i am working with AD Server,i want to get the maxpwdAge attribute value...
i already try ADSi for that,but it gives an issue.
VARIANT var;
bsNamingContext=L"maxpwdAge";
hr = ADsGetObject(pszADsPath, IID_IADsUser, (void**) &pUser);
if(SUCCEEDED(hr))
{
VariantInit(&var);
hr = pUser->Get(bsNamingContext, &var);
}
but,it gives -2147463155 (8000500d) error...
but i am using bsNamingContext=L"cn";
it gives the CN values correctly...
anyone can resolve it?
maxpwdAge is not included in user/contact/person LDAP class, so you can not retrieve it that way.
You need to query it from domain object, not user object
Try this:
Const ONE_HUNDRED_NANOSECOND = .000000100 ' .000000100 is equal to 10^-7
Const SECONDS_IN_DAY = 86400
Set objDomain = GetObject("LDAP://DC=fabrikam,DC=com") ' LINE 4
Set objMaxPwdAge = objDomain.Get("maxPwdAge") ' LINE 5
If objMaxPwdAge.LowPart = 0 Then
WScript.Echo "The Maximum Password Age is set to 0 in the " & _
"domain. Therefore, the password does not expire."
WScript.Quit
Else
dblMaxPwdNano = Abs(objMaxPwdAge.HighPart * 2^32 + objMaxPwdAge.LowPart)
dblMaxPwdSecs = dblMaxPwdNano * ONE_HUNDRED_NANOSECOND ' LINE 13
dblMaxPwdDays = Int(dblMaxPwdSecs / SECONDS_IN_DAY) ' LINE 14
WScript.Echo "Maximum password age: " & dblMaxPwdDays & " days"
End If
UPDATE:
To convert large integer to human readable value use IADsLargeInteger dispatch interface
Note 1 : Example is in VB, but you can easily rewrite it, because of COM.
Note 2 : maxpwdAge is not configured per user, but per domain (until fine-grained password policies are enabled)
Further readings:
http://msdn.microsoft.com/en-us/library/ms974598.aspx [Recommended]
http://msdn.microsoft.com/en-us/library/cc220201%28prot.20%29.aspx
http://ldapwiki.willeke.com/wiki/AD%20Determining%20Password%20Expiration
http://ldapwiki.willeke.com/wiki/Domain%20Wide%20Account%20Policies
I struggled with this one too. Eventually, I was able to get it with the following criteria.
baseDN: 'DC=myofficedomain,DC=local',
filter: '(objectClass=domain)',
attributes: ['maxPwdAge']
I hope this helps anyone else using ldapsearch or NodeJS with ActiveDirectory.
Related
I'm curious if this is the correct method to use the like operator when using queryExecute() in a cfscript function.
if( len(arguments?.lastName) ){
local.sqlWhere & = " AND t_lastname LIKE :lName";
local.sqlParams.lName = { value : arguments.lastName & '%', cfsqltype:'cf_sql_varchar'};
};
Is it just appended like a string with & '%'?
I've just go through your issue. In coldfusion & symbol always concatenation the two string. So we could not able to use like that. Here I've wrote some sample code for you please check that. I hope it will more help full to wrote a script based query.
local.MyQry = "SELECT * FROM Users WHERE 1=1 ";
I've used same condition from you. Not sure about your conditions
if( len(arguments?.lastName) ){
local.MyQry &= " AND Email like :email"
}
Here concatenate the query with previous one if the condition is true. And mentioned :(colon as we are going to use as queryparam)
local.qry = new Query( datasource = 'your DB name' , sql = Local.MyQry);
if( len(arguments?.lastName) ){
local.qry.addParam( name="email", value="%#Arguments.email#%", cfsqltype="cf_sql_varchar");
}
return local.qry.execute();
You can give the % symbol here based on your scenario . Ex %#Arguments.email#. or %#Arguments.email#%
I hope this will help you more. Thanks
I'm seeing a behavior in the Google DLP library that puzzles me, and I'm hoping for some clarification. I'm using the Java wrapper library, google-cloud-dlp version 0.34.0-beta. Given the input:
Collection<String> input = Lists.newArrayList("Jenny Tutone 2665 Agua Vista Dr Los Gatos CA 95030 (408) 867-5309 or 408.867.5309x100"
I'm seeing the output:
███ █ ████ or █
If I pass in the same string as a collection of substrings:
Collection<String> input = Lists.newArrayList("Jenny Tutone", "2665 Agua Vista Dr", "Los Gatos", "CA 95030", "(408) 867-5309", "or", "408.867.5309x100");
I see very different results:
███, 2665 █, █ Gatos, █ 95030, █, or, █
I'm using all the InfoType types that I could find, which amounts to 67 of them. Am I doing something wrong here?
