Query/Enumerate eDirectory in Powershell via System.DirectoryServices

Hello Scripting Guy,
    I have been tasked with taking a .Net program/project and converting it to PowerShell. The .Net program exported three sources of information and inserts those exports into a SQL database for multiple functions and reasons.
The three sources are AD, eDirectory, and PeopleSoft. The AD was simple with the "Module for Active Directory" and "SQLPS". Now, I need to connect to eDirectory via LDAP and query the source. I am able to connect/bind
to the eDirectory and search but I need to enumerate the directory and insert that into a SQL table. Given the logic I have developed for AD, it will be no problem inserting the records into SQL but I have not found anything to get my over the hurdle
of enumerating the directory. Below is the code that I found to successfully connect with eDirectory and perform a search. Thank you.
Connection Setup
$eDir = New-Object System.DirectoryServices.Protocols.LdapDirectoryIdentifier('1.2.3.4','389')
$eDirCreds = New-Object System.Net.NetworkCredential('cn=ConnectID,o=Home','MyConnectPS')
$ED = New-Object System.DirectoryServices.Protocols.LdapConnection($eDir,$eDirCreds)
$ED.SessionOptions.SecureSocketLayer = $False
$ED.AuthType = 'Basic'
$ED.Bind();
Search eDirectory records
$SearchScope = [System.DirectoryServices.Protocols.SearchScope]::SubTree
$SearchAttributeList = ,"*" <--- Not quit sure why the "," proceeds the "*"
$SearchBaseDN = "o=Home"
$SearchFilter = "(uid=SomeUser)"
$SearchReq = new-object System.DirectoryServices.Protocols.SearchRequest -ArgumentList $SearchBaseDN,$SearchFilter,$SearchScope,$SearchAttributeList
$SR = $ED.SendRequest($SearchReq)
    $SR displays ResultCode of success found or not found but if found contains DN in the "Entries" field.
MatchedDN    :
Controls     : {}
ResultCode   : Success
ErrorMessage :
Referral     : {}
References   : {}
Entries      : {cn=MyID,ou=OU1,ou=OU2,o=Home}
RequestId    :

I found my answer via this link at the Script Library:
---http://www.thescriptlibrary.com/Default.asp?Action=Display&Level=Category3&ScriptLanguage=Powershell&Category1=Active%20Directory&Category2=User%20Accounts&Title=Scripting%20Ldap%20Searches%20using%20PowerShell---
In answer to your question JRV, I wanted to perform a LDAP query for all directory ENTRIES in the eDirectory LDAP and then process the results into a SQL destination. The LDAP search that I was successful with only returned the success or fail
of finding a single object that I search for not the entire LDAP directory.
There was also an unanswered post from 2007 under the subject of "querying Edirectory using System.DirectoryServices.Protocols" that I was referred to when I filled the subject to this question. It went unanswered
and acknowledged for two years.
Here is the code and a small sample of data so that it may help others. The GetType() for $SearchResults returns as a System.Array with a sub System.Array as the Properties column. Also code to handle the results.
#Load Support Modules and Assemblies
Import-Module ActiveDirectory
Import-Module SQLPS -DisableNameChecking
Add-Type -AssemblyName System.DirectoryServices
#Setup eDirectory Connection Variables
$eDirPath = 'LDAP://1.1.1.1:389/o=home' (Whatever the eDir)
$eDirUser = 'cn=MyLDAPID,o=Home' (DN of UID)
$eDirPWD = 'MyLDAPPWD'
$eDIrAuthType = 'None' (Equates to basic)
#Establish eDirectory Connection and Enumerate
$Root = New-Object System.DirectoryServices.DirectoryEntry -argumentlist $eDirPath,$eDirUser,$eDirPWD,$eDIrAuthType
$Query = New-Object System.DirectoryServices.DirectorySearcher
$Query.SearchRoot = $Root
$Query.Filter = "(ObjectClass=Person)" (or whatever LDAP query you want)
$SearchResults = $Query.FindAll()
Path Properties
LDAP://1.1.1.1:389/cn=Account1,o=home {loginshell, telephonenumber, uniqueid, securityequals...}
LDAP://1.1.1.1:389/cn=Account2,o=home {loginshell, telephonenumber, uniqueid, securityequals...}
LDAP://1.1.1.1:389/cn=Account3,o=home {loginshell, uniqueid, securityequals, gidnumber...}
#For processing each entry in the results
ForEach ($Result in $SearchResults) `
#Convert object to utilize named values like CN, SN, UniqueID
$eDirObject = [PSCustomObject]$Result.Properties
write-host "$eDirObject.cn $eDirObject.sn $eDirObject.UniqueID"

