Monday, June 18, 2007

ADSI Kixtart UDF for Citrix login

Having a mixed mode environment gave us a lot of hassle when logging in to NT and querying group membership in AD... Specially in our case, we have nested OU's...

Ifmember.exe is useful for this problem but it does cause a slight delay in the login process and the users are complaining on the slow login session, some couldn't wait and cancels the connection... catastrophic experience ends up as a global complain... hmmm... some people are just impatient...

So to be able to execute an ADSI query through kix login script the function below can be inserted anywhere in the login script to perform InGroup query... or this can fully replace the built in InGroup function in kixtart.


Code Snippet:

  1. Function fnInGroupAD($sGroup,Optional $bComputer)
  2. Dim $objSys,$objTarget,$aMemberOf,$sMemberOf
  3. $objSys = CreateObject("ADSystemInfo")
  4. $objTarget = GetObject("LDAP://"+Iif($bComputer,$objSys.ComputerName,$objSys.UserName))
  5. $aMemberOf = $objTarget.GetEx("memberOf")
  6. For Each $sMemberOf in $aMemberOf
  7. If InStr($sMemberOf,"CN="+$sGroup+",")
  8. $fnInGroupAD = Not 0
  9. Exit
  10. EndIf
  11. Next
  12. $fnInGroupAD = NOT 1
  13. EndFunction

If at first you fail, call it version 1.0

Scribbled by The Prodigal Son at 3:34 PM

Tags: , , , , , , , , , ,

No comments:

Post a Comment

Subscribe to: Post Comments (Atom)