Follow Slashdot blog updates by subscribing to our blog RSS feed


Forgot your password?
Trust the World's Fastest VPN with Your Internet Security & Freedom - A Lifetime Subscription of PureVPN at 88% off. Also, Slashdot's Facebook page has a chat bot now. Message it for stories and more. ×

Journal Journal: Perl is kicking me in the pants.

So here I am reading through O'reilly's Active Directory Cook Book, 2nd edition. I find a script that will query the AD for all inactive computers outside a specified time and list them for me. I write the script and try to test run it in the compiler.

I get my first error. Something about not having functions declared properly. I mis-typed a few things and corrected those. The comes the second error; Something about the ADODB.command function not working properly. Come to find out, the command to handle more than 1000 entries was written wrong. So I corrected that. Then came the last problem, or so I thought. 'GetObj' needed to replaced with 'GetObject' when pulling the rootDSE with LDAP.

Finally I get it all sorted it out. I debug it and have no errors, so I copy it to my DC on my domain and run it. To my dismay it says that the AD container I'm looking in does not exist. I had picked 'cn=Computers' as it's an upgrade from and NT4 domain and it sticks all of the computer into that container. I remember that I can check the entire domain, so I take that part out completely. I run it again, and finally it works, but... It says there are not computers in my domain that have been inactive for more than 30 weeks. I know there are, but I decide to drop it to 6 weeks. I run it again, and nothing. No results, absolutely nothing.

I don't know if I'm doing anything wrong, but I know there are a lot of computer accounts out there that need to be removed and I'm not going to look through every single one of my machines and right down their name.

Can someone who knows what their doing take a look at this source code and tell me what's up? I've been doing Perl for a day and a half now, so I just can't figure it out. Add to that, that I don't know how to program for real, and it makes it super hard.

Thanks in advance.


# Script Configuration
# Domain and container/OU to check for inactive computer accounts.
my $domain      = 'DOMAIN GOES HERE';

# Set to empty string to query entire domain.
my $computer_cont = 'OU OR AD CONTAINER HERE';

# Number of weeks used to find inactive computers.
my $weeks_ago = WEEKS INACTIVE HERE;

# End Configuration

use strict;
use Win32::OLE;
   $Win32::OLE::Warn = 3;
use Math::BigInt;

# Must convert the number of seconds since $weeks_ago
# to a large integer for comparison against lastLogonTimestamp.
my $sixmonths_secs = time - 60*60*24*7*$weeks_ago;
my $intObj = Math::BigInt->new($sixmonths_secs);
   $intObj = Math::BigInt->new($intObj->bmul('10 000 000'));
my $sixmonth_int = Math::BigInt->new($intObj->badd('116 444 736 000 000 000'));
   $sixmonth_int =~ s/^[+-]//;

# Set up the ADO connections.
my $connObj                        = Win32::OLE->new('ADODB.Connection');
$connObj->{Provider}               = "ADsDSOObject";
my $commObj                        = Win32::OLE->new('ADODB.Command');
$commObj->{ActiveConnection}       = $connObj;
$commObj->SetProperty("Properties", 'Page Size', 1000);

# Grab the default root domain name.
my $rootDSE = Win32::OLE->GetObject("LDAP://$domain/rootDSE");
my $rootNC = $rootDSE ->Get("defaultNamingContext");

#Run ADO Query and print results.
my $query = "<LDAP://$domain/$computer_cont$rootNC>;";
$query .=  "(&(objectclass=computer)";
$query .=    "(objectcategory=computer)";
$query .=    "(lastlogontimestamp<=$sixmonth_int));";
$query .=  "cn,distinguishedName;";
$query .= "subtree";
$commObj->{CommandText} = $query;
my $resObj = $commObj->Execute($query);
die "Could not query $domain: ",$Win32::OLE::LastError,"\n"
  unless ref $resObj;

print "\nComputers that have been inactive for $weeks_ago weeks or more:\n";
my $total = 0;
while (!($resObj->EOF)) {
   my $cn  = $resObj->Fields(0)->value;
   print "\t",$resObj->Fields("distinguishedName")->value,"\n";
print "Total: $total\n";

# This script was modified by Justin Gray
# from O'Reilly's AD Cookbook. All copyrights
# should be respected.
User Journal

Journal Journal: Introduction 1

So, I have finally registered as a member of /. after several years of lurking. I'm not sure why it's taken me so long to hit the register button. Actually for a while, I didn't realize there were members or that there was even a subscription service here. Once I did discover this, I was just lazy.

I don't know anyone on here, and I'm still reading the FAQs about comments and what not. I suppose I'll start reading through discussion threads and commenting, and do that whole thing. Hey, maybe I'll make a few online friends. I'll flatter them with pure drivel and ignorance. =P

In all seriousness, I'm happy to actually try and become an active member in this community. Now, it's off to find people who actually care. Hehe.

Formerly the online persona known as Micronazi.
P.S. The name is utter nonsense. I just couldn't think of anything better. Plus... I'm so 1337. You have no idea. =P

Slashdot Top Deals

Possessions increase to fill the space available for their storage. -- Ryan