This question already has answers here:
Capture output value from a shell command in VBA?
(8 answers)
Closed last year.
I am trying to make a ticket tool we have where I work a little better and make it so the tech team doesn't have to open Active Directory to make sure the ticket sender is eligible to make certain requests. What I need is the ability to run net user /domain <username> then collect the comment line and store it in a variable in VBA. The variable will then be sent in an email to the ticket software along with anything the user entered in the text boxes.
My thoughts were to run the command and send the output string to another variable then pull the line information from the larger output since I cant seem to find a way to get only the comment.
I've added a sample of the output below with an arrow pointing at the data that needs extracted into the variable.
I'm still pretty new to VBA so bear with me.
C:\Users\jdoe\Desktop>net user /domain jdoe
The request will be processed at a domain controller for domain StackOverflow.wh.
User name jdoe
Full Name John Doe
Comment Anlst Tech Supp <----- this is what needs extracted
User's comment
Country/region code 000 (System Default)
Account active Yes
Account expires Never
Password last set 11/1/2021 8:58:44 AM
Password expires 1/30/2022 8:58:44 AM
Password changeable 11/1/2021 8:58:44 AM
Password required Yes
User may change password Yes
Workstations allowed All
Logon script
User profile
Home directory
Last logon 1/15/2022 11:43:12 AM
Logon hours allowed All
Local Group Memberships
Global Group memberships *Domain Users
The command completed successfully.
On Error Resume Next
Set objWMIService = GetObject("winmgmts:\\.\root\cimv2")
Set config = objWMIService.ExecQuery("Select * From Win32_UserAccount")
For Each thing in Config
Msgbox thing.caption & " " & thing.Description
Next
Programmers don't call user's commands. They are for humans not programs.
See https://learn.microsoft.com/en-us/windows/win32/cimwin32prov/win32-useraccount for more info.
Related
Anyone know what "logins -axo" means in linux os (for Oracle database)? and how to read the result?
i've got result below:
root:0:root:0:Super-User:/root:/sbin/sh:PS:092222:-1:28:21:-1:0
I don't know Linux, but - the only logins command I found is related to IBM's AIX.
Flags you used mean:
-a: In addition to the default output, the -a flag adds two password expiration fields to the display. These fields show how many days a password can remain unused before it automatically becomes inactive and the date that the password will expire.
-o: Formats output into one line of colon separated fields.
-x: Prints an extended set of information about each selected user. Information for each user is printed on a separate line containing the home directory, login shell, and password aging information. The extended information includes the following:
The password status
The date on which the password was last changed
The number of days required between changes
The number of days allowed before a change is needed
The number of days that the user will receive a password expiration warning message before the password expires
The password status is displayed in an abbreviated form as PS for logins with password, NP for no password or LK for locked.
I am working on an authentication system for a local server jupyterhub that relies on OAuth protocol. Additionally, it creates a local system user on windows, in case it does not exist.
What is the correct way to check whether a user exists on windows platforms using python?
This would include cases in which the system uses LDAP authentication and the user logged in the machine at least once.
I am looking for the correct windows alternative to the unix-like:
import pwd
try:
pwd.getpwnam(user.name)
except Exception as e:
print(repr(e))
My current solution is to check for the existence of the f"os.environ["SystemDrive"]\Users\{username}" folder. Side question, is there any drawback with the current method?
Here's a solution to checking if a local Windows user exists using python:
import subprocess
def local_user_exists_windows(username):
r = subprocess.run("net user",stdout=subprocess.PIPE)
#look for username in the output. Return carriage followed by line break followed by name, then space
return f"\\r\\n{username.lower()} " in str(r.stdout).lower()
Alternative is to use a regular expression to find username match (^ is regex for beginning of line if used in conjunction with multiline, \b for word boundary):
import re
re.findall(rf"^{username}\b", out,flags=re.MULTILINE | re.IGNORECASE)
Note that the \b could be replaced with \s+ meaning a space character one or more times and yield similar results. The function above will return True if given user name is an exact match with local username on Windows.
Again, my reason for this solution is there might be drawback to checking whether the path f"os.environ["SystemDrive"]\Users\{username}" exists. For example, I have a case where a Local User (e.g,local_username) exists via the net user command or via looking at "Local Users and Groups" control panel, but there is no C:\Users\local_user_name folder. One reason for this I can think of off the top of my head is perhaps the user switched from logging in as a Local User to using a Domain Account, and their User folder was deleted to save space, so the User exists, but the folder does not, etc.)
The call to net user gets local users - and the output looks something like this:
User accounts for \\SOME-WINDOWS-COMPUTER
-------------------------------------------------------------------------------
SomeUser Administrator DefaultAccount
Guest local_admin WDAGUtilityAccount
Notice how the SomeUser in this example is preceded by a \r\n followed by multiple spaces, hence looking for a username string inside this string could yield a false positive if the string you are searching is contained inside another string.
The solution above works for me, but has been tested all of ten minutes, and there might be some other simpler or more pythonic way of doing this.
I would like to get the security group of the user in a Maximo automation script so I can compare it. I need to know if the user in in MaxAdmin or UserUser group to execute the reste of my script. My scripts are in Python
how could I get that Info?