Similar Messages

System.DirectoryServices.Protocols.SearchRequest Ldap Query Execution Problem

Hi,
     I am using DirectorySearcher class to query the active directory. It gives all the records in a single page (more than 5000). I want to get 100 records per page. So I moved to SearchRequest class. Using SearchRequest class I can
get 100 records per page. But for particular query it is not working. I want to get all the users with their
"samaccountname or displayname starts with 'a'" works fine. Then I want to get all the users with their
"samaccountname and displayname starts with 'a'", this it is not working. I can guess the reason, some of the users starts their samaccountname with a not having any displayname. Any workaround for this issue? Please guide me
Please refer the following code
//This query works fine
//string filter = "(&(objectCategory=person)(objectClass=user)(!sAMAccountType=805306370)(|(samaccountname=a*)(displayname=a*)))";
/* Not works */
string filter = "(&(objectCategory=person)(objectClass=user)(!sAMAccountType=805306370)(&(samaccountname=a*)(displayname=a*)))";
LdapConnection connection = new LdapConnection(serverName);
string[] attribs = { "samaccountname", "displayname" };
// create a SearchRequest object
SearchRequest searchRequest = new SearchRequest
(scope,
filter,
System.DirectoryServices.Protocols.SearchScope.Subtree,
attribs);
SortRequestControl sortRequest = new SortRequestControl("samaccountname", false);
searchRequest.Controls.Add(sortRequest);
VlvRequestControl vlvRequest =
new VlvRequestControl(0, numEntries, offsetVal);
searchRequest.Controls.Add(vlvRequest);
SearchResponse searchResponse =
(SearchResponse)connection.SendRequest(searchRequest);
if (searchResponse.Controls.Length != 2 ||
!(searchResponse.Controls[0] is SortResponseControl))
Console.WriteLine("The server does not support VLV");
return null;

Your exception condition
            if
(searchResponse.Controls.Length
!= 2 ||
!(searchResponse.Controls[0]
is SortResponseControl))
Console.WriteLine("The server does not support VLV");
return null;
is not correct. Why (?) - if you get back no hits from your query there will be no SortResponseControl because there was nothing to sort. Since your query filter has proved that there were no objects with sAMAccountName & displayName equals
a* in your AD you will not get back a SortResponseControl.
A better approach would be to check the DirectoryControls on the SearchResponse for the existance of a VlvResponseControl - like this:
       if (GetControl(sresponse.Controls, new VlvRequestControl().Type) == null)
       { Console.WriteLine("The server does not support VLV"); }
        protected DirectoryControl GetControl(DirectoryControl[] controls, string OID)
            DirectoryControl dcret = null;
            try
            { dcret = controls.ToList().Where(d => d.Type == OID).FirstOrDefault(); }
            catch (Exception ex)
            { ex.ToDummy(); } // *see below
            return dcret;
* Just for completeness and to explain the ex.ToDummy() thing - it's a custom extension:
    public static class ExtensionMethods
        public static void ToDummy(this Exception ex)
By itself there's nothing wrong with the filter - it's just unecessarly complicated - just write:
"(&(objectCategory=person)(objectClass=user)(!sAMAccountType=805306370)(samaccountname=a*)(displayname=a*))"
Another thing that could be of some interest for you:
The filter "(&(objectCategory=person)(objectClass=user)(!sAMAccountType=805306370)(samaccountname=a*)(displayname=a*))" uses displayName as index.
"(&(objectCategory=person)(objectClass=user)(!sAMAccountType=805306370)(|(samaccountname=a*)(displayname=a*)))"; get's translated from the QueryOptimizer on the DC to ( | ( & (objectCategory=CN=Person,CN=Schema,CN=Configuration,DC=mfp-labs,DC=labsetup,DC=org)
(objectClass=user) ( ! (sAMAccountType=805306370) ) (displayName=a*) ) ( & (objectCategory=CN=Person,CN=Schema,CN=Configuration,DC=mfp-labs,DC=labsetup,DC=org) (objectClass=user) ( ! (sAMAccountType=805306370) )
(sAMAccountName=a*) ) ) and uses sAMAccountName and displayname as index for the search
@Richard M. : sAMAccountType=805306370 (0x30000002) translates to SAM_TRUST_ACCOUNT - so I guess your AD doesn't have any trusts established .-)
Hth
Michael

