问题
Dear LotusScript Gurus,
I am developing a Lotus Notes agent who should synch our Windows 2003 AD with our Lotus Domino Directory (V 7.0.3 Server/Client).
I am using the ADODB.Connection and ADODB.Command processes to connect it and query the AD users.
This is the command text:
objCommand.CommandText = "<LDAP://ou=DMHU Users,dc=some,dc=kindof,dc=domain>;(&(objectCategory=person)(objectClass=user));name,lastLogon;subTree"
Then I would access the content of the field "lastLogon":
objRecordSet.Fields("lastLogon").Value
but this is empty while the field "name" has the correct values (I know that the lastLogon field is a 64bit date - integer or so).
Using the same query e.g. in a VBScript receives the lastLogon content well.
Also using the SQL like query within the LotusScript code gives the same empty lastLogon value.
Does anybody have an idea?
Thanks in advance!
回答1:
Finally I have found the solution.
To access the lastLogon (and so kind AD variables) first of all an object has to be set which receives the current AD user object:
Set objUser = GetObject(rs.Fields("adspath").Value)
...
then the lastLogon has to be set as an object, as well:
Set objLastLogon = objUser.Get("lastLogonTimeStamp")
This OLE object will have a HighPart and a LowPart member. Using that members the last logon date and time can be calculated.
This blog entry opened my eyes: http://sgwindowsgroup.org/blogs/badz/archive/2010/03/01/querying-for-the-lastlogontimestamp-attribute-of-all-users-in-an-ou.aspx
Here is the function implemented by me which can receive the CN and lastLogonTimeStamp of a specific user.
Sub getADUserLastLogon(sUser As String)
Dim workspace As New NotesUIWorkspace
Dim conn As Variant
Dim sRoot As String
sRoot = "LDAP://ou=USERS_OR_WHATEVER,dc=my,dc=domain"
Set oConn = CreateObject("ADODB.Connection")
oConn.Provider = "ADSDSOObject"
oConn.Open "Ads Provider", "USERNAME", "SECRETPWD" ' open connection with specific user credentials
Dim rs
Set rs = oConn.Execute("<" & sRoot & ">;(&(objectCategory=person)(objectClass=user)(cn=" & sUser & "));" &_
"adspath,distinguishedname,sAMAccountName,cn,mail,telephoneNumber,lastLogonTimeStamp;subtree")
While Not (rs.EOF)
On Error Resume Next
Set objUser = GetObject(rs.Fields("adspath").Value)
'Print "getting user: " & objUser.Get("cn")
Set objLastLogon = objUser.Get("lastLogonTimeStamp")
Dim intLastLogonTime As Double
intLastLogonTime = (objLastLogon.HighPart * (2^32)) + objLastLogon.LowPart ' due to the 64 bit number
intLastLogonTime = intLastLogonTime / (60 * 10000000) ' convert from 100nanosec to minutes
intLastLogonTime = intLastLogonTime + 60 ' local timezone
intLastLogonTime = intLastLogonTime / 1440 ' convert to hours
intLastLogonTime = intLastLogonTime + Datenumber(1601,1,1)
Call workspace.CurrentDocument.Document.ReplaceItemValue("txtADResult", _
workspace.CurrentDocument.FieldGetText("txtADResult") & Chr(13) & _
rs.Fields("cn").Value & " Last Logon: " & Format$(Cdat(intLastLogonTime), "yyyy.mm.dd. hh:nn:ss"))
rs.MoveNext
Wend
End Sub
来源:https://stackoverflow.com/questions/13414958/query-ad-using-lotusscript-lastlogon-value-empty