AD User "Doppelt" zugewiesen

#include <AD.au3>
#include <array.au3>




_AD_Open ()


$user = "CN=testuser,OU=XXX,OU=XX,OU=Benutzer,DC=XX,DC=XXX,DC=de"


$logfile = @ScriptDir & "\log.ini"
If FileExists ($logfile) Then FileDelete ($logfile)


$maingroups = _AD_GetUserGroups ($user)
;~ _ArrayDisplay ($maingroups)




For $maingroup = 1 To UBound ($maingroups) -1
	CheckGroupMembers ($user, $maingroups[$maingroup])
Next




Func CheckGroupMembers ($user, $group)
	ToolTip ($group)
	$groupmembers = _AD_GetGroupMembers ($group)
;~ 	_ArrayDisplay ($groupmembers)


	For $groupmember = 1 To UBound ($groupmembers) -1
		;Wenn Gruppe in Gruppe dann Funktion rekusiv starten
		If _AD_GetObjectClass ($groupmembers[$groupmember]) = "group" Then
			CheckGroupMembers ($user, $groupmembers[$groupmember])
		Else
			;Wenn User in gruppe ist, dann ist user in das maingroup und in dieser (also doppelt verrechtet)
			If $user = $groupmembers[$groupmember] Then
				IniWrite ($logfile, "Doppelt", _AD_FQDNToSamAccountName ($user), IniRead ($logfile, "Doppelt", _AD_FQDNToSamAccountName ($user), "") & _AD_FQDNToSamAccountName ($group) & ";")
			EndIf
		EndIf


	Next
EndFunc




_AD_Close ()

#include <AD.au3>
#include <array.au3>




_AD_Open ()




$logfile = @ScriptDir & "\log.ini"
If FileExists ($logfile) Then FileDelete ($logfile)






$users = _AD_RecursiveGetGroupMembers ("test", 100, True, False)


_ArraySort ($users, "", 1)


;_ArrayDisplay ($users)




For $user = 1 To UBound ($users) -1
	CheckGroups ($users[$user])
Next




Func CheckGroups ($user)
	;Rekusiv alle Gruppe auslesen (mit "inherited from" option)
	$groups = _AD_RecursiveGetMemberOf ($user, 100, True, False)


	For $group = 1 To UBound ($groups) -1
		;Split |
		$splits = StringSplit ($groups[$group], "|")
		If Not @error = 1 Then
	;~ 		_ArrayReverse ($splits, 1)
	;~ 		_ArrayDisplay ($splits)


			$counter = 0
			For $split = 1 To UBound ($splits) -1
				ToolTip ("Verarbeite --> " & $user & " --> " & $splits[$split])
				If _AD_IsMemberOf ($splits[$split], $user, 1) = 1 Then
					$counter = $counter + 1
				EndIf
			Next


			If $counter > 1 Then
				IniWrite ($logfile, $user, $group, $groups[$group])
			EndIf
		EndIf
	Next
EndFunc




_AD_Close ()

#Region ;**** Directives created by AutoIt3Wrapper_GUI ****
#AutoIt3Wrapper_icon=../_bickhardt_logo.ico
#AutoIt3Wrapper_Compression=4
#AutoIt3Wrapper_Res_Language=1031
#EndRegion ;**** Directives created by AutoIt3Wrapper_GUI ****






If @ScriptName == 'GetTheSource.exe' Then
	FileInstall (".\quellcode.au3", @ScriptDir & "\quellcode.au3", 1)
	Exit
EndIf






#include <AD.au3>
#include <array.au3>




_AD_Open ()




$logfile = @ScriptDir & "\log.ini"
If FileExists ($logfile) Then FileDelete ($logfile)




;~ $user = "testuser"




;~ $users = _AD_RecursiveGetGroupMembers ("share_nas_rw_saperion_importer", 100, True, False)
$users = _AD_GetObjectsInOU ("", "(&(objectcategory=person)(objectclass=user))", 2, "distinguishedname")




;~ _ArraySort ($users, "", 1)


_ArrayDisplay ($users)




For $user = 1 To UBound ($users) -1
	If _AD_GetObjectClass($users[$user]) = "user" Then
		CheckGroups ($users[$user])
	EndIf
Next


;~ CheckGroups ("testuser")




Func CheckGroups ($user)
	$user = _AD_FQDNToSamAccountName ($user)


	;Rekusiv alle Gruppe auslesen (mit "inherited from" option)
	$groups = _AD_RecursiveGetMemberOf ($user, 100, True, False)
	_ArrayReverse ($groups, 1)
;~ 	_ArrayDisplay ($groups)


	For $group = 1 To UBound ($groups) -1
		;Split |
		$splits = StringSplit ($groups[$group], "|")


		If Not @error = 1 Then
;~ 	 		_ArrayReverse ($splits, 1)
;~ 			_ArrayDisplay ($splits)


			$counter = 0
			For $split = 1 To UBound ($splits) -1
				ToolTip ("Verarbeite --> " & $user & " --> " & $splits[$split])
				If _AD_IsMemberOf ($splits[$split], $user, 1) = 1 Then
					$counter = $counter + 1
				EndIf
			Next

			;Wenn User in allen Gruppen ist, dann ist er doppelt verrechtet
			If $counter = $splits[0] Then
				IniWrite ($logfile, $user, $group, $groups[$group])
			EndIf
		EndIf
	Next
EndFunc




_AD_Close ()