Persistent search using system.directoryservices.protocols

My goal is to develop an application in VB.NET that monitors eDirectory
using an LDAP persistent search. As user objects are added, moved,
renamed and deleted in eDirectory, the program will construct an event
notification in XML format and send it to an email account for
processing by other programs.
I've tried implementing the above functionality using the now
unsupported Novell Internet Directory ActiveX control (NWIDir), which
supports a PersistentSearch method and change notification via a
DirectoryModified event. But have found that it will only run for a few
minutes and then crashes either when run in the VB6 IDE or as an
executable. Since the these ActiveX controls are now unsupported (a
real shame, since they offer AMAZING functionality and INCREDIBLE ease
of use), I decided to go with a pure VB.NET solution.
I settled on using the System.DirectoryServices.protocols name space
and have tried to implement a persistent search with the following code:
Dim error_message As String = ""
Dim ldapcon As LdapConnection = LDAP_Connect(error_message)
If ldapcon Is Nothing Then
'Failed to connect to the ldap server.
MessageBox.Show("Failed to connect to ldap server,
Exception: " & error_message)
Exit Sub
End If
Dim attributesList() As String = {"cn", "SSN", "sn",
"givenname", "initials", "l", "ou", "telephonenumber",
"facsimiletelephonenumber", "title", "description", "uid",
"logindisabled", "logintime", "passwordexpirationtime",
"passwordexpirationinterval"}
Dim ctrlData As Byte() = BerConverter.Encode("{ibb}", New
Object() {1, True, True})
Dim persistentSearchControl As New
DirectoryControl("2.16.840.1.113730.3.4.3", ctrlData, True, True)
Dim searchRequest As New SearchRequest("o=oes",
"(&(objectclass=inetorgperson)(cn=*))",
System.DirectoryServices.Protocols.SearchScope.Sub tree, attributesList)
searchRequest.Controls.Add(persistentSearchControl )
Dim asyncCallBack As New AsyncCallback(AddressOf
PersistentSearchCallBack)
Dim timeSpan As New TimeSpan(1, 0, 0, 0, 0)
ldapcon.BeginSendRequest(searchRequest, timeSpan,
PartialResultProcessing.ReturnPartialResults, asyncCallBack,
searchRequest)
Here's my Asynch callback subroutine definition:
Sub PersistentSearchCallBack(ByVal ar As IAsyncResult)
End Sub
Here's my function library that I developed for connecting to
eDirectory VIA SSL just for reference:
Function LDAP_Connect(ByRef Error_Message As String) As
LdapConnection
'This function connects to an LDAP server and returns an
LDAPConnection object.
'If a connection cannot be established, the function will
return Nothing, and the
'Error_Message parameter will be set to the error returned by
the LDAP server.
Error_Message = ""
Try
Dim ldapcon As LdapConnection = New LdapConnection(New
LdapDirectoryIdentifier(LDAP_Server_IP & ":" & LDAP_Port), New
System.Net.NetworkCredential(LDAP_Authentication_D N, ldap_Password))
ldapcon.SessionOptions.SecureSocketLayer = True
ldapcon.SessionOptions.VerifyServerCertificate = New
VerifyServerCertificateCallback(AddressOf ServerCallback)
ldapcon.AuthType = AuthType.Basic
ldapcon.Bind()
Return ldapcon
Catch ex As Exception
'Failed to bind to ldap server.
Error_Message = ex.Message.ToString
Return Nothing
End Try
End Function
Public Function ServerCallback(ByVal connection As LdapConnection,
ByVal certificate As
System.Security.Cryptography.X509Certificates.X509 Certificate) As
Boolean
'Validate that the exchanged public keys match each other.
Try
Dim expectedCert As X509Certificate = New
X509Certificate(LDAP_SSL_Certificate)
If expectedCert.GetRawCertDataString =
certificate.GetRawCertDataString Then
Return True
Else
Return False
End If
Catch ex As Exception
'Certificate could not be loaded.
Return False
End Try
End Function
When I run the code, I get an the following error message:
The server does not support the control. The control is
critical.
Any help from someone who has successfully done an LDAP persistent
search against eDirectory using the System.DirectoryServices.Protocols
name space would be greatly appreciated, I've been trying to figure this
out in my spare time for a few weeks now. Thanks in advance!
jstaffor
jstaffor's Profile: http://forums.novell.com/member.php?userid=18218
View this thread: http://forums.novell.com/showthread.php?t=414012

