    CATCH
        ?Ole2TxtError(), OleError()
        lError := .t.
    END
    
RETURN (!lError)
Salu2

Carlos Vargas

Desde Managua, Nicaragua (CA)
hebert_j_vargas
Posts: 99
Joined: Thu Aug 02, 2012 03:21 PM
Re: Help on authenticating user thru windows domains
Posted: Mon Nov 24, 2014 03:34 PM

Gracias por tan pronta respuesta Carlos, ya habia realizado pruebas de este tipo y nada, pero voy a revisar tu código para ver y te aviso.

Compiler version: xHarbour 1.2.3 Intl. (SimpLex) (Build 20141106)

FiveWin Version: FWHX 15.01

BCC 5.8.2
carlos vargas
Posts: 1789
Joined: Tue Oct 11, 2005 05:01 PM
Re: Help on authenticating user thru windows domains
Posted: Mon Nov 24, 2014 03:55 PM
en foxpro este codigo funciona, pero aca la funcion getobject es capaz de crear el objeto com.
parece ser que [x]harbour no es capaz de crear este tipo de objetos.
esto en la prueba que he realizado
Code (fw): Select all Collapse
&& Supprimer un usager

Procedure DeleteUser(tcUser)
lcUserId ='CN='+tcUserID
objRootLDAP = Getobject("LDAP://RootDSE")
strDNSDomain = objRootLDAP.Get("DefaultNamingContext") && Get the context
strOU = "OU=Test,OU=OEB,OU=SAAS-users,"  && Your correct specifications
*' Prepare the OU and the Group
lcPath="LDAP://"+ strOU + strDNSDomain
* Specify the User.
strUser = "CN="+tcUser
* Bind to the object.
objADAM = Getobject(lcPath)
*Delete the User.
objADAM.Delete("user", strUser)
Endproc

&& Vérifier l'existence d'un usager.

PROCEDURE verifyIfUserExists(tcUserID)
LOCAL lcUserId
lcUserId ='CN='+tcUserID
objRootLDAP = Getobject("LDAP://RootDSE")
strDNSDomain = objRootLDAP.Get("DefaultNamingContext") && Get the context
strGroup = "CN=oeb-test,"
strOU = "OU=Test,OU=OEB,OU=SAAS-users,"  && You correct specifications
*' Prepare the OU and the Group
objGroup = Getobject("LDAP://"+ strGroup + strOU + strDNSDomain)
objOU =Getobject("LDAP://" +strOU + strDNSDomain)

For Each objUser In objOU
  If objUser.Class = Lower("User")
    IF objUser.name = lcUserId
      RETURN .T.
    ENDIF
  ENDIF
Endfor
RETURN .F.

ENDPROC

&& Bloquer le compte d'usager

PROCEDURE DisableAUser(tcUserId)
#Define  ADS_UF_ACCOUNTDISABLE 0x2

objRootLDAP = Getobject("LDAP://RootDSE")
strDNSDomain = objRootLDAP.Get("DefaultNamingContext") && Get the context
strOU = "OU=Test,OU=OEB,OU=SAAS-users," && You correct specifications
objUser = Getobject("LDAP://CN=" + tcUserId +","+;
  strOU+strDNSDomain)
objUser.Put( "userAccountControl", ADS_UF_ACCOUNTDISABLE)
objUser.SetInfo
ENDPROC

&& Changer de mot de passe

Procedure changePassword(tcUserId,tcPassword)

    objRootLDAP = Getobject("LDAP://RootDSE")
    strDNSDomain = objRootLDAP.Get("DefaultNamingContext") && Get the context
    strOU = "OU=Test,OU=OEB,OU=SAAS-users," && Your correct specifications
    objUser = Getobject("LDAP://CN=" + tcUserId +","+;
      strOU+strDNSDomain) && Get back the object to add a few more properties
    objUser.setPassword(tcPassword) && Set the password that gets encrypted -- In order to enable the account you need to set the password first
    && and it has to follow the password policies (eg: minimum number of characters, complexity etc)
    objUser.Put( "userAccountControl",ADS_UF_NORMAL_ACCOUNT) && Enable the user - by default it is disable
    objUser.SetInfo && Update the user's file

&& Ajouter un usager

Procedure addUser(tcName,tcUserId,tcFirstName,tcLastName,tcComputerName,;
      tcPassword)
#Define  ADS_UF_NORMAL_ACCOUNT 0x200
    #Define wbemAuthenticationLevelDefault 0x0
    #Define wbemChangeFlagCreateOrUpdate 0x0
    cWMInamespace = "root/directory/LDAP"
    cWMIclass = "ds_user"
    strOU = "OU=Test,OU=OEB,OU=SAAS-users,"
    strGroup = "CN=oeb-test,"
    *' Bind to Active Directory and get LDAP name
    objRootLDAP = Getobject("LDAP://RootDSE")
    strDNSDomain = objRootLDAP.Get("DefaultNamingContext") && Get the context
    objWMILocator = Createobject("WbemScripting.SWbemLocator")
    objWMILocator.Security_.AuthenticationLevel = wbemAuthenticationLevelDefault && We need the proper security to do this
    objWMIServices = objWMILocator.ConnectServer(tcComputerName, cWMInamespace, "", "") && Connect to the server that has the Active directory
    objWMIClass = objWMIServices.Get(cWMIclass) && Determine what we want to do -- Add a user.
    objWMIInstance = objWMIClass.SpawnInstance_
    objWMIInstance.DS_sAMAccountName = tcName   && Name of the user
    objWMIInstance.DS_userPrincipalName=tcUserId && Login name
    objWMIInstance.DS_givenName=tcFirstName && First name
    objWMIInstance.DS_sn=tcLastName && Last name
    objWMIInstance.DS_displayName = tcUserId && Display Name
    objWMIInstance.DS_distinguishedname=tcName && Complete name
    objWMIInstance.ADSIPath = "LDAP://CN=" + tcUserId +","+;
      strOU+strDNSDomain && Create an object with the properties
    objWMIInstance.Put_(wbemChangeFlagCreateOrUpdate) && Save the user object in Active Directory
    objUser = Getobject("LDAP://CN=" + tcUserId +","+;
      strOU+strDNSDomain) && Get back the object to add a few more properties
    objUser.setPassword(tcPassword) && Set the password that gets encrypted -- In order to enable the account you need to set the password first
    && and it has to follow the password policies (eg: minimum number of characters, complexity etc)
    objUser.Put( "userAccountControl",ADS_UF_NORMAL_ACCOUNT) && Enable the user - by default it is disable
    objUser.SetInfo && Update the user's file
    *' Prepare the OU and the Group
    objGroup = Getobject("LDAP://"+ strGroup + strOU + strDNSDomain)
    objOU =Getobject("LDAP://" +strOU + strDNSDomain)

    For Each objUser In objOU && Add the user to the correct group
      If objUser.Class = Lower("User") And tcUserId $ objUser.ADsPath
        objGroup.Add(objUser.ADsPath)
      Endif
    Endfor
Salu2

Carlos Vargas

Desde Managua, Nicaragua (CA)
carlos vargas
Posts: 1789
Joined: Tue Oct 11, 2005 05:01 PM
Re: Help on authenticating user thru windows domains
Posted: Mon Nov 24, 2014 04:07 PM
http://forums.fivetechsupport.com/viewtopic.php?f=3&t=10350&p=105866&hilit=ldap%3A%2F%2F#p105866
Salu2

Carlos Vargas

Desde Managua, Nicaragua (CA)

Continue the discussion

Static archive · New replies & topics via GitHub Discussions