On 05/23/2012 06:48 AM, Hervé Hénoch wrote:
Hello
I've modified AD schema by adding a new auxiliary class (iscA) with an
auxilairy attribute (iscA1).
I've followed this explanation /_*entirely*_/ :
http://semifershome.free.fr/semifer/index.php?2008/02/12/42-etendre-le-schema-active-directory-classes-attributs-et-display-specifiers
I've named the menu item with the same name (AllowedService). By
right-clicking on a AD user then on the menu AllowedService, the
following script is executed and it is intended to modify iscA1
attribute. The script is :
/set args = WScript.arguments
Set user = GetObject(args(0))
temp = InputBox("iscA1 value", "Set iscA1", user.iscA1)
user.put "iscA1", temp
user.setInfo/
My first problem : when I right-click I've the message : "this object
does not support this property or method".
Precision : i've linked my new auxiliary class with user class.
So i've created the following script which add iscA class and iscA1
attribute to a specific user :
/
Set user = GetObject("LDAP://cn=toto,cn=users,<my domain>")
user.GetInfo
user.PutEx 3, "objectClass", Array("iscA")
user.Put "isc1", "toto"
Is it a typo that you set the attribute "isc1" and not "iscA1" ?
user.SetInfo/
After the execution of this script the right-click above run and I can
modify the value of iscA1 attribute for user toto.
But I can't see the last value (given by /user.iscA1/) : always empty
while in the LDAP database I can see the value is correctly set.
Two questions :
1) Why the first script fail ? Why must I execute the second script
first ?
2) Why can't i see the last value of iscA1 when I run the first script ?
As you are using auxiliarly class this should work, can we check a few
things:
1) What is the ouput of ldbsearch -H ldap://dc_ip --cross-ncs
'(ldapdisplayname=iscA)'
2) What is the output of ldbsearch -H ldap://dc_ip --cross-ncs
'(auxiliaryClass=iscA)'
We might have a bug in the way the auxiliary class is registered to its
parent class.
Could you make a test with you script to set the unixHomeDirectory, it's
also linked the user objectclass with the posixaccount auxiliary class.
Would be good to trace also the whole stuff, see
https://wiki.samba.org/index.php/Capture_Packets
https://wiki.samba.org/index.php/Keytab_Extraction
In how to make capture and extract keytab in order to be able to decrypt
encrypted traffic.
Matthieu
--
Matthieu Patou
Samba Team
http://samba.org
--
To unsubscribe from this list go to the following URL and read the
instructions: https://lists.samba.org/mailman/options/samba