On 6/23/2010 8:03 AM, Michael Bell wrote:
> On 6/23/2010 7:06 AM, jstaffor wrote:
>>
>> My goal is to develop an application in VB.NET that monitors eDirectory
>> using an LDAP persistent search. As user objects are added, moved,
>> renamed and deleted in eDirectory, the program will construct an event
>> notification in XML format and send it to an email account for
>> processing by other programs.
>>
>> I've tried implementing the above functionality using the now
>> unsupported Novell Internet Directory ActiveX control (NWIDir), which
>> supports a PersistentSearch method and change notification via a
>> DirectoryModified event. But have found that it will only run for a few
>> minutes and then crashes either when run in the VB6 IDE or as an
>> executable. Since the these ActiveX controls are now unsupported (a
>> real shame, since they offer AMAZING functionality and INCREDIBLE ease
>> of use), I decided to go with a pure VB.NET solution.
>>
>> I settled on using the System.DirectoryServices.protocols name space
>> and have tried to implement a persistent search with the following code:
>>
>>
>> ************************************************** *******
>> Dim error_message As String = ""
>> Dim ldapcon As LdapConnection = LDAP_Connect(error_message)
>>
>> If ldapcon Is Nothing Then
>> 'Failed to connect to the ldap server.
>> MessageBox.Show("Failed to connect to ldap server,
>> Exception: "& error_message)
>> Exit Sub
>> End If
>> Dim attributesList() As String = {"cn", "SSN", "sn",
>> "givenname", "initials", "l", "ou", "telephonenumber",
>> "facsimiletelephonenumber", "title", "description", "uid",
>> "logindisabled", "logintime", "passwordexpirationtime",
>> "passwordexpirationinterval"}
>>
>> Dim ctrlData As Byte() = BerConverter.Encode("{ibb}", New
>> Object() {1, True, True})
>>
>> Dim persistentSearchControl As New
>> DirectoryControl("2.16.840.1.113730.3.4.3", ctrlData, True, True)
>> Dim searchRequest As New SearchRequest("o=oes",
>> "(&(objectclass=inetorgperson)(cn=*))",
>> System.DirectoryServices.Protocols.SearchScope.Sub tree, attributesList)
>>
>> searchRequest.Controls.Add(persistentSearchControl )
>> Dim asyncCallBack As New AsyncCallback(AddressOf
>> PersistentSearchCallBack)
>> Dim timeSpan As New TimeSpan(1, 0, 0, 0, 0)
>>
>> ldapcon.BeginSendRequest(searchRequest, timeSpan,
>> PartialResultProcessing.ReturnPartialResults, asyncCallBack,
>> searchRequest)
>> ************************************************** ******
>> Here's my Asynch callback subroutine definition:
>>
>> Sub PersistentSearchCallBack(ByVal ar As IAsyncResult)
>>
>> End Sub
>>
>> Here's my function library that I developed for connecting to
>> eDirectory VIA SSL just for reference:
>>
>> Function LDAP_Connect(ByRef Error_Message As String) As
>> LdapConnection
>> 'This function connects to an LDAP server and returns an
>> LDAPConnection object.
>> 'If a connection cannot be established, the function will
>> return Nothing, and the
>> 'Error_Message parameter will be set to the error returned by
>> the LDAP server.
>> Error_Message = ""
>>
>> Try
>> Dim ldapcon As LdapConnection = New LdapConnection(New
>> LdapDirectoryIdentifier(LDAP_Server_IP& ":"& LDAP_Port), New
>> System.Net.NetworkCredential(LDAP_Authentication_D N, ldap_Password))
>> ldapcon.SessionOptions.SecureSocketLayer = True
>> ldapcon.SessionOptions.VerifyServerCertificate = New
>> VerifyServerCertificateCallback(AddressOf ServerCallback)
>> ldapcon.AuthType = AuthType.Basic
>> ldapcon.Bind()
>> Return ldapcon
>> Catch ex As Exception
>> 'Failed to bind to ldap server.
>> Error_Message = ex.Message.ToString
>> Return Nothing
>> End Try
>> End Function
>>
>> Public Function ServerCallback(ByVal connection As LdapConnection,
>> ByVal certificate As
>> System.Security.Cryptography.X509Certificates.X509 Certificate) As
>> Boolean
>> 'Validate that the exchanged public keys match each other.
>> Try
>> Dim expectedCert As X509Certificate = New
>> X509Certificate(LDAP_SSL_Certificate)
>>
>> If expectedCert.GetRawCertDataString =
>> certificate.GetRawCertDataString Then
>> Return True
>> Else
>> Return False
>> End If
>> Catch ex As Exception
>> 'Certificate could not be loaded.
>> Return False
>> End Try
>> End Function
>>
>> When I run the code, I get an the following error message:
>>
>> The server does not support the control. The control is
>> critical.
>>
>> Any help from someone who has successfully done an LDAP persistent
>> search against eDirectory using the System.DirectoryServices.Protocols
>> name space would be greatly appreciated, I've been trying to figure this
>> out in my spare time for a few weeks now. Thanks in advance!
>>
>>
> That error is telling you plain and simple the control you want to use
> doesn't exist in the RootDSE.
Also see,
http://www.novell.com/documentation/...a/agpcvpg.html
You have to enable persistant searches.

Starting SMA runbook with parameteres using powershell via REST

Hello!
I am trying to start SMA runbook using powershell via REST. I can do that normally for simple runbook without parameters using REST web service (for example
https://my.server.com:9090/00000000-0000-0000-0000-000000000000/Runbooks%28guid%27bd55d199-c261-4c50-9cef-a83d5c976ce2%27%29/Start
However, I do not understand how to start a runbook which has parameters? For example I have 2 runbooks - 1 with single parameter and second with 3 parameters, how can I pass parameters value? I would really appreciate any help!

Hello
Does this Link answer your question?
http://msdn.microsoft.com/en-us/library/hh921685.aspx
Thanks
Josh
Code from that URL in case the link ever dies:
# Details of the runbook we are going to run
$rbid = "00000000-0000-0000-00000000000000001"
$rbParameters = @{"00000000-0000-0000-00000000000000002" = "This is the value for Param1.";" 00000000-0000-0000-00000000000000003" = " This is the value for Param2."}
# Create the request object
$request = [System.Net.HttpWebRequest]::Create("http:// server01.contoso.com:81/Orchestrator2012/Orchestrator.svc/Jobs")
# Set the credentials to default or prompt for credentials
$request.UseDefaultCredentials = $true
# $request.Credentials = Get-Credential
# Build the request header
$request.Method = "POST"
$request.UserAgent = "Microsoft ADO.NET Data Services"
$request.Accept = "application/atom+xml,application/xml"
$request.ContentType = "application/atom+xml"
$request.KeepAlive = $true
$request.Headers.Add("Accept-Encoding","identity")
$request.Headers.Add("Accept-Language","en-US")
$request.Headers.Add("DataServiceVersion","1.0;NetFx")
$request.Headers.Add("MaxDataServiceVersion","2.0;NetFx")
$request.Headers.Add("Pragma","no-cache")
# If runbook servers are specified, format the string
$rbServerString = ""
if (-not [string]::IsNullOrEmpty($RunbookServers)) {
$rbServerString = -join ("<d:RunbookServers>",$RunbookServers,"</d:RunbookServers>")
# Format the Runbook parameters, if any
$rbParamString = ""
if ($rbParameters -ne $null) {
# Format the param string from the Parameters hashtable
$rbParamString = "<d:Parameters><![CDATA[<Data>"
foreach ($p in $rbParameters.GetEnumerator())
#$rbParamString = -join ($rbParamString,"<Parameter><ID>{",$p.key,"}</ID><Value>",$p.value,"</Value></Parameter>")
$rbParamString = -join ($rbParamString,"<Parameter><ID>{",$p.key,"}</ID><Value>",$p.value,"</Value></Parameter>")
$rbParamString += "</Data>]]></d:Parameters>"
# Build the request body
$requestBody = @"
<?xml version="1.0" encoding="utf-8" standalone="yes"?>
<entry xmlns:d="http://schemas.microsoft.com/ado/2007/08/dataservices" xmlns:m="http://schemas.microsoft.com/ado/2007/08/dataservices/metadata" xmlns="http://www.w3.org/2005/Atom">
<content type="application/xml">
<m:properties>
<d:RunbookId m:type="Edm.Guid">$rbid</d:RunbookId>
$rbserverstring
$rbparamstring
</m:properties>
</content>
</entry>
# Create a request stream from the request
$requestStream = new-object System.IO.StreamWriter $Request.GetRequestStream()
# Sends the request to the service
$requestStream.Write($RequestBody)
$requestStream.Flush()
$requestStream.Close()
# Get the response from the request
[System.Net.HttpWebResponse] $response = [System.Net.HttpWebResponse] $Request.GetResponse()
# Write the HttpWebResponse to String
$responseStream = $Response.GetResponseStream()
$readStream = new-object System.IO.StreamReader $responseStream
$responseString = $readStream.ReadToEnd()
# Close the streams
$readStream.Close()
$responseStream.Close()
# Get the ID of the resulting job
if ($response.StatusCode -eq 'Created')
$xmlDoc = [xml]$responseString
$jobId = $xmlDoc.entry.content.properties.Id.InnerText
Write-Host "Successfully started runbook. Job ID: " $jobId
else
Write-Host "Could not start runbook. Status: " $response.StatusCode

Mac OS X 10.8. Login to iCloud via System Preferences invokes "You can't sign in at this time. Try signing it again."

Mac OS X 10.8 "You can't sign in at this time. Try signing it again." after the attempt to login to iCloud via System Preferences.
Console log is following:
com.apple.iCloudHelper[530]: AOSKit ERROR: (System Preferences[497]) AOSKC (myApplyID): Failed to store key, couldn't add kc item, error -61 (service=iCloud, dsid=297815451)
com.apple.iCloudHelper[530]: AOSKit ERROR: (System Preferences[497]) AOSKC (myApplyID): Failed to store account info key (dsid=297815451).
com.apple.iCloudHelper[530]: AOSKit ERROR: (System Preferences[497]) Failed to store account info for appleID=myApplyID
The articles
http://www.justanswer.com/mac-computers/6x0cm-trying-sign-icloud-system-preferen ces.html and https://discussions.apple.com/thread/3384598?start=0&tstart=0 was not helpfull.
Could you help me allow to resolve this : AOSKit ERROR ?

