>>This is very awesome and useful, not just for only Exchange.
>>I would be curious on how to do this through CDO as well.
Well here is some ADO OLE stuff. &GetSidFromMailbox is the specific code to
get the assoc-nt-account.
syntax: Progname.pl domain\account
use Win32::OLE;
use strict;
# (REQUIRED ADSI TOOL KIT - REGSVR32 ADSSECURITY.DLL)
my %ADS_SID_FORMAT = (
ADS_SID_RAW => 0,
ADS_SID_HEXSTRING => 1,
ADS_SID_SAM => 2,
ADS_SID_UPN => 3,
ADS_SID_SDDL => 4,
ADS_SID_WINNT_PATH => 5,
ADS_SID_ACTIVE_DIRECTORY_PATH => 6,
ADS_SID_SID_BINDING => 7 );
# Currently this program accepts a single parameter 'domain\account'. Other
methods can be used
# input data. Change the code as necessary.
my ($domain, $account) = split /\\/, $ARGV[0];
# Create and Open ADO connection
my $ADOconn = Win32::OLE->CreateObject("ADODB.Connection");
$ADOconn->{Provider} = "ADSDSOObject";
$ADOconn->Open();
# Make Hex string sid
my $strSid = &ADS_SID_HEXSTRING ($domain, $account);
# print "$strSid\n";
my @MailboxAdsPath = &ADOgetMailbox($strSid, \$ADOconn) if $strSid;
foreach my $mailbox (@MailboxAdsPath)
{
print "MailBox: $mailbox\n";
my ($HexSid, $Name) = &GetSidFromMailbox( $mailbox );
my $NTAccount = &ADS_SID_WINNT_PATH ( $HexSid ) if $HexSid;
print "Account: $NTAccount; $Name\n";}
$ADOconn->Close();
sub ADS_SID_HEXSTRING ($domain, $account)
{
my ($domain, $account) = @_;
# Get SID in a Hex string format from the Domain\User
my $oSid;
if ( $oSid = Win32::OLE->CreateObject("ADsSid") )
{
$oSid->SetAs($ADS_SID_FORMAT{ADS_SID_WINNT_PATH},
"WinNT://$domain/$account");
return $oSid->GetAs($ADS_SID_FORMAT{ADS_SID_HEXSTRING});
}
else
{
print "ERROR: CreateObject(ADsSid): " .
Win32::OLE->LastError() . "\n";
return undef;
}
}
sub ADOgetMailbox ($strSid, \$ADOconn)
{
my $strSid = shift;
my $ADOconnRef = shift;
my @mailboxes;
# Return ADsPath of a mailbox where the associated NT account is
specified.
my $bstrADOQueryString =
"<LDAP://ExchServer>;(&(objectClass=person)(Assoc-NT-Account=$strSid));adspa
th;subtree";
my $objRS;
if(! ($objRS = $$ADOconnRef->Execute($bstrADOQueryString)))
{
print "ADO->Execute error: " . Win32::OLE->LastError() .
"\n";
exit;
}
while (! $objRS->EOF)
{
push (@mailboxes, $objRS->Fields('Adspath')->value);
$objRS->MoveNext;
}
return @mailboxes;
}
#
# This section of code is supposed to lookup the NT account
"Assoc-NT-Account" for a given mailbox.
#
sub GetSidFromMailbox( $ADsPath )
{
my $ADsPath = shift;
# The Heuristics Property of Assoc-NT-Account is set to 12. This
should permit authenticated users access.
# Since we have to Authenticate I used OpenDSObject.
my $objMSPrivMDB;
if (! ($objMSPrivMDB = Win32::OLE->GetObject($ADsPath)))
{
print "GetObject error: " . Win32::OLE->LastError() . "\n";
return undef;
}
$objMSPrivMDB->GetInfoEx(['Assoc-NT-Account','cn'],0);
my $cn = $objMSPrivMDB->Get('cn');
my $nt = $objMSPrivMDB->Get('Assoc-NT-Account');
return $nt, $cn;
}
sub ADS_SID_WINNT_PATH ($HexSid)
{
my ($HexSid) = shift;
# Get NT account from a Hex string formated Sid
my $oSid;
if ( $oSid = Win32::OLE->CreateObject("ADsSid") )
{
$oSid->SetAs($ADS_SID_FORMAT{ADS_SID_HEXSTRING}, $HexSid);
return $oSid->GetAs($ADS_SID_FORMAT{ADS_SID_WINNT_PATH});
}
else
{
print "ERROR: ADS_SID_WINNT_PATH (HexSid): " .
Win32::OLE->LastError() . "\n";
return undef;
}
}
_______________________________________________
Perl-Win32-Admin mailing list
[EMAIL PROTECTED]
To unsubscribe: http://listserv.ActiveState.com/mailman/mysubs