There are some implicit variables available to you in an automation script (check the IBM Automation Script guide), one of which is the current user's username. There is also the :&USERNAME& special bind variable that gets replaced with the current username. You can use one of those as part of the query to fetch a GroupUser MBO and then check the count of it afterward.
I'm going off of memory here so the exact names and syntax probably differ, but something like:
groupUserSet = MXServer.getMXServer().getMboSet("GROUPUSER", MXServer.getMXServer().getSystemUserInfo())
groupUserSet.setWhere("userid = :&USERNAME& and groupname in ('MAXADMIN', 'USERUSER')")
# Not really needed.
groupUserSet.reset()
if groupUserSet.count() > 0:
# The current user is in one of the relevant groups.
else:
# The current user is not in one of the relevant groups.
groupUserSet.close()
It's worth noting that the kinds of things tied to logic like this usually don't need an automation script. Usually conditional expressions, normal security permissions or reports can do what you need here instead. Even when an automation script like this is needed, you still should not do it based on group alone, but based on whether the user has a certain permission or not.
EDIT
To do this with permissions, you would add a new sigoption to the app with an id along the lines of "CANCOMPPERM" (with a more verbose description) and grant it to those two groups. Make sure everyone in those groups logs out at the same time (so nobody in those two groups are logged into the system at a given point) or else the permission cache will not update. Your code would then look something like this:
permissionsSet = MXServer.getMXServer().getMboSet("APPLICATIONAUTH", MXServer.getMXServer().getSystemUserInfo())
permissionsSet.setWhere("optionname = 'CANCOMPPERM' and groupname in (select groupname from groupuser where userid = :&USERNAME& )")
# Not really needed.
permissionsSet.reset()
if permissionsSet.count() > 0:
# The current user has the necessary permission.
else:
# The current user does not have the necessary permission.
permissionsSet.close()
I think there are even some helper methods in Maximo's code base that you can call to do the above for you and just return a true/false on if the permission is granted or not.
There's a large number of examples of using your user/pass as credentials to connect to the p4 server using p4python, but very little describing how to use a p4ticket. It's unclear how to use a p4tickets file with p4python.
It turns out the perforce documentation is really, really precise. The documentation basically says that if the user isn't logged in, then you have to provide a password to login. The flip side of that coin is that if the user is logged in then no password is needed. So, for instance, assume the user is logged in:
>>> p4 -u 'username' login
Then, in your p4python script, the following will connect:
p4con = P4.P4()
p4con.user = 'username'
p4.con.connect()
The p4python connection will naturally use the ~/.p4tickets file.
To use a ticket in a P4 Python script (or the P4 command line) you essentially just put the ticket anywhere that asks for a password. With that, there's an issue of precedence of where P4 Python takes the ticket from that is not consistent with how the P4 command line works.
In P4 Python:
If the environment variable P4PASSWD is set it is used.
If there is an entry for the user in whatever file p4.ticket_file looks at (from P4TICKETS, the default of ~/.p4tickets, or a value that was placed there by the script) that will be used if P4PASSWD is not set
If the p4.password field is set it will be used if neither of the above conditions have been met.
Running P4 from the command line:
If run with -P the ticket from the command line is used
If P4PASSWD is set that is used if the above condition has not been met
If there is an entry for the user in whatever file p4.ticket_file looks at (from P4TICKETS, the default of ~/.p4tickets, or a value that was placed there by the script) that will be used if neither of the above conditions have been met.
Example 1 - This will override the value set in p4.password on line 4 with the value for the user set on line 3 if there is an entry in the ticket file. If there's no entry in the ticket file it will use the supplied credentials AND update the ticket file so that the second time the script is run it will use that and not the supplied credentials.
from P4 import P4
p4 = P4()
p4.user = user
p4.password = ticket
Example 2 - This will always use the supplied credentials because we're not actually using a real file.
from P4 import P4
p4 = P4()
p4.user = user
p4.password = ticket
p4.ticket_file = '/dev/null'
tl;dr - Use the ticket anywhere Perforce asks for a password. If you want to use a ticket in your script, set ticket_file='/dev/null' first to ensure the expected behaviour.
run_login(): Runs p4 login using a password or ticket set by the user.
from P4 import P4
p4 = P4()
p4.port = "xxx.xxx.xxx.xxx:1666"
p4.user = "xxxxx"
p4.connect()
p4.run_login("-s", p4.user)
I'm using GADMIN-SAMBA program on Linux for administering Samba server, and in the list of users in the "Users" tab in the first row there is the following data:
"WARNING" "Group name not found" "No value has been set" "No value has been set"`
When I select this row and click "Delete" button, the following message appears:
Could not remove the samba user: WARNING
And the row remains unchanged.
I could not find any records with a user named "Warning" in /etc/smb.conf, /etc/samba/smbusers files and in /var/samba/profiles directory. How can this record be removed from the users list?
If I'm not mistaken, the problem is (1) you have no users added to the SAM database, or (2) that you do not have the following SAM files available for pdbedit to read:
/etc/samba/private
passdb.tdb
secrets.tdb
Since samba makes use of pdbedit -L to generate a user list to be displayed. If you either (1) have no users, or (2) do not have the SAM files available, you will generate an error attempting to access that information. It appears that GADMIN is taking the first line returned (the error) as the user and attempting to display it. You cannot delete this.