查询AD使用LotusScript - lastLogon值空 [英] Query AD using LotusScript - lastLogon value empty
问题描述
尊敬的LotusScript大师,
Dear LotusScript Gurus,
我开发Lotus Notes代理谁应该同步我们的Windows 2003 AD与我们的Lotus Domino目录(V 7.0.3服务器/客户端)。
I am developing a Lotus Notes agent who should synch our Windows 2003 AD with our Lotus Domino Directory (V 7.0.3 Server/Client).
我使用的ADODB.Connection和ADODB.Command工艺将其连接和查询AD用户。
I am using the ADODB.Connection and ADODB.Command processes to connect it and query the AD users.
这是命令文本:
objCommand.CommandText =< LDAP:// OU = DMHU Users,dc=some,dc=kindof,dc=domain>;(&(objectCategory=person)(objectClass=user));name,lastLogon;subTree"
然后我就可以访问域lastLogon的内容:
Then I would access the content of the field "lastLogon":
objRecordSet.Fields(lastLogon)。值
但这是空的,而场名有正确的值(我知道lastLogon字段是一个64位的日期 - 整数左右)。
but this is empty while the field "name" has the correct values (I know that the lastLogon field is a 64bit date - integer or so).
使用相同的查询例如在VBScript中收到很好的lastLogon内容。
Using the same query e.g. in a VBScript receives the lastLogon content well.
另外使用像内的LotusScript code查询的SQL给出了同样的空lastLogon值。
Also using the SQL like query within the LotusScript code gives the same empty lastLogon value.
没有任何人有一个想法?
Does anybody have an idea?
在此先感谢!
推荐答案
最后,我已经找到了解决方案。
Finally I have found the solution.
要访问lastLogon(等实物AD变量)首先一个对象,它接收当前AD用户对象已被设置的:
To access the lastLogon (and so kind AD variables) first of all an object has to be set which receives the current AD user object:
Set objUser = GetObject(rs.Fields("adspath").Value)
...
则lastLogon必须被设置为对象,以及
then the lastLogon has to be set as an object, as well:
Set objLastLogon = objUser.Get("lastLogonTimeStamp")
这OLE对象将有一个HighPart和LowPart成员。使用该成员的最后一次登录的日期和时间可以计算出来。
This OLE object will have a HighPart and a LowPart member. Using that members the last logon date and time can be calculated.
本博客文章让我大开眼界: <一href="http://sgwindowsgroup.org/blogs/badz/archive/2010/03/01/querying-for-the-lastlogontimestamp-attribute-of-all-users-in-an-ou.aspx" rel="nofollow">http://sgwindowsgroup.org/blogs/badz/archive/2010/03/01/querying-for-the-lastlogontimestamp-attribute-of-all-users-in-an-ou.aspx
This blog entry opened my eyes: http://sgwindowsgroup.org/blogs/badz/archive/2010/03/01/querying-for-the-lastlogontimestamp-attribute-of-all-users-in-an-ou.aspx
下面是由箱实现的功能可接收特定用户的CN和的lastLogonTimestamp
Here is the function implemented by me which can receive the CN and lastLogonTimeStamp of a specific user.
Sub getADUserLastLogon(sUser As String)
Dim workspace As New NotesUIWorkspace
Dim conn As Variant
Dim sRoot As String
sRoot = "LDAP://ou=USERS_OR_WHATEVER,dc=my,dc=domain"
Set oConn = CreateObject("ADODB.Connection")
oConn.Provider = "ADSDSOObject"
oConn.Open "Ads Provider", "USERNAME", "SECRETPWD" ' open connection with specific user credentials
Dim rs
Set rs = oConn.Execute("<" & sRoot & ">;(&(objectCategory=person)(objectClass=user)(cn=" & sUser & "));" &_
"adspath,distinguishedname,sAMAccountName,cn,mail,telephoneNumber,lastLogonTimeStamp;subtree")
While Not (rs.EOF)
On Error Resume Next
Set objUser = GetObject(rs.Fields("adspath").Value)
'Print "getting user: " & objUser.Get("cn")
Set objLastLogon = objUser.Get("lastLogonTimeStamp")
Dim intLastLogonTime As Double
intLastLogonTime = (objLastLogon.HighPart * (2^32)) + objLastLogon.LowPart ' due to the 64 bit number
intLastLogonTime = intLastLogonTime / (60 * 10000000) ' convert from 100nanosec to minutes
intLastLogonTime = intLastLogonTime + 60 ' local timezone
intLastLogonTime = intLastLogonTime / 1440 ' convert to hours
intLastLogonTime = intLastLogonTime + Datenumber(1601,1,1)
Call workspace.CurrentDocument.Document.ReplaceItemValue("txtADResult", _
workspace.CurrentDocument.FieldGetText("txtADResult") & Chr(13) & _
rs.Fields("cn").Value & " Last Logon: " & Format$(Cdat(intLastLogonTime), "yyyy.mm.dd. hh:nn:ss"))
rs.MoveNext
Wend
End Sub
这篇关于查询AD使用LotusScript - lastLogon值空的文章就介绍到这了,希望我们推荐的答案对大家有所帮助,也希望大家多多支持IT屋!