This is the meat of the code that invokes the Google DLP library:
private Collection<String> redactContent(Collection<String> input,
String replacement,
Likelihood minLikelihood,
List<InfoType> infoTypes) {
// Replace select info types with chosen replacement string
final Collection<RedactContentRequest.ReplaceConfig> replaceConfigs = infoTypes.stream()
.map(it -> RedactContentRequest.ReplaceConfig.newBuilder().setInfoType(it).setReplaceWith(replacement).build())
.collect(Collectors.toCollection(LinkedList::new));
final InspectConfig inspectConfig =
InspectConfig.newBuilder()
.addAllInfoTypes(infoTypes)
.setMinLikelihood(minLikelihood)
.build();
long itemCount = 0;
try (DlpServiceClient dlpClient = DlpServiceClient.create(settings)) {
// Google's DLP library is limited to 100 items per request, so the requests need to be chunked if the
// number of input items is greater.
Stream.Builder<Stream<ContentItem>> streamBuilder = Stream.builder();
for (long processed = 0; processed < input.size(); processed += maxItemsPerRequest) {
Collection<ContentItem> items =
input.stream()
.skip(processed)
.limit(maxItemsPerRequest)
.filter(item -> item != null && !item.isEmpty())
.map(item ->
ContentItem.newBuilder()
.setType(MediaType.PLAIN_TEXT_UTF_8.toString())
.setData(ByteString.copyFrom(item.getBytes(Charset.forName("UTF-8"))))
.build()
)
.collect(Collectors.toCollection(LinkedList::new));
RedactContentRequest request = RedactContentRequest.newBuilder()
.setInspectConfig(inspectConfig)
.addAllItems(Collections.unmodifiableCollection(items))
.addAllReplaceConfigs(replaceConfigs)
.build();
RedactContentResponse contentResponse = dlpClient.redactContent(request);
itemCount += contentResponse.getItemsCount();
streamBuilder.add(contentResponse.getItemsList().stream());
}
return streamBuilder.build()
.flatMap(stream -> stream.map(item -> item.getData().toStringUtf8()))
.collect(Collectors.toCollection(LinkedList::new));
}
}
Context can influence findings. Also in the case of an address, parts of the address may influence other parts. For example "Mountain View CA 94043" may match as a LOCATION but just "94043" by itself may not. When running this analysis, we don't cross cell boundaries when deciding on context and so in your second ArrayList example each string is looked at individually (in its own context).
Note: I am the PM for the DLP API.
I have the log file of which i have pasted two rows below:
Nov 26 14:20:32 172.16.0.1 date=2014-11-26 time=14:18:37 devname=XXXXCCCFFFFF devid=XXXCCVVGFFDD logid=3454363464 type=traffic subtype=forward level=notice vd=root srcip=172.16.1.251 srcport=62032 srcintf="Combo_LAN" dstip=X.X.X.X dstport=X dstintf="wan2" sessionid=16172588 status=close user="X.X" group="Open Group" policyid=2 dstcountry="United States" srccountry="Reserved" trandisp=snat transip=X.X.X.X transport=X service=HTTP proto=6 applist="Block_Applications" duration=11 sentbyte=2377 rcvdbyte=784 sentpkt=6 rcvdpkt=7 identidx=5 utmaction=passthrough utmevent=webfilter utmsubtype=ftgd-cat urlcnt=1 hostname="tacoda.at.atwola.com" catdesc="Advertising"
Nov 26 14:20:32 172.16.0.1 date=2014-11-26 time=14:18:37 devname=XXXXCCCFFFFF devid=XXXCCVVGFFDD logid=3454363464 type=utm subtype=webfilter eventtype=ftgd_allow level=notice vd="root" policyid=2 identidx=5 sessionid=15536743 user="X.X" srcip=X.X.X.X srcport=X srcintf="Combo_LAN" dstip=X.X.X.X dstport=80 dstintf="wan2" service="http" hostname="streaming.sbismart.com" profiletype="Webfilter_Profile" profile="Open Group_Policy" status="passthrough" reqtype="direct" url="/diffusion/" sentbyte=984 rcvdbyte=202 msg="URL belongs to an allowed category in policy" method=domain class=0 cat=18 catdesc="Brokerage and Trading"
My question is i can parse the data if number of columns and order is fixed.
But, how do i parse the dynamic columns in the config file so that i don't get the _grokparsefailure?
Ruby Plugin can help you.
Here is the configuration:
input {
stdin{
}
}
filter {
ruby {
code => '
msg = event["message"]
msgIndex = msg.index("date=")
msgInsert = msg[msgIndex..-1]
msgMap = msgInsert.scan(/(\w+)=("(.*?)"|([^ ]+))/).map { |(first, second)| [first, second] }
for x in msgMap
key = x[0]
value = x[1]
event[key] = value
end
'
}
}
output {
stdout{
codec => rubydebug
}
}
First, get all the key=value pair by index the start value date=
Then map all the key,value to string array.
Use For loop to insert all the value.
I have try your logs and I can create all the correspond field with the value.
Hope this can help you
The simple answer to avoiding grokparsefailure is to provide a valid pattern that matches your input. That said, your question seems to imply that the fields are not always specified in this order. Given the examples, you should be using the "kv" filter to split these key/value pairs into fields.
