changed the way AD LDAP server is discovered

ADPassMon.xcodeproj/project.pbxproj

@@ -167,7 +167,7 @@
 		39094F161338DBE4007821C2 /* Project object */ = {
 			isa = PBXProject;
 			attributes = {
-				LastUpgradeCheck = 0610;
+				LastUpgradeCheck = 0630;
 			};
 			buildConfigurationList = 39094F191338DBE4007821C2 /* Build configuration list for PBXProject "ADPassMon" */;
 			compatibilityVersion = "Xcode 3.2";
@@ -255,6 +255,7 @@
 				CLANG_WARN__DUPLICATE_METHOD_MATCH = YES;
 				ENABLE_STRICT_OBJC_MSGSEND = YES;
 				GCC_C_LANGUAGE_STANDARD = gnu99;
+				GCC_NO_COMMON_BLOCKS = YES;
 				GCC_OPTIMIZATION_LEVEL = 0;
 				GCC_PREPROCESSOR_DEFINITIONS = DEBUG;
 				GCC_SYMBOLS_PRIVATE_EXTERN = NO;
@@ -284,6 +285,7 @@
 				CLANG_WARN__DUPLICATE_METHOD_MATCH = YES;
 				ENABLE_STRICT_OBJC_MSGSEND = YES;
 				GCC_C_LANGUAGE_STANDARD = gnu99;
+				GCC_NO_COMMON_BLOCKS = YES;
 				GCC_VERSION = com.apple.compilers.llvm.clang.1_0;
 				GCC_WARN_64_TO_32_BIT_CONVERSION = YES;
 				GCC_WARN_ABOUT_RETURN_TYPE = YES;

ADPassMon.xcodeproj/xcuserdata/bukowinskip.xcuserdatad/xcschemes/ADPassMon.xcscheme

@@ -1,6 +1,6 @@
 <?xml version="1.0" encoding="UTF-8"?>
 <Scheme
-   LastUpgradeVersion = "0610"
+   LastUpgradeVersion = "0630"
    version = "1.3">
    <BuildAction
       parallelizeBuildables = "YES"
@@ -48,7 +48,8 @@
       ignoresPersistentStateOnLaunch = "NO"
       debugDocumentVersioning = "YES"
       allowLocationSimulation = "YES">
-      <BuildableProductRunnable>
+      <BuildableProductRunnable
+         runnableDebuggingMode = "0">
          <BuildableReference
             BuildableIdentifier = "primary"
             BlueprintIdentifier = "39094F1E1338DBE4007821C2"
@@ -66,7 +67,8 @@
       useCustomWorkingDirectory = "NO"
       buildConfiguration = "Release"
       debugDocumentVersioning = "YES">
-      <BuildableProductRunnable>
+      <BuildableProductRunnable
+         runnableDebuggingMode = "0">
          <BuildableReference
             BuildableIdentifier = "primary"
             BlueprintIdentifier = "39094F1E1338DBE4007821C2"

ADPassMon/ADPassMon-Info.plist

@@ -19,11 +19,11 @@
 	<key>CFBundlePackageType</key>
 	<string>APPL</string>
 	<key>CFBundleShortVersionString</key>
-	<string>1.10.1</string>
+	<string>1.10.3</string>
 	<key>CFBundleSignature</key>
 	<string>????</string>
 	<key>CFBundleVersion</key>
-	<string>2</string>
+	<string>1</string>
 	<key>LSApplicationCategoryType</key>
 	<string>public.app-category.utilities</string>
 	<key>LSMinimumSystemVersion</key>

ADPassMon/ADPassMonAppDelegate.applescript

@@ -379,6 +379,20 @@ Enable it now?" with icon 2 buttons {"No", "Yes"} default button 2)
         log "  myLDAP: " & myLDAP
     end getDNS_
 
+    -- Use dsconfigad to get domain name
+    -- Use dig to get AD LDAP server from domain name
+    on getADLDAP_(sender)
+        try
+            set myDomain to (do shell script "/usr/sbin/dsconfigad -show | /usr/bin/awk '/Active Directory Domain/{print $NF}'") as text
+            -- using "first paragraph" to return only the first ldap server returned by the query
+            set myLDAP to first paragraph of (do shell script "/usr/bin/dig -t srv _ldap._tcp." & myDomain & "| /usr/bin/awk '/^_ldap/{print $NF}'") as text
+        on error theError
+            errorOut_(theError)
+        end try
+        log "  myDomain: " & myDomain
+        log "  myADLDAP: " & myLDAP
+    end getADLDAP_
+
     -- Use ldapsearch to get search base
     on getSearchBase_(sender)
         try
@@ -411,7 +425,7 @@ Enable it now?" with icon 2 buttons {"No", "Yes"} default button 2)
         fmt's setMinimumSignificantDigits_(1)
         fmt's setDecimalSeparator_(".")
 
-        set my pwdSetDateUnix to (do shell script "/usr/bin/dscl localhost read /Search/Users/$USER SMBPasswordLastSet | /usr/bin/awk '/LastSet:/{print $2}'")
+        set my pwdSetDateUnix to (do shell script "/usr/bin/dscl localhost read /Search/Users/\"$USER\" SMBPasswordLastSet | /usr/bin/awk '/LastSet:/{print $2}'")
         if (count words of pwdSetDateUnix) is greater than 1 then
             set my pwdSetDateUnix to last word of pwdSetDateUnix
         end if
@@ -496,7 +510,8 @@ Enable it now?" with icon 2 buttons {"No", "Yes"} default button 2)
 
             -- Do this if we haven't run before, or the defaults have been reset.
             if my expireAge = 0 and my selectedMethod = 0 then
-                getDNS_(me)
+                --getDNS_(me)
+                getADLDAP_(me)
                 getSearchBase_(me)
                 getExpireAge_(me)
             else