This is getting off-topic, lets close the thread with this :) I am not sure specifically about those, but System.Security.Principal.WindowsIdentity does a great job at a lot of related tasks. Alternatively you can find a lot of PInvoke code that deals with this in project Waffle (http://waffle.codeplex.com).
dB. @ dblock.org Moscow|Geneva|Seattle|New York -----Original Message----- From: Castro, Edwin G. (Hillsboro) [mailto:edwin.cas...@fiserv.com] Sent: Friday, December 17, 2010 12:35 PM To: General discussion for Windows Installer XML toolset. Subject: Re: [WiX-users] Running vbscript in customaction Out of curiosity, are the LookupAccountName and LookupAccountSid APIs available from .NET code (without explicit interop)? Edwin G. Castro Software Developer - Staff Electronic Banking Services Fiserv Office: 503-746-0643 Fax: 503-617-0291 www.fiserv.com P Please consider the environment before printing this e-mail > -----Original Message----- > From: dB. [mailto:dbl...@dblock.org] > Sent: Friday, December 17, 2010 5:35 AM > To: General discussion for Windows Installer XML toolset. > Subject: Re: [WiX-users] Running vbscript in customaction > > Note that while the code will work, this might be a very bad plan altogether. > > First, if you're trying to verify whether a user "exists", aka is > available to this machine to be used in any capacity, you're going to > miss local users and users in trusted domains. In 75% of customers > that I have seen the domain trees are much more complicated than > anything you'll setup in a lab. Trusted domains are not just common, > they are the norm. If someone enters n...@trusteddomain.prv, you will > need to go to trusteddomain.prv to find out whether the user exists, > and you might not even have permissions to do so. > > The second problem is that samAccountName is not how most users > actually represent themselves. You have names compatible with Windows > 2000, names compatible with Windows 2003 server and then > fully-qualified names that look like e-mail addresses, all of which > are valid to be used all over Windows. > > Bottom line is that Windows provides LookupAccountName and > LookupAccountSid, APIs that should be used to check whether a user > actually exists. That aggregates all provides, including Active > Directory and always does "the right thing". > > dB. @ dblock.org > Moscow|Geneva|Seattle|New York > > > -----Original Message----- > From: David Watson [mailto:dwat...@sdl.com] > Sent: Friday, December 17, 2010 8:07 AM > To: wix-users@lists.sourceforge.net > Subject: Re: [WiX-users] Running vbscript in customaction > > I got the following running from my desktop (with tweaks to remove the > session object), I've not tried it from an msi though. > > I think your script was getting mangled by the mailing list or your mail > client. > > Function CheckUserExists > Session.Property("IAMUSERNAME") > Set objRootDSE = GetObject("LDAP://rootDSE") > strDNSDomain = objRootDSE.Get("defaultNamingContext") > Set objCommand = CreateObject("ADODB.Command") > Set objConnection = CreateObject("ADODB.Connection") > objConnection.Provider = "ADsDSOObject" > objConnection.Open "Active Directory Provider" > objCommand.ActiveConnection = objConnection > objCommand.CommandText = "<LDAP://" & strDNSDomain & > ">;(&(objectCategory=User)(samAccountName=" & strUserName & > "));samAccountName;subtree" > > Set objRecordSet = objCommand.Execute > If objRecordset.RecordCount = 0 Then > Session.Property("USEREXISTS") = 1 > Else > CheckUserExists = msiDoActionStatusSuccess > End If > objConnection.Close > End Function > > I've never used a vbscript as a CA though as they are pretty horrible. > Did you say that you already have a c# custom action, I would imagine > adding a function to that would be better. > http://www.willasrari.com/blog/query-active-directory-users-using- > c/000133.aspx > > > Dave > > -----Original Message----- > From: sangeeta1 [mailto:snmsn...@gmail.com] > Sent: 16 December 2010 21:27 > To: wix-users@lists.sourceforge.net > Subject: Re: [WiX-users] Running vbscript in customaction > > > I was able to run the script from command line without any problem, so > I think the argument to GetObject( "LDAP: backslash backslash > RootDSE") should be correct, just not sure what the installer engine accepts. > > I am running this CA from UI after the user enter username on screen. > I have a pushbutton ("Check user exists") that invokes this CA. > > I am not a vbscript developer so I could be wrong anytime. > > > I have Phil's book on Windows installer right in front of me...very > good book for beginners. Sadly, it does not have vbscript examples :) thanks > again.. > > > On Thu, Dec 16, 2010 at 4:20 PM, Edwin G. Castro [via Windows > Installer XML > (WiX) toolset] <ml-node+5843532-183584856-306...