Reset key chain DID NOT, work for me, and I renamed the backup it made back to the original. (Note to others: I may have had permissions or other issues due to the way I upgraded to Mountain Lion by creating a new user and moving things over manually.)
HERE IS HOW I FIXED IT: (I don't know what the ramifications are, so this will make you a backup too.)
I threw away my Library > Application Support > iCloud folder.
In the Finder, choose Go, hold down the option key (alt) and choose Library which will appear in the menu.
Navigate to Library > Application Support and option-drag the iCloud folder to your desktop (that will make a copy).
Now drag the iCloud folder that is in Library > Application Support to the trash, enter your administrators password when prompted.
Then try entering your info in the Preference Panel again.

What are the possible LdapException.ErrorCode values when using System.DirectoryServices.Protocols?

When making Ldap calls using the System.DirectoryServices.Protocols Namespace classes and a request generates an LdapException the ErrorCode property contains a numeric value describing the error. However, I cannot find any documentation describing what
the possible error codes are and what they mean. Is this documented somewhere?
Thank you.
-Dave Herrmann

That should be the error code returned by the ldap_* native functions:
https://msdn.microsoft.com/en-us/library/aa367014(v=vs.85).aspx

HT201364 since I updated my system to Mavericks my computer colour is always grey. I have tried to change the colour via system preference without any success. What should I do to so that my screen will be colourful?

since I updated my system to Mavericks my computer colour is always grey. I have tried to change the colour via system preference without any success. What should I do to so that my screen will be colourful?

Please post a screenshot that shows what you mean. Be careful not to include any private information.
Start a reply to this message. Drag the image file into the editing window to upload it. You can also include text in the reply.

Check if user is part of AD group using System.DirectoryServices.AccountManagement namespace

I am trying to validate a user from SharePoint to see if a user exists within an AD group. SharePoint does not allow you to do this so I am using the:
using
System.DirectoryServices.AccountManagement;
to validate user existance within that AD group. I found the following method that allows me to validate but bombing on me:
public bool IsUserInGroup(string username, string groupname, ContextType type)
PrincipalContext context = new PrincipalContext(type);
UserPrincipal user = UserPrincipal.FindByIdentity( context, IdentityType.Name, username);
GroupPrincipal group = GroupPrincipal.FindByIdentity(context, groupname);
return user.IsMemberOf(group);
When I call my method, i get
An operations error occurred.
I read that it might be an impersination error but I have my web.config set up already with:
<
authentication mode="Windows" />
<
identity impersonate="true" />
Any suggestions from someone that has worked with that namespace on SharePoint? I just want to plainly check to see if a user is part of a certain group on AD from SharePoint.
Victor Palma

“An operations error occurred. “ may suggest a COMException is occurred.
I wrote an simple console application that works:
    static void Main(string [] args)
        Console .WriteLine(IsUserInGroup("Administrator" , "Domain Admins" ));
    public static bool IsUserInGroup(string username, string groupname)
        var foundUser = false ;
        var context = new PrincipalContext (ContextType .Domain, "DC" );
        var group = GroupPrincipal .FindByIdentity(context, groupname);
        if (group == null )
            context.Dispose();
            throw new Exception ("Group could not be found: " + groupname);
        // GetMembers(true) is recursive (groups-within-groups)
        foreach (var member in group.GetMembers(true ))
            try
                if (member.SamAccountName.Equals(username))
                    foundUser = true ;
                    break ;
            catch (Exception )
                // One of the members could not be retrieved, moving on...
        group.Dispose();
        context.Dispose();
        return foundUser;
Reference:
Recursive Active Directory group membership using System.DirectoryServices in .NET 3.5(http://www.lessanvaezi.com/recursive-active-directory-group-membership-using-system-directoryservices-in-net-3-5/)
Another important notice:
How to use the System.DirectoryServices namespace in ASP.NET(http://support.microsoft.com/default.aspx/kb/329986)
Keep It Simple and Stupid.

