First, you need to identify the users within the OU that you are checking by using a search string like the one below.
Basically, you'll want to apply an LDAP filter of (SamAccountName=*), and your base for the search should be the OU that you're looking in. For example: ou=users,dc=xyz,dc=com. Just make sure that the value that you receive is the objects DN. This will return every user that has been setup in that particular OU.sub ad_search { # To search AD and return a pre-determined value my $search_base = $_[0]; # This is the base for our searches my $filter = $_[1]; # This is the valid LDAP filter that we will b +e applying my $attribute = $_[2]; # This is the attribute that we will be ret +urning my $search_scope = $_[3]; # This is the scope for our search to fo +llow my ($conn, $res, @result, $succ_search); # Variables that we are u +sing as we go $conn = Win32::OLE->new('ADODB.Connection'); # New connection $conn->{Provider} = "ADsDSOObject"; # OLE provider $conn->Open; $res = $conn->Execute($search_base . $filter . $attribute . $searc +h_scope); # This is our search if ($res->EOF) { # If we have found 0 records that match our searc +h $succ_search = 0; # Set our no records found item and return i +t } else { $succ_search = 1; # So our records found item $res->MoveFirst; # Go to the first record while (not $res->EOF) { # Whie we still have records push (@result, $res->Fields(0)->Value); # Push them to our + array $res->MoveNext; # Go to the next one } } return ($succ_search, @result); # Return our success and our array + of results }
Next, you need to iterate for each DN that has been returned and push the Display name into another array. You can use a subroutine like this to return the attributes.
Once you have these details, loop once for each DN that has been returned and evaluate it to see if it matches the Regex. If it does, then modify the userPrincipalName with the following codesub ad_get_attrib { # For returning Attribute Values.... my $dn = $_[0]; # The object DN my $attrib = $_[1]; # The attribute in question my ($object,$result); $object = Win32::OLE->GetObject("$dn"); if ($object->{$attrib}) { # If this Attribute actually exists.... $result = $object->Get("$attrib"); } return $result; }
And that should just about do it....sub ad_modify { # To change a single value in AD my $dn = $_[0]; # The object DN my $attrib = $_[1]; # The attribute to change my $value = $_[2]; # The attributes new value my ($object); $object = Win32::OLE->GetObject("$dn"); $object->{$attrib} = "$value"; $object->SetInfo; # Don't forget to set the values }
In reply to Re: Win32::OLE ADODB
by SquireJames
in thread Win32::OLE ADODB
by 3dbc
| For: | Use: | ||
| & | & | ||
| < | < | ||
| > | > | ||
| [ | [ | ||
| ] | ] |