@n2.nabble.com<ml- > node%2b5843532-183584856-306...@n2.nabble.com> > > wrote: > > > You should really remove the following line: > > > > Set shell = CreateObject() > > > > It used to be > > > > Set shell = WScript.CreateObject("WScript.Shell") > > > > Another question: Is this really valid? > > > > Set objRootDSE = GetObject("LDAP://RootDSE <ldap://RootDSE/>") > > > > I would expect a PROGID as the parameter for GetObject(). > > > > Remember I'm not a vbscript wizard so I might be worrying about nothing. > > > > Edwin G. Castro > > Software Developer - Staff > > Electronic Banking Services > > Fiserv > > Office: 503-746-0643 > > Fax: 503-617-0291 > > www.fiserv.com > > P Please consider the environment before printing this e-mail > > > > > -----Original Message----- > > > From: sangeeta1 [mailto:[hidden > > > email]<http://user/SendEmail.jtp?type=node&node=5843532&i=0>] > > > > > Sent: Thursday, December 16, 2010 12:42 PM > > > To: [hidden > > > email]<http://user/SendEmail.jtp?type=node&node=5843532&i=1> > > > Subject: Re: [WiX-users] Running vbscript in customaction > > > > > > > > > Hi Phil, > > > > > > The custom action function to simply read the Domain name also > > > fails with > > > > > return code 3 > > > > > > Set shell = CreateObject() > > > Set objRootDSE = GetObject("LDAP://RootDSE <ldap://RootDSE/>") > > > > > > > > > I am sure I am missing a lot here...looking for some directions on > > getting it > > > right. > > > > > > thanks! > > > On Thu, Dec 16, 2010 at 1:25 PM, snm snm <[hidden > > email]<http://user/SendEmail.jtp?type=node&node=5843532&i=2>> > > wrote: > > > > > > > > > > > Thanks for the correction. After removing the wscript ref, I am > > > > still seeing the same problem. > > > > I initially thought maybe reading property from session object > > > > is throwing the error, so i hardcoded a value in the variable > > > > and tried it again, but it still throws the same error. > > > > > > > > Is there any way I can log messages - similar to session.Log() > > > > in c# customactions? > > > > > > > > > > > > > > > > ----------------- code ---------- > > > > > > > > Function CheckUserExists() > > > > > > > > 'strUserName = Session.Property("IAMUSERNAME") strUserName = > > > "iaadmin" > > > > ' Determine DNS domain name. > > > > Set objRootDSE = GetObject("ldap://RootDSE/ LDAP://RootDSE") > > > > strDNSDomain = objRootDSE.Get("defaultNamingContext") > > > > > > > > Set objCommand = CreateObject("ADODB.Command") Set > objConnection > > > = > > > > CreateObject("ADODB.Connection") objConnection.Provider = > > > > "ADsDSOObject" > > > > objConnection.Open "Active Directory Provider" > > > > objCommand.ActiveConnection = objConnection > > > objCommand.CommandText = _ > > > > "<LDAP://" & strDNSDomain & ">;(&(objectCategory=User)" & _ > > > > "(samAccountName=" & strUserName & > "));samAccountName;subtree" > > > > > > > > Set objRecordSet = objCommand.Execute If > > > > objRecordset.RecordCount = 0 Then 'WScript.StdOut.WriteLine > > > > "sAMAccountName: " & strUserName & " does not exist." > > > > Session.Property("USEREXISTS") = 1 Else > > > > 'WScript.StdOut.WriteLine strUserName & " exists." > > > > CheckUserExists = msiDoActionStatusSuccess End If > > > > objConnection.Close End Function > > > > > > > > --------- Log ---------------- > > > > > > > > Action 11:42:48: CheckUserExists. > > > > Action start 11:42:48: CheckUserExists. > > > > MSI (c) (E8:94) [11:42:48:993]: Cloaking enabled. > > > > MSI (c) (E8:94) [11:42:48:993]: Attempting to enable all > > > > disabled privileges before calling Install on Server MSI (c) > > > > (E8:94) > > > > [11:42:48:993]: Connected to service for CA interface. > > > > Action ended 11:42:49: CheckUserExists. Return value 3. > > > > DEBUG: Error 2896: Executing action CheckUserExists failed. > > > > The installer has encountered an unexpected error installing > > > > this > > package. > > > > This may indicate a problem with this package. The error code is 2896. > > > > The arguments are: CheckUserExists, , Action ended 11:42:49: > > > > WelcomeDlg. Return value 3. > > > > > > > > > > > > On Wed, Dec 15, 2010 at 11:11 PM, Wilson, Phil-2 [via Windows > > > > Installer XML (WiX) toolset] <[hidden email] > > > > <http://user/SendEmail.jtp?type=node&node=5843532&i=3><ml- > > > > > node%2B5839954-8994 > > > > [hidden email] > > > > <http://user/SendEmail.jtp?type=node&node=5843532&i=4>> > > > > > > > wrote: > > > > > > > >> There is no WScript object in Windows Installer. As its name > > > >> implies, the Wscript object is supplied by the Windows Script > > > >> Host environment, and you're not running in there. Just use > CreateObject(). > > > > > >> > > > >> Phil Wilson > > > >> > > > >> -----Original Message----- > > > >> From: sangeeta1 [mailto:[hidden > > > >> email]<http://user/SendEmail.jtp?type=node&node=5839954&i=0>] > > > >> > > > >> Sent: Wednesday, December 15, 2010 9:22 AM > > > >> To: [hidden email] > > > >> <http://user/SendEmail.jtp?type=node&node=5839954&i=1> > > > >> Subject: [WiX-users] Running vbscript in customaction > > > >> > > > >> > > > >> Hi, > > > >> > > > >> > > > >> I have a vbscript to validate the user in AD and I am having > > > >> trouble running it in the custom Action. Can someone point out > > > >> mistakes in implementing the custom action. > > > >> I am not a vbscript expert here so please pardon my ignorance. > > > >> > > > >> log > > > >> ---- > > > >> > > > >> Action 11:42:48: CheckUserExists. > > > >> Action start 11:42:48: CheckUserExists. > > > >> MSI (c) (E8:94) [11:42:48:993]: Cloaking enabled. > > > >> MSI (c) (E8:94) [11:42:48:993]: Attempting to enable all > > > >> disabled privileges before calling Install on Server MSI (c) > > > >> (E8:94) > > > >> [11:42:48:993]: Connected to service for CA interface. > > > >> Action ended 11:42:49: CheckUserExists. Return value 3. > > > >> DEBUG: Error 2896: Executing action CheckUserExists failed. > > > >> The installer has encountered an unexpected error installing > > > >> this > > package. > > > >> > > > >> This may indicate a problem with this package. The error code > > > >> is 2896. The > > > >> > > > >> arguments are: CheckUserExists, , Action ended 11:42:49: > > > >> WelcomeDlg. Return value 3. > > > >> > > > >> Code > > > >> -------- > > > >> > > > >> <CustomAction Id="CheckUserExists" > BinaryKey="CheckUserExistsKey" > > > >> VBScriptCall="CheckUserExists" > > > >> Execute="immediate"></CustomAction> > > > >> <Binary Id="CheckUserExistsKey" > SourceFile="scripts\ADUserSearch.vbs" > > > >> ></Binary> > > > >> > > > >> vbscript > > > >> ---------- > > > >> > > > >> Function CheckUserExists > > > >> Set shell = WScript.CreateObject("WScript.Shell") > > > >> strUserName = Session.Property("IAMUSERNAME") dtStart = > > > >> TimeValue(Now()) ' Determine DNS domain name. > > > >> Set objRootDSE = GetObject(" ldap://RootDSE/ LDAP://RootDSE") > > > >> strDNSDomain = objRootDSE.Get("defaultNamingContext") > > > >> Set objCommand = CreateObject("ADODB.Command") Set > > > objConnection = > > > >> CreateObject("ADODB.Connection") objConnection.Provider = > > > >> "ADsDSOObject" > > > >> objConnection.Open "Active Directory Provider" > > > >> objCommand.ActiveConnection = objConnection > > > objCommand.CommandText = > > > >> _ "<LDAP://" & strDNSDomain & ">;(&(objectCategory=User)" & _ > > > >> "(samAccountName=" & strUserName & > "));samAccountName;subtree" > > > >> > > > >> Set objRecordSet = objCommand.Execute If > objRecordset.RecordCount > > > >> = > > > 0 > > > >> Then 'WScript.StdOut.WriteLine "sAMAccountName: " & > strUserName > > > >> & > > > " > > > >> does not exist." > > > >> Session.Property("USEREXISTS") = 1 Else > > > >> 'WScript.StdOut.WriteLine strUserName & " exists." > > > >> CheckUserExists = msiDoActionStatusSuccess End If > > > >> objConnection.Close End > > > >> > > > >> > > > > > > -- > > > View this message in context: http://windows-installer-xml-wix- > > > toolset.687559.n2.nabble.com/Running-vbscript-in-customaction- > > > tp5838178p5843379.html > > > Sent from the wix-users mailing list archive at Nabble.com. > > > > > -------------------------------------------------------------------- > > -- > > -------- > > > > > Lotusphere 2011 > > > Register now for Lotusphere 2011 and learn how to connect the > > > dots, take your collaborative environment to the next level, and > > > enter