CAML Query Using CSOM in PowerShell

Hi,
I am trying to retrieve list items based on certain conditions using CAML query. I am using CAML query in Powershell using CSOM. The issue is no matter what condition i provide, it returns all list items. Any help would be highly appreciated. The script is:
# Location of DLL's
$loc ="C:\SharePoint\ClientDLL"
Write-Host "Date Range"
Set-Location $loc
Add-Type -Path (Resolve-Path Microsoft.SharePoint.Client.dll)
Add-Type -Path (Resolve-Path Microsoft.SharePoint.Client.Runtime.dll)
#Write the path of SharePoint Portal within double braces
$siteUrl = ""
#Login ID
$loginname = ""
#$listname=""
Write-Host "Please enter password for $($siteUrl):"
$pwd = Read-Host -AsSecureString
$ctx = New-Object Microsoft.SharePoint.Client.ClientContext($siteUrl)
$ctx.Credentials = New-Object System.Net.NetworkCredential($loginname, $pwd)
$web = $ctx.Web
$list=$Web.Lists.GetByTitle($listname)
$count = $list.ItemCount
Write-Host $count
$newline = [environment]::newline
$($list.Title)
Write-Host -NoNewline "Deleting list items from : $($listname)" -foregroundcolor black -backgroundcolor yellow
#$caml="<View><Query><Where><Eq><FieldRef Name='Title'/><Value Type='Text'>achint</Value></Eq></Where></Query></View>"
$caml="<View><Query><Where><Eq><FieldRef Name='Created'/><Value Type='DateTime' IncludeTimeValue='FALSE'>11/9/2014</Value></Eq></Where></Query></View>"
$cquery = New-Object Microsoft.SharePoint.Client.CamlQuery
$cquery.ViewXml=$caml
$listItems = $list.GetItems($cquery)
$ctx.Load($listItems)
$ctx.ExecuteQuery()
$newline
Write-Host $listItems.Count
if ($listItems.Count -gt 0)
#$listItems | % {$list.GetItemById($_.Id).DeleteObject()}
#$ctx.ExecuteQuery()
Write-Host "All list items deleted from List." -foregroundcolor black -backgroundcolor green
else
Write-Host "No Item in list: $($listname) to delete" -foregroundcolor black -backgroundcolor red
Regards,
Sudheer
Thanks & Regards, Sudheer

HI?
TRY to use query like this :
$query = "<query>
<where>
<eq>
<FieldRef Name="ID"
<Value Type="Number">$IDNum</value>
</eq>
</where>
</query>"

Copy BW template (cube, query, web application) to multiple BW systems

We have a set of cube, query and web applications in a BW system. And we'd like to copy the set of objects to other BW systems as a BW template.
(Q1) We know we can transfer the set of obejcts to other BW systems by using STMS and AWB. But if so we have to make connection between two systems. We'd like to avoid coping the template via internet or intranet.
Is it possible to copy the BW template to other BW systems by using CD-ROM/DVD?
(Q2) When we do copy the template, if there is an InfoObject with same name existing in copy-to system, I suppose there will be an error. Is there a solution to avoid this situation?
Tetsuya

Hi Tetsuya,
here are more details for the procedure mentioned above:
Datafiles of transport requests are in most SAP-Installations located in /usr/sap/trans/data. They are named R<# of transport request>.<SID>
The cofiles are in most SAP-Installtions located in /usr/sap/trans/cofiles. They are named K<# of transport request>.<SID>
Do NOT change the names of the files. We've discovered that it's safer to zip those files, as some virus scanners in email-servers may scramble the files.
Locate the files in the appropriate directory of the target system and go to the import-queue using STMS.
Chose Extras / Other requests / Add to add the request to the queue (note: you must use the request number of the source-system e.g. <SID>K900123)
When you start the import, choose option "Overwrite Objects in unconfirmed Repairs", when you want existing objects to be overridden.
Hope, this helps
Robert

Query SSIS packages details from file system

Hi All,
I have around 500 packages (SQL 2005) deployed in file system & all this packages are running on daily basis via SQL agent. Now I need to migrated all 500 packages into SQL server 2008 R2.
There is no inventory to track which package belogs to which team and any other information.
Now, I need a method to query the pakages connection string details with database respective. Is there any method?
Thanks
Raghu

Check this out, might be helpful for your requirement
Read SSIS Package File(.dtsx) for Information [Connection Managers,Transformations,Variables,Configuration,Expressions,Log Providers]
http://sqlage.blogspot.com/

Controlling TV Speakers Indirectly with Apple Remote via System Volume

My Mac Mini is connected to a Sony TV via an HDMI cable. I would like to control the volume of the TV speakers indirectly by controlling the Mac Mini system volume with my Apple remote. But when I attempt to change the volume the speaker icon appears and is grayed out.
What do I need to do in order to control the TV speakers indirectly with my Apple Remote by adjusting the Mac Mini system volume?

