CoderZone.org

Category: >> PHP Code >> Active Directory - Reading the UserAccountControl parameter values Bookmark and Share

<< lastnext >>

Snippet Name: Active Directory - Reading the UserAccountControl parameter values

Description: This is a simple way to check each item of the UserAccountControl for the Active Directory user. Basically we check the "ones" across the positions of
the binary number to detect which items are checked and which are not. If the value is "1", the item is enabled, if the value is "0", the item is disabled.

Also see:
» Simple directory viewer / browser
» Recursive Directory Browser
» Create an array from the contents ...
» Get A Directory Listing Of Specifi...
» Check If A Directory Allows File C...
» Include All Files In A Directory
» Get Current Directory Name
» Random Image from Directory
» Get oldest file in directory
» Recursive Directory Browser
» List files in directory
» Protect Writable Directory
» Directory Listing #2
» Directory Listing
» Remove All Files An A Given Direct...
» Calculate File/Folder Size In A Di...

Comment: The result for the number 264320 is:

UserAccountControl in binary: 00000000001000000100010000000
ACCOUNTDISABLED: 0
HOMEDIR_REQUIRED: 0
LOCKOUT: 0
PASSWD_NOTREQD: 0
PASSWD_CANT_CHANGE: 0
ENCRYPTED_TEXT_PWD_ALLOWED: 1
TEMP_DUPLICATE_ACCOUNT: 0
NORMAL_ACCOUNT: 0
INTERDOMAIN_TRUST_ACCOUNT: 1
WORKSTATION_TRUST_ACCOUNT: 0
SERVER_TRUST_ACCOUNT: 0
DONT_EXPIRE_PASSWORD: 0
MNS_LOGON_ACCOUNT: 0
SMARTCARD_REQUIRED: 1
TRUSTED_FOR_DELEGATION: 0
NOT_DELEGATED: 0
USE_DES_KEY_ONLY: 0
DONT_REQ_PREAUTH: 0
PASSWORD_EXPIRED: 0
TRUSTED_TO_AUTH_FOR_DELEGATION: 0

Author:
Language: PHP
Highlight Mode: PHP
Last Modified: March 25th, 2011

<?php
 
// this is a simple way to check each item of the 
// UserAccountControl for the Active Directory user.
// Basically we check the "ones" across the positions of 
// the binary number to detect which items are checked and 
// which are not.
// If the value is "1", the item is enabled  
// If the value is "0", the item is disabled
 
 
// number from the attribute UserAccountControl 
$number = 264320;  
 
// convert to decimal
$bin = decbin($number); 
print "$bin <br>";
 
// check the length of the number
$sizenum = strlen($bin); 
 
print "$sizenum <br>";
// add required number of zeros to the left of the binary number
for ($i=$sizenum ; $i<=28 ; $i++){ 
    $zero_tag .="0";
}
 
// complete binary
$bin = $zero_tag.$bin; 
print "$bin <br>";
 
// get one bit from the different positions of the binary number
$ACCOUNTDISABLED = substr("$bin", -2, 1); 
$HOMEDIR_REQUIRED = substr("$bin", -4, 1); 
$LOCKOUT = substr("$bin", -5, 1); 
$PASSWD_NOTREQD = substr("$bin", -6, 1); 
$PASSWD_CANT_CHANGE = substr("$bin", -7, 1); 
$ENCRYPTED_TEXT_PWD_ALLOWED = substr("$bin", -8, 1); 
$TEMP_DUPLICATE_ACCOUNT = substr("$bin", -9, 1); 
$NORMAL_ACCOUNT = substr("$bin", -10, 1); 
$INTERDOMAIN_TRUST_ACCOUNT = substr("$bin", -12, 1); 
$WORKSTATION_TRUST_ACCOUNT = substr("$bin", -13, 1); 
$SERVER_TRUST_ACCOUNT = substr("$bin", -14, 1); 
$DONT_EXPIRE_PASSWORD = substr("$bin", -17, 1); 
$MNS_LOGON_ACCOUNT = substr("$bin", -18, 1); 
$SMARTCARD_REQUIRED = substr("$bin", -19, 1); 
$TRUSTED_FOR_DELEGATION = substr("$bin", -20, 1); 
$NOT_DELEGATED = substr("$bin", -21, 1); 
$USE_DES_KEY_ONLY = substr("$bin", -22, 1); 
$DONT_REQ_PREAUTH = substr("$bin", -23, 1); 
$PASSWORD_EXPIRED = substr("$bin", -24, 1); 
$TRUSTED_TO_AUTH_FOR_DELEGATION = substr("$bin", -25, 1); 
 
// if it's a "1", the item is enabled, 
// if it's a "0", the item is disabled
 
print "ACCOUNTDISABLED: $ACCOUNTDISABLED <br>";
print "HOMEDIR_REQUIRED: $HOMEDIR_REQUIRED <br>";
print "LOCKOUT: $LOCKOUT <br>";
print "PASSWD_NOTREQD: $PASSWD_NOTREQD <br>";
print "PASSWD_CANT_CHANGE: $PASSWD_CANT_CHANGE <br>";
print "ENCRYPTED_TEXT_PWD_ALLOWED: $ENCRYPTED_TEXT_PWD_ALLOWED <br>";
print "TEMP_DUPLICATE_ACCOUNT: $TEMP_DUPLICATE_ACCOUNT <br>";
print "NORMAL_ACCOUNT: $NORMAL_ACCOUNT <br>";
print "INTERDOMAIN_TRUST_ACCOUNT: $INTERDOMAIN_TRUST_ACCOUNT <br>";
print "WORKSTATION_TRUST_ACCOUNT: $WORKSTATION_TRUST_ACCOUNT <br>";
print "SERVER_TRUST_ACCOUNT: $SERVER_TRUST_ACCOUNT <br>";
print "DONT_EXPIRE_PASSWORD: $DONT_EXPIRE_PASSWORD <br>";
print "MNS_LOGON_ACCOUNT: $MNS_LOGON_ACCOUNT <br>";
print "SMARTCARD_REQUIRED: $SMARTCARD_REQUIRED <br>";
print "TRUSTED_FOR_DELEGATION: $TRUSTED_FOR_DELEGATION <br>";
print "NOT_DELEGATED: $NOT_DELEGATED <br>";
print "USE_DES_KEY_ONLY: $USE_DES_KEY_ONLY <br>";
print "DONT_REQ_PREAUTH: $DONT_REQ_PREAUTH <br>";
print "PASSWORD_EXPIRED: $PASSWORD_EXPIRED <br>";
print "TRUSTED_TO_AUTH_FOR_DELEGATION: $TRUSTED_TO_AUTH_FOR_DELEGATION <br>";
 
?>
 
Add a comment 
JakeOct 17th, 2013 11:12am
Fantastic bit of code there. Thank you.
© coderzone.org | users online: 7