I have a command line application which executes a query. Here is the code.
Problem is that it receives an access token of the form "abc...|xyz...". There is
no session portion. But the token returned is useless for executing my query to
select insights for a page of mine. Help !!
const string permissions = "manage_pages,read_insights,offline_access";
dynamic oauthClient = new FacebookOAuthClient() ;
oauthClient.AppId = username ;
oauthClient.AppSecret = password ;
dynamic parameters = new ExpandoObject() ;
parameters.scope = permissions ;
parameters.response_type = "token" ;
// parameters.grant_type = "client_credentials" ;
dynamic result = oauthClient.GetApplicationAccessToken(parameters);
string token = result.access_token ;
// token comes back as "abc...|xyz..."
var fb = new FacebookClient(token);
string query = " select metric, value " +
" from insights " +
" where object_id = MY_PAGE and " +
" metric in ( 'page_impressions' , 'page_stories') and " +
" end_time >= end_time_date('2012-02-21') and " +
" end_time <= end_time_date('2012-02-11') and " +
" period = period('day') " ;
dynamic result2 = fb.Query(query) ; // Exception generated on this line.
return result2 ;
Any ideas?
The error you are getting is from Facebook and it is simply saying you don't have a valid token to make the request. You must request a user access token using OAuth. After you have a valid access token you can make your request with the following code:
var fb = new FacebookClient("valid_user_access_token");
string query = "YOUR FQL QUERY HERE";
dynamic result = fb.Query(query);
To learn how to get a valid access token read the Facebook documentation here: https://developers.facebook.com/docs/authentication/
Hi I am using WMI to change the remote registry value for USBSTOR. I want to change the value of start attribute to 4 or 3 for enabling and disabling.
But the datatype for Start attribute in registry is DWORD, if i can the datatype to size it does not work .
I need to keep the Datatype to DWORD. Can someone please tell me how to setDWORDValue using WMI, following is the piece of code that i tried, it worked succesfully but still the value of start field is unchanged in registry.
const uint HKEY_LOCAL_MACHINE = 0x80000002;
ManagementBaseObject methodParams = registryTask.GetMethodParameters(typeOfValue);
methodParams["hDefKey"] = HKEY_LOCAL_MACHINE;// BaseKey;
methodParams["sSubKeyName"] = #"SYSTEM\\CurrentControlSet\\Servic\\USBSTOR";
methodParams["sValueName"] = "Start";
try
{
methodParams["sValue"] = "3";
}
catch
{
methodParams["uValue"] = (UInt32)Convert.ToInt32("3");
}
ManagementBaseObject exitValue = registryTask.InvokeMethod(typeOfValue, methodParams, null);
Simple solution using python.
import wmi
import win32api,_winreg
c = wmi.WMI()
# To get the binary value of particular subkey
# Please note that 0x80000002 represents HKEY_LOCAL_MACHINE
ReturnValue, uValue = c.StdRegProv.GetBinaryValue(0x80000002,"AFD","SYSTEM\CurrentControlSet\Services")
# To get the list of all the subkeys available in particular key
ret, subKeys = c.StdRegProv.EnumKey (0x80000002, "SYSTEM\CurrentControlSet\Services")
print ret
for key in subKeys:
print key
ReturnValue=c.StdRegProv.SetDWORDValue(0x80000002,"Type","SYSTEM\CurrentControlSet\Services\USBSTOR",0x4)
#HKEY_CLASSES_ROOT (2147483648 (0x80000000))
#HKEY_CURRENT_USER (2147483649 (0x80000001))
#HKEY_LOCAL_MACHINE (2147483650 (0x80000002))
#HKEY_USERS (2147483651 (0x80000003))
#HKEY_CURRENT_CONFIG (2147483653 (0x80000005))
#HKEY_DYN_DATA (2147483654 (0x80000006))
Yes it can be done. Here's the code, referencing this Microsoft link and this one. Replace 3389 with the new value you want to use, and change the key as needed:
const HKEY_LOCAL_MACHINE = &H80000002
strComputer = "."
'Set StdOut = WScript.StdOut
Set oReg=GetObject( _
"winmgmts:{impersonationLevel=impersonate}!\\" &_
strComputer & "\root\default:StdRegProv")
strKeyPath = "SYSTEM\CurrentControlSet\Control\Terminal Server\WinStations\RDP-Tcp"
strValueName = "PortNumber"
' Display old value
oReg.GetDWORDValue HKEY_LOCAL_MACHINE,strKeyPath,strValueName,dwValue
WScript.Echo "Old RDP value=" & dwValue
' Set new value
dwValue= 3389
oReg.SetDWORDValue HKEY_LOCAL_MACHINE,strKeyPath,strValueName,dwValue
If Err = 0 Then
oReg.GetDWORDValue _
HKEY_LOCAL_MACHINE,strKeyPath,strValueName,dwValue
WScript.Echo "New RDP Value =" & dwValue
Else
WScript.Echo "Error in creating key" & _
" and DWORD value = " & Err.Number
End If