As standard Macs do not support controlling the volume of an attached TV connected to the HDMI port. This feature is called CEC (Consumer Electronics Control).
There is at least one adaptor which can 'insert' the CEC commands, see http://www.pulse-eight.com/store/products/104-usb-hdmi-cec-adapter.aspx
This adaptor however requires the software you are using to have support for driving this adaptor, therefore it does not look like the generic Mac volume control in association with the Apple remote would control it. Why you ask did I mentioned it then? Well XBMC (XBox Media Center) for the Mac does supprt this adaptor, you can therefore use XBMC on the Mac to play movies to your TV and control the volume of the TV.
If you can write software, you could also in theory use their library to add a more generic volume control.

How query data in pl/sql via ODBC from DB2 on AS400

Hi,
What's the most easy way to do some selects on tables in an external (non-oracle)database via odbc?
I only need selects, no dml-statements like inserts en updates...
Where can I find more information about this subject?
Filip

You need to use Oracle Heterogeneous Services. Firstly you have to obtain and configure DB2 ODBC drivers. I got mine from ibm.com (not free) but I am sure there are some third party vendors out there. I don't know much about DB2 so I can't help you with the configuration (I asked a DB2 DBA to help me with that part).
The rest is just setting up Oracle HS and creating the DB link. The following steps should help but there are much more detailed manuals for Oracle HS on http://tahiti.oracle.com.
Listener Configuration
Add the following entry into the SID_LIST part of the listener. The SID_NAME will be used in the heterogeneous services configuration
(SID_DESC=
(SID_NAME=db2)
(ORACLE_HOME=D:\oracle\ora92)
(PROGRAM=hsodbc)
Restart the listener.
Heterogeneous Service Configuration
Under ORACLE_HOME\HS\admin create the following text file called initDB2.ora (the DB2 part should match the SID_NAME used in the listener configuration).
Put the following line in the text file (the DQ01 is the name of the DB2 ODBC System DSN):
HS_FDS_CONNECT_INFO=DQ01
Client Configuration
The client side refers to an Oracle database that will use the heterogeneous gateway.
TNSNames Entry
Put the following entry in the tnsnames.ora file (the SID part should match the SID_NAME in the listener configuration):
DB2.telkom.co.za =
(DESCRIPTION=
(ADDRESS=(PROTOCOL=tcp)(HOST=cntrra20-esdt00)(PORT=1521))
(CONNECT_DATA=(SID=db2))
(HS=OK)
Database Link
Create a database link that references the new tnsnames.ora entry:
create public database link db2
connect to oratst identified by oracle using 'db2';
Test the database link.

Sentinel 7 using ldap query to eDirectory

Hi,
Is it possible for me to generate a custom report that will perform a
ldapsearch on my eDirectory to retrieve attributes of users? Or is there
a way where i can create a collector to connect to my eDirectory
database?. What I'm planning to do is i would like to customized a
report to display all users attribute in a report using iReport and
upload it into Sentinel 7 system, please advise thanks.
albertngfalls2012
albertngfalls2012's Profile: https://forums.netiq.com/member.php?userid=4894
View this thread: https://forums.netiq.com/showthread.php?t=49182

On 11/13/2013 11:04 AM, albertngfalls2012 wrote:
>
> Hi ab,
>
> Firstly thanks for your reply, actually i do have an IDM server running
> currently but how do I export user data to Sentinel using Identity
> Integration? Correct me if I'm wrong when you say Identity Integration
> do you mean the driver used for Identity Tracking? If that's the driver
The Sentinel 7 driver for IDM is for "Identity Tracking", yes, which is
the feature that feeds data from user objects in the Identity Vault into
Sentinel, which then means that the data are held in Sentinel for direct
reporting.
> that you're mentioning how do I actually pull out all this user data to
> compile as a report and what tool or language (MySQL, Lucene and etc)
> should I use? and once I compile this report can I upload it to my
I'd check the default, built-in reports first to see if there are any that
report on identities in the system. If so, what you're after may be
really easy. If not, you could build a report with iReport that queries
the built-in PostgreSQL database (like other stock reports already can do
out of the box, so maybe use them as templates if that helps, vs. the
Lucene ones that will not be as helpful as templates) for the identities.
I forget the table names now, but I believe they have identity in the
name... something like usr_identity or similar.
Good luck.
If you find this post helpful and are logged into the web interface,
show your appreciation and click on the star below...

Error in Query View Saving -The standard transport system is active.You can

Hi,
I have a query in Dev system which is moved to production and i am able to edit the query in dev.But my problem is when i tried to create a view on that query and save the view, it is throwing me a error
"The standard transport system is active.You cannot save"
Any pointers on this.
Regards,
Pra

Hi
Did you get any feedback on this one?? Im facing the same message when saving a query view..
Thanks
Willem

Query/Enumerate eDirectory in Powershell via System.DirectoryServices

Similar Messages

Maybe you are looking for