Decrypt my World

Cryptography, Security, Debugging and more!

How to read msTSProfilePath, msTSHomeDrive and msTSHomeDirectory properties from AD (VB.NET)

How to read msTSProfilePath, msTSHomeDrive and msTSHomeDirectory properties from AD (VB.NET)

  • Comments 4

 

Hi all,

If you used to query Active Directory properties like TerminalServicesProfilePath, TerminalServicesHomeDrive and TerminalServicesHomeDirectory on Windows Server 2003, you may have realized already that those properties are not available on Windows Server 2008 and later. If you investigate a bit, you may find some properties which are supposed to be their substitutes: msTSProfilePath, msTSHomeDrive and msTSHomeDirectory. But if you try to query them with a code like the following, it won’t work. You will get empty strings for those properties.

 

Dim myUser = New DirectoryEntry(myPath)

' This works fine on Win2003, but fails on Win2008, as expected
'
Try
MsgBox(myUser.InvokeGet("TerminalServicesHomeDirectory").ToString)
Catch ex As Exception
MsgBox(ex.Message)
End Try

' This fails on Win2003 as expected, but returns an empty string on Win2008
'
Try
MsgBox(myUser.InvokeGet("msTSHomeDirectory").ToString)
Catch ex As Exception
MsgBox(ex.Message)
End Try

 

It turns out that those properties are implemented and meant to be used to store that information, but we neither use them nor do we store the info in those properties (yet).

That information is written into the userParameters datablob which is readable through Tsuserex.dll exports. The recommended approach would be to build an app that will cover future scenarios: check for the new properties as shown above, and if empty, use Tsuserex.dll exports.

This is the interface we need to use: 

IADsTSUserEx Interface

And some info on the Tsuserex.dll library that implements it:

Using the ADSI Extension for Remote Desktop Services User Configuration

ADSI Extension for Remote Desktop Services User Configuration

These are the properties which correspond to msTSProfilePath, msTSHomeDrive or msTSHomeDirectory:

IADsTSUserEx::TerminalServicesProfilePath Property

IADsTSUserEx::TerminalServicesHomeDrive Property

IADsTSUserEx::TerminalServicesHomeDirectory Property

Now, I couldn’t find any official sample from MS, only this C++ sample copied from MSDN (note I couldn’t find the original web page where they copied this from, so the info is likely to be a bit old):

ADSI Terminal Server Extensions (IADsTSUserEx) 

And here is the translation of that sample to C#:

Configuring Terminal Services attributes using .NET

Converting this sample to VB.NET should be quite straightforward. 

Now, I tried to create a VB.NET sample on my Windows 7, but I couldn’t find the Tsuserex.dll library. But I found that that library is in the server versions of Windows.

using IADsTSUserEx on Windows 7

So I copied the dll from my Windows Server 2008 R2 to my Windows 7, I registered with regsvr32, and added it as a reference to my sample project. 

Then I created this sample code:

 

Imports System.DirectoryServices
Imports TSUSEREXLib


Dim rootLDAPpath As String = "LDAP://OU=...,DC=com"
Dim root As DirectoryEntry = New DirectoryEntry(rootLDAPpath)
Dim searcher As New DirectorySearcher(root)
Dim adUser As SearchResult

searcher.Filter() = "(&(objectCategory=user)(samAccountName=alejacma))"
adUser = searcher.FindOne

Dim myUser = New DirectoryEntry(adUser.Path)

' Get the properties
Dim tsUser = CType(myUser.NativeObject, IADsTSUserEx)
MsgBox(tsUser.TerminalServicesProfilePath)
MsgBox(tsUser.TerminalServicesHomeDrive)
MsgBox(tsUser.TerminalServicesHomeDirectory)

' Set the properties
tsUser.TerminalServicesHomeDirectory = ...
...
myUser.CommitChanges()

Taking this code as a base we werer able to both read and modify those properties.

I hope this helps.

Regards,

 

Alex (Alejandro Campos Magencio)

 

  • I can't find this documented anywhere but if the userParameters blob is empty, Windows Server 2008 and Windows Server 2008 R2 terminal servers will indeed use these three fields.  However if the userParameters blob is present, it then whatever is placed in the msTSHomeDirectory, msTSHomeDrive and msTSProfilePath user account attribues is ignored. Forgot to add regardless of what's in the msTSHomeDirectory, msTSHomeDrive and msTSProfilePath, Active Directory Users and Computers always (on Windows 2008 and 2008R2) uses use the Tsuserex.dll library to manipulate the userParameters blob and will not display the contents of msTSHomeDirectory, msTSHomeDrive and msTSProfilePath on the Terminal Services Profile or Remote Desktop Services Profile (the tab name depends on the OS version) tabs.

  • Thx a lot Erik for your additions!

  • I realise that this post is over a year old at this point, but I am trying to do exactly the same thing and the above sample code does not work. I believe that the issue is the Tsuserex.dll file, as I cannot add it as a reference to my VB.NET project.

    I copied the file from a 64-bit Windows Server 2008 R2 machine and copied it to %systemroot%\system32 on a Windows 7 64-bit machine and registered it successfully, however I receive the following exception on the line "Dim tsUser = CType(myUser.NativeObject, IADsTSUserEx)

    "

    System.InvalidCastException was caught

     Message=Unable to cast COM object of type 'System.__ComObject' to interface type 'TSUSEREXLib.IADsTSUserEx'. This operation failed because the QueryInterface call on the COM component for the interface with IID '{C4930E79-2989-4462-8A60-2FCF2F2955EF}' failed due to the following error: No such interface supported (Exception from HRESULT: 0x80004002 (E_NOINTERFACE)).

     Source=TSTest

     StackTrace:

          at ConsoleApplication1.Module1.Main() in C:\svn_wc\Test\TerminalServicesTest\TSTest\TSTest\Module1.vb:line 19

     InnerException:

    In order to get the code to work at all, I found a copy of interop.tsuserer.dll from the web and added that as a reference to my project.

    Any tips or pointers would be greatly appreciated. I've been stuck on this for about a week.

    Thanks!

  • please tell me i copy file from  window server  2008  32 bit but not able to register  on window 7  32 bit

    please help me  

Page 1 of 1 (4 items)
Leave a Comment
  • Please add 3 and 6 and type the answer here:
  • Post
Translate This Page