[THIN] Re: Citrix Password Manager

From: James Scanlon <scanjam@xxxxxxxxxxx>
To: "thin@xxxxxxxxxxxxx" <thin@xxxxxxxxxxxxx>
Date: Mon, 17 Jan 2011 09:02:51 +0000
You rock warren thanks mate

Sincerely
James Scanlon

http://www.hyperactiveproductions.com.au

On 14 Jan 2011, at 22:43, Warren Simondson <caditc@xxxxxxxxxx> wrote:

> The following script tells you who has registered for PM in AD. I wrote this 
> many years ago, but 
> should still work. Also if you use the ADSI Edit tool you will find other 
> values related to each user 
> for PM.
> 
> vb script:
> 
> 'usage: wscript pmfind.vbs c:\userlist.txt
> 
> Dim objConnection, objCommand, OU
> 
> Dim strFilter, strQuery, objRecordSet, objArgs
> 
> strExportFile = wscript.arguments(0)
> 
> set fso = CreateObject("Scripting.FileSystemObject")
> 
> set output = fso.CreateTextFile(strExportFile, True)
> 
> 
> OU = "DC=YOURSITE,DC=LOCAL"
> 'repalce with your LDAP path
> 
> sam = "*"
> 
> Set objConnection = CreateObject("ADODB.Connection")
> 
> Set objCommand = CreateObject("ADODB.Command")
> 
> objConnection.Provider = "ADsDSOOBject"
> 
> objConnection.Open "Active Directory Provider"
> 
> Set objCommand.ActiveConnection = objConnection
> 
> strBase = "<LDAP://" & OU & ">"
> 
> 'Define the filter elements
> 
> strFilter = "(&(objectCategory=person)(objectClass=user)(sAMAccountName=" & 
> sam & "))"
> 
> 'List all attributes you will require
> 
> strAttributes = 
> "distinguishedName,sAMAccountName,givenName,sn,userPrincipalName"
> 
> 'compose query
> 
> strQuery = strBase & ";" & strFilter & ";" & strAttributes & ";subtree"
> 
> objCommand.CommandText = strQuery
> 
> objCommand.Properties("Page Size") = 99999
> 
> objCommand.Properties("Timeout") = 600
> 
> objCommand.Properties("Cache Results") = False
> 
> Set objRecordSet = objCommand.Execute
> 
> objRecordSet.MoveFirst
> 
> Do Until objRecordSet.EOF
> 
>    strDN = objRecordSet.Fields("distinguishedName")
> 
>    'write user DN to screen for debug purpose
>    'Wscript.StdOut.WriteLine strDN
> 
>    'part from original script
>    set ObjUser = GetObject("LDAP://" & strDN)
>    Set objsd = objUser.Get("ntSecurityDescriptor")
>    Set dacl = objsd.DiscretionaryAcl
> 
>    Flag = 0
>    For Each ace In dacl
> 
>        strObjectType = ""
> 
>        'to find out if YOURDOMAIN\passman_proxy has been assigned to the user
>        if (ace.Trustee = "YOURDOMAIN\passman_proxy") Then
>             'output.WriteLine strDN
>            Flag = 1
>            'Exit For
>        End if
>    Next
>    'if the QUF\passman_proxy was never found in the security of the user, 
> write the user to the file
>    if (flag=0) then
>       output.WriteLine strDN
>    End if
> 
>    objRecordSet.MoveNext
> 
> Loop
> ' Clean up.
> 
> objConnection.Close
> 
> Set objConnection = Nothing
> 
> Set objCommand = Nothing
> 
> Set objRecordSet = Nothing
> 
> 
> 
> -- 
> Warren Simondson
> 
> Ctrl-Alt-Del IT Consultancy Pty Ltd
> 
> Website: http://www.ctrl-alt-del.com.au
> 
> 
> 
> 
> 
> 
> 
> 
> On Fri, Jan 14th, 2011 at 10:11 PM, James Scanlon 
> <James.Scanlon@xxxxxxxxxxxxxxxx> wrote:
> 
>> Anyone got a quick way to see who has signed up / registered for the
>> password manager self service?
>> Im assuming its some kind of script to see if the data exists in the AD
>> Account or something?
>> 
>> Any assistance always very much appreciated :)    
>> 
>> James
>> 
>> ______________________________________
>> 
>> C. Hoare & Co. is authorised and regulated by the Financial Services
>> Authority with registration no. 122093.  The FSAâ€™s address is 25, The
>> North Colonnade, Canary Wharf, London E14 5HS.
>> Registered in England no. 240822.  Registered office 37 Fleet St, London,
>> EC4P 4DQ
>> 
>> Confidentiality Disclaimer:
>> This message and attachments are confidential and may be privileged, and
>> are sent for the personal attention of the addressee(s).  If you are not
>> the intended addressee, any use, disclosure or copying of this document is
>> unauthorised. Information transmitted by email may be intercepted, lost,
>> destroyed, corrupted or delayed and as a result, C. Hoare & Co. do not
>> accept responsibility for any errors or omissions in the contents of this
>> message. If you would like to confirm the contents of this email, please
>> request a hard copy version.
>> 
>> If the contents of this message are of a personal nature, the email will
>> have been sent in a personal capacity and not on behalf of C. Hoare & Co.
>> 
>> Monitoring/Viruses:
>> C. Hoare & Co. may monitor all incoming and outgoing emails in line with
>> current legislation. Although emails are screened for viruses, C. Hoare &
>> Co. cannot guarantee that any transmissions will be virus free.
>> ________________________________________
>> 
>> 
> 
> ************************************************
> For Archives, RSS, to Unsubscribe, Subscribe or 
> set Digest or Vacation mode use the below link:
> //www.freelists.org/list/thin
> Follow ThinList on Twitter
> http://twitter.com/thinlist
> ************************************************
> 
************************************************
For Archives, RSS, to Unsubscribe, Subscribe or
set Digest or Vacation mode use the below link:
//www.freelists.org/list/thin
Follow ThinList on Twitter
http://twitter.com/thinlist
************************************************
References:
- [THIN] Citrix Password Manager
  - From: James Scanlon
- [THIN] Re: Citrix Password Manager
  - From: Warren Simondson
[THIN] Re: Citrix Password Manager

Other related posts:
