When the script is executed, the HelpDesk user sees the menu below, which allows only the task the administrator
has decided that he or she is allowed to perform. All that is required to produce the application below including
all functionality and validation, is only 150 script lines including comments and readability spacing, and requires no embedding
of graphics or third-party tools!
About 90 percent of the script itself is querying the end-user for information, asking for verification and wrappers.
The actual operations performed, are always only one script line.
When scripting the Active Directory with FastTrack Scripting Host, no knowledge of the inner workings of the Active Directory is required.
Interfacing with the Active Directory requires all objects named by their full distinguished name, but FastTrack Scripting Host will resolve this for you;
you
enter the full distinguished name of an object, but in general, just use the names shown in "Active Directory Users and Computers". The
domain, the object location in the organizational unit tree and the actual distinguished name of the object will automatically be resolved at run-time for you.
Below a list of the actual Active Directory commands and collections used in this example script to perform the Active Directory operations.
Collections are typically used for loops and list menus and in this example the collections are used to feed the ListMenu function with values,
to a produce a selectable list. For readability, variables are in the two tables below are replaced by static values.
FastTrack Scripting Host is the only scripting language available that delivers a real
graphical user interface to the scripter, without requiring any kind of graphics skills.
This example script uses only built-in menus, icons and dialogs that are easy to use when writing scripts.
Every time the HelpDesk user clicks a menu item, a new graphical user interface is shown with professional
looking dialog boxes. When clicking "Create User" for instance, information about the new user must be entered.
It requires just one simple script line with the MultiInput command to produce the screen below to the left, where all fields are returned as variables
for the further processing. When the information is entered, a list of all organizational units are displayed to
request organizational placement of the new user, as shown below to the right. This also requires just one
script line, where the collection AllOUs is fed to the ListMenu function.
In most cases, it is preferable not to have to execute the actual script as an administrator.
To avoid this, you can simple insert a single line at the top to change the executing user of the
script, which is a version 7.2+ feature. The password for your domain admin user is irreversible and must be encoded inside the
script editor. Licensed users can encrypt the whole script to also hide the domain admin user name.
The script listed is available directly in the script editor. Go to the "Documentation" tab,
select "HelpDesk Example Application" under the "Insert Example Script" submenu and press F5 to execute it.
/******************************************************************************
HelpDesk Demo Script by
FastTrack Software
This script may be used for any purpose without permission from the author
******************************************************************************/
/****************
ELEVATE FROM UAC (SUPPORTED FROM VERSION 7.2) *****************/
ElevateUser
/*********************************
SHOW MENU **********************************/
:Restart
SetVar Selection,[Menu
HelpDesk Application,Shield|Create User,Trashcan|Delete
User,Lock|Disable User,Config|Enable User,_
Connected|Change User
Password,Network|Unlock User Account,Defrag|Move User,Tools|Show User Groups,_
Download|Show Group
Members,NetworkFolder|Add User To Group,ControlPanel|Remove User From Group]
If Not
[Var Selection]=[Blank]
Then Goto [Var Selection]
Exit
/*******************
CREATE USER ACCOUNT IN A SELECTABLE OU *******************/
:Create User
MultiInput New
User,UserName|User name (Initials),First name,Last name,Password
If Not
[Var UserName]=[Blank]
Then
SetVar SelectedOU,[ListMenu
Select location,Root,[AllOUs]]
If Not [Var
SelectedOU]=[Blank]
Then
If Ask "Are
you sure you wish to create the user [Var UserName] in
the location [Var SelectedOU]?"
Then
If [Var SelectedOU]=Root
Then
CreateUserPlain [Var
UserName],[Var
Password]
Else
CreateUserPlain [Var
UserName],[Var
Password],[Var
SelectedOU]
End If
SetUserName [Var UserName],[Var
First name],[Var
Last name]
ShowMessage "User
[UserFullName [Var UserName]] is
now created and ready to logon"
End If
End If
End If
Goto Restart
/****************************
DELETE USER ACCOUNT *****************************/
:Delete User
SetVar SelectedUser,[ListMenu
Select user,[AllUsers]]
If Not
[Var SelectedUser]=[Blank]
Then
If Ask "Are
you SURE you wish to DELETE the user [Var SelectedUser]?"
Then
DeleteUser [Var SelectedUser]
ShowMessage "User
[Var SelectedUser] is
now deleted and can no longer log on to the network"
End If
End If
Goto Restart
/****************************
DISABLE USER ACCOUNT ****************************/
:Disable User
SetVar SelectedUser,[ListMenu
Select user,[AllUsers]]
If Not
[Var SelectedUser]=[Blank]
Then
If Ask "Are
you sure you wish to disable the user [Var SelectedUser]?"
Then
DisableUser [Var SelectedUser]
ShowMessage "User
[Var SelectedUser] is
now disabled and can no longer log on"
End If
End If
Goto Restart
/****************************
ENABLE USER ACCOUNT *****************************/
:Enable User
SetVar SelectedUser,[ListMenu
Select user,[AllUsers]]
If Not
[Var SelectedUser]=[Blank]
Then
If Ask "Are
you sure you wish to enable the user [Var SelectedUser]?"
Then
EnableUser [Var SelectedUser]
ShowMessage "User
[Var SelectedUser] is
now enabled"
End If
End If
Goto Restart
/****************************
UNLOCK USER ACCOUNT *****************************/
:Unlock User
Account
SetVar SelectedUser,[ListMenu
Select user,[AllUsers]]
If Not
[Var SelectedUser]=[Blank]
Then
If Ask "Are
you sure you wish to unlock the user [Var SelectedUser]?"
Then
UnlockUser [Var SelectedUser]
ShowMessage "User
account [Var SelectedUser] is
now unlocked"
End If
End If
Goto Restart
/****************************
CHANGE USER PASSWORD ****************************/
:Change User
Password
SetVar SelectedUser,[ListMenu
Select user,[AllUsers]]
If Not
[Var SelectedUser]=[Blank]
Then
SetVar Password,[InputPassword
Enter new password]
If Ask "Are
you sure you wish to change the password for user [Var SelectedUser]?"
Then
SetUserPasswordPlain [Var
SelectedUser],[Var
Password]
UnlockUser [Var
SelectedUser]
''Just in case the user has tried with bad passwords
ShowMessage "The
user [Var SelectedUser] can
now log on with the new password"
End If
End If
Goto Restart
/*****************************
MOVE USER ACCOUNT *****************************/
:Move User
SetVar SelectedUser,[ListMenu
Select user,[AllUsers]]
If Not
[Var SelectedUser]=[Blank]
Then
SetVar SelectedOU,[ListMenu
Select new location,[AllOUs]]
If Ask "Are
you sure you wish to move the user [Var SelectedUser] to
[Var SelectedOU]?"
Then
MoveUser [Var SelectedUser],[Var
SelectedOU]
ShowMessage "User
[Var SelectedUser] is
now moved to location [Var SelectedOU]"
End If
End If
Goto Restart
/*****************************
SHOW USER'S GROUPS *****************************/
:Show User
Groups
SetVar SelectedUser,[ListMenuForced
Select user,[AllUsers]]
SetVar SelectedGroup,[ListMenu
User [Var SelectedUser] is
member of:,[UserGroups [Var SelectedUser]]]
Goto Restart
/*****************************
SHOW GROUP MEMBERS *****************************/
:Show Group
Members
SetVar SelectedGroup,[ListMenuForced
Select a group,[AllGroups]]
SetVar SelectedMember,[ListMenu
Members of [Var SelectedGroup],[GroupUsers
[Var SelectedGroup]]]
Goto Restart
/*****************************
ADD USER TO GROUP ******************************/
:Add User To
Group
SetVar SelectedGroup,[ListMenu
Select a group,[AllGroups]]
If Not
[Var SelectedGroup]=[Blank]
Then
If [IndexOf [Var SelectedGroup],Admin]>0
Then
ShowMessage "You
cannot add users to any administrator group!"
Else
SetVar SelectedUser,[ListMenu
Select a user to add,[AllUsers]]
If Not [Var
SelectedUser]=[Blank]
Then
If Ask "Are
you sure you wish to add [UserFullName [Var SelectedUser]] to
the group [Var SelectedGroup]?"
Then
AddUserToGroup [Var SelectedUser],[Var
SelectedGroup]
ShowMessage
"User [UserFullName
[Var SelectedUser]] is now
a member of the group [Var SelectedGroup]"
End If
End If
End If
End If
Goto Restart
/***************************
REMOVE USER FROM GROUP ***************************/
:Remove User
From Group
SetVar SelectedGroup,[ListMenu
Select a group,[AllGroups]]
If Not
[Var SelectedGroup]=[Blank]
Then
If [IndexOf [Var SelectedGroup],Admin]>0 Then
ShowMessage "You
cannot remove users from any administrator group!"
Else
SetVar SelectedUser,[ListMenu
Select a user to remove,[GroupUsers [Var SelectedGroup]]]
If Not [Var
SelectedUser]=[Blank]
Then
If Ask "Are
you sure you wish to remove [UserFullName [Var SelectedUser]] from
the group [Var SelectedGroup]?"
Then
RemoveUserFromGroup [Var
SelectedUser],[Var
SelectedGroup]
ShowMessage "User
[UserFullName [Var SelectedUser]] is
no longer member of the group [Var SelectedGroup]"
End If
End If
End If
End If
Goto Restart