the era of > > Social > > > Business. > > > http://p.sf.net/sfu/lotusphere-d2d > > > _______________________________________________ > > > WiX-users mailing list > > > [hidden email] > > > <http://user/SendEmail.jtp?type=node&node=5843532&i=5> > > > https://lists.sourceforge.net/lists/listinfo/wix-users > > -------------------------------------------------------------------- > > -- > > -------- > > > > Lotusphere 2011 > > Register now for Lotusphere 2011 and learn how to connect the dots, > > take your collaborative environment to the next level, and enter the > > era of Social Business. > > http://p.sf.net/sfu/lotusphere-d2d > > _______________________________________________ > > WiX-users mailing list > > [hidden email] > <http://user/SendEmail.jtp?type=node&node=5843532&i=6> > > https://lists.sourceforge.net/lists/listinfo/wix-users > > > > > > ------------------------------ > > View message @ > > http://windows-installer-xml-wix-toolset.687559.n2.nabble.com/Runnin > > g- vbscript-in-customaction-tp5838178p5843532.html > > > > To start a new topic under wix-users, email > > ml-node+687560-220571316-306...@n2.nabble.com<ml-node%2B687560- > 2205713 > > ml-node+16-306...@n2.nabble.com> > > To unsubscribe from wix-users, click > > here<http://windows-installer-xml- > wix- > toolset.687559.n2.nabble.com/template/NamlServlet.jtp?macro=unsubscrib > e_by_code&node=687560&code=c25tc25tMTBAZ21haWwuY29tfDY4NzU2M > HwtODkyOTExNTcy>. > > > > > > -- > View this message in context: http://windows-installer-xml-wix- > toolset.687559.n2.nabble.com/Running-vbscript-in-customaction- > tp5838178p5843558.html > Sent from the wix-users mailing list archive at Nabble.com. > ---------------------------------------------------------------------- > -------- > Lotusphere 2011 > Register now for Lotusphere 2011 and learn how to connect the dots, > take your collaborative environment to the next level, and enter the > era of Social Business. > http://p.sf.net/sfu/lotusphere-d2d > _______________________________________________ > WiX-users mailing list > WiX-users@lists.sourceforge.net > https://lists.sourceforge.net/lists/listinfo/wix-users > SDL PLC confidential, all rights reserved. > If you are not the intended recipient of this mail SDL requests and > requires that you delete it without acting upon or copying any of its > contents, and we further request that you advise us. > SDL PLC is a public limited company registered in England and Wales. > Registered number: 02675207. > Registered address: Globe House, Clivemont Road, Maidenhead, Berkshire > SL6 7DY, UK. > ---------------------------------------------------------------------- > -------- > Lotusphere 2011 > Register now for Lotusphere 2011 and learn how to connect the dots, > take your collaborative environment to the next level, and enter the > era of Social Business. > http://p.sf.net/sfu/lotusphere-d2d > _______________________________________________ > WiX-users mailing list > WiX-users@lists.sourceforge.net > https://lists.sourceforge.net/lists/listinfo/wix-users > ---------------------------------------------------------------------- > -------- > Lotusphere 2011 > Register now for Lotusphere 2011 and learn how to connect the dots, > take your collaborative environment to the next level, and enter the > era of Social Business. > http://p.sf.net/sfu/lotusphere-d2d > _______________________________________________ > WiX-users mailing list > WiX-users@lists.sourceforge.net > https://lists.sourceforge.net/lists/listinfo/wix-users ------------------------------------------------------------------------------ Lotusphere 2011 Register now for Lotusphere 2011 and learn how to connect the dots, take your collaborative environment to the next level, and enter the era of Social Business. http://p.sf.net/sfu/lotusphere-d2d _______________________________________________ WiX-users mailing list WiX-users@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/wix-users ------------------------------------------------------------------------------ Lotusphere 2011 Register now for Lotusphere 2011 and learn how to connect the dots, take your collaborative environment to the next level, and enter the era of Social Business. http://p.sf.net/sfu/lotusphere-d2d _______________________________________________ WiX-users mailing list WiX-users@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/wix-users
