Active directory query from domain computer

Ask questions about creating Graphical User Interfaces (GUI) in PowerShell and using WinForms controls.
Forum rules
Do not post any licensing information in this forum.

Any code longer than three lines should be added as code using the 'Select Code' dropdown menu or attached as a file.
This topic is 1 year and 5 months old and has exceeded the time allowed for comments. Please begin a new topic or use the search feature to find a similar but newer topic.
Locked
Eanna_bearn
Posts: 20
Last visit: Thu Mar 09, 2023 4:36 am
Has voted: 1 time

Active directory query from domain computer

Post by Eanna_bearn »

Hello all from France ;)

Don't know if i am in the good section, or even if i can ask it but if i do not try i never have answer :D
it s for School environment.

I want to make a form that i will deploy on domain computers for the teachers to allow them to ask me to create groups of users for projects they do.
The easiest way is to tell me names, and name of group by email but i want to make it by a form where they can choose in listbox users and by a button send to the pdc where i have a tool developped with powershell studio to manage accounts etc ... so i can import the demand they made and do stuf

the listboxs have to be populated dynamicly by send query on active directory when they launch the tool. Teachers does not have admin rights.

Here is the form i want to made.
form example.png
form example.png (18.2 KiB) Viewed 1497 times

here is the AD organization
AD organization.png
AD organization.png (17.61 KiB) Viewed 1497 times


The idea :

ckeckedlistboxteachers will be populated by query the teachers OU in AD
ckeckedlistboxtstudents will be populated by query the student parent OU in AD or the can filter by choosing in combobox the level so it will query the student child OU to get only the students from that level

i found example code which use principalcontext,i adapt it to query ad for the parent users OU and my checkedlistbox teacher or student is populated right but i don't know to populate the combobox with level ( the child OU in AD) and after apply the combobox filter to query only the child OU for students :( . I can t use the ad group of a class of student because teachers ar also members of it.
form.png
form.png (28.29 KiB) Viewed 1497 times

Any help will be appreciated ! :mrgreen:

Bonne journée ! :P


function Get-NetUserPrincipal {
param (
[string]$domainName,
[string]$userName
)

if (-not ("System.DirectoryServices.AccountManagement.PrincipalContext" -as [type]))
{
Add-Type -AssemblyName System.DirectoryServices.AccountManagement;
}

if (-not $domainName)
{
$domainName = $env:USERDNSDOMAIN;
}

if (-not $userName)
{
$userName = $env:USERNAME;
}

$context = [System.DirectoryServices.AccountManagement.PrincipalContext]::new([System.DirectoryServices.AccountManagement.ContextType]::Domain, $domainName);
$userPrincipal = [System.DirectoryServices.AccountManagement.UserPrincipal]::FindByIdentity(
$context,
[System.DirectoryServices.AccountManagement.IdentityType]::SamAccountName,
$userName
);

return $userPrincipal;
}

function Get-NetGroupPrincipal
{
param (
[string]$domainName,
[Parameter(Mandatory)]
[string]$groupName
)

if (-not ("System.DirectoryServices.AccountManagement.PrincipalContext" -as [type]))
{
Add-Type -AssemblyName System.DirectoryServices.AccountManagement;
}

if (-not $domainName)
{
$domainName = $env:USERDNSDOMAIN;
}

$context = [System.DirectoryServices.AccountManagement.PrincipalContext]::new([System.DirectoryServices.AccountManagement.ContextType]::Domain, $domainName);
$groupPrincipal = [System.DirectoryServices.AccountManagement.GroupPrincipal]::FindByIdentity(
$context,
[System.DirectoryServices.AccountManagement.IdentityType]::SamAccountName,
$groupName
);
return $groupPrincipal;
}


$form1_Load={

$listes_professeurs = (Get-NetGroupPrincipal -groupName "professeurs").Members
$listes_eleves = (Get-NetGroupPrincipal -groupName "eleves").Members
Update-ListBox -ListBox $checkedlistboxteachers -Items $listes_professeurs
Update-ListBox -ListBox $checkedlistboxstudents -Items $listes_eleves
}

jvierra
Posts: 15439
Last visit: Tue Nov 21, 2023 6:37 pm
Answers: 30
Has voted: 4 times
Been upvoted: 33 times

Re: Active directory query from domain computer

Post by jvierra »

Hi.
Unfortunately, you are asking a very complex set of questions about how to design and implement a system. Your request is beyond what can be addressed in a technical forum that is oriented to specific questions that are fairly well defined in advance.

Clearly, your experience with WinForms is extremely limited. I recommend using the articles I will link below to get some understanding of how WinForms and WinForms controls can be used and scripted.

https://www.sapien.com/books_training/W ... werShell-4

https://info.sapien.com/index.php/guis/gui-scripting

Once you have your request formed into a specific question then post back and we can help you. There is no way to decode all that you have posted and find a basic question.

Good luck. The documents linked will get you started on a better path to a solution.
DaWoipadinga
Posts: 1
Last visit: Mon Nov 28, 2022 3:32 am

Re: Active directory query from domain computer

Post by DaWoipadinga »

Hello!

why don't you use the ActiveDirectory module from RSAT tools? After deployment, any domain user will be able to query Active Directory without administrative permissions.

Best regards
jvierra
Posts: 15439
Last visit: Tue Nov 21, 2023 6:37 pm
Answers: 30
Has voted: 4 times
Been upvoted: 33 times

Re: Active directory query from domain computer

Post by jvierra »

Using the Net Framework types is actually more flexible and has more capabilities than the AD tools. The AD tools are becoming obsolete especially in a hybrid environment.
This topic is 1 year and 5 months old and has exceeded the time allowed for comments. Please begin a new topic or use the search feature to find a similar but newer topic.
Locked