Travis,
It occurred to me that you
might have a multi-domain forest to retrieve users from, so here's a variation
of the script I sent out earlier, which creates a connection to a
Global Catalog server utilizes the LDAP search filter syntax (instead of
SQL SELECT) to return all user objects registered in a
forest.
Regards,
Richard
option explicit
on error resume
next
' declares
dim RootDSE, RootNC, RootGC, DNPath, ChangeVal, fso,
objFile, strLogFile
dim Com, con, rs, strSearch, sDesc, strDes, i
'
constants
Public Const ADS_SCOPE_BASE = 0
Public
Const ADS_SCOPE_ONELEVEL = 1
Public Const ADS_SCOPE_SUBTREE =
2
Public Const ADS_CHASE_REFERRALS_NEVER
= 0
Public Const ADS_CHASE_REFERRALS_SUBORDINATE = &H20
Public Const
ADS_CHASE_REFERRALS_EXTERNAL = &H40
Public Const
ADS_CHASE_REFERRALS_ALWAYS = &H60
'
variables
strUsr =
"DOMAIN\userid"
strPwd = "password"
strLogFile =
"c:\temp\users.log"
Set fso =
CreateObject("Scripting.FileSystemObject")
Set objFile =
fso.CreateTextFile(strLogFile, 8, True)
wscript.echo "script started at:
" & Now
wscript.echo ""
objFile.Writeline "script started at: " &
Now
objFile.WriteBlanklines(2)
Set RootDSE =
GetObject("LDAP://RootDSE")
RootNC =
RootDSE.Get("RootDomainNamingContext")
wscript.echo "searching " &
RootADC & "..."
objFile.Writeline "searching " & RootADC &
"..."
Set con = CreateObject("ADODB.Connection")
Set com =
CreateObject("ADODB.Command")
con.Provider
= "ADsDSOObject"
con.Properties("User
ID") =
strUsr
con.Properties("Password")
= strPwd
con.Properties("Encrypt Password") = True
con.Open "Active
Directory Provider"
Set Com.ActiveConnection = con
' if you are
searching a forest that your workstation is not a member of, you will need
to
' specify the FQDN name of a root domain global catalog server in the
search string. use the
' alternate data specified below.
'
'
RootGC = "global-catalog-servername.mycompany.com"
'
strSearch = "<GC://" & RootGC & "/" & RootNC &
">;" & _
' uncomment to retrieve all users in the GC... warning,
may take a long time to run
' strSearch = "<GC://" & RootNC
& ">;" &
_
'
"(&(objectclass=user)" &
_
'
"(objectcategory=person));" &
_
'
"samAccountName,distinguishedName,displayName,description,telephoneNumber,mail;"
&
_
'
"subtree"
' retrieve all users with a userid beginning with 'Z',
' you
can use alphabetical searches to reduce the load the script can generate on a
GC
strSearch = "<GC://" & RootNC & ">;" &
_
"(&(objectclass=user)" &
_
"(objectcategory=person)" &
_
"(samAccountName=z*));" &
_
"samAccountName,distinguishedName,displayName,description,telephoneNumber,mail;"
&
_
"subtree"
wscript.echo "search string: " & strSearch
wscript.echo
""
objFile.Writeline "search string: " &
strSearch
objFile.WriteBlanklines(1)
Com.CommandText =
strSearch
Com.Properties("Cache Results") =
False
'Com.Properties("Chase Referrals") =
ADS_CHASE_REFERRALS_SUBORDINATE
Com.Properties("Page
Size") =
500
'Com.Properties("searchscope") =
ADS_SCOPE_SUBTREE
Com.Properties("Sort
On") =
"samAccountName"
Com.Properties("Time Limit") =
0
Com.Properties("Timeout") =
0
Set rs = Com.Execute
rs.MoveFirst
While Not
rs.EOF
sDesc =
rs.Fields("description").Value
For i = LBound(sDesc) To
UBound(sDesc)
strDes = strDes &
sDesc(i)
Next
wscript.echo "
"
wscript.echo "user details for:
" &
rs.Fields("samAccountName").Value
wscript.echo
"-----------------------------------------------------------"
wscript.echo "display name: " &
rs.Fields("displayName").Value
wscript.echo "user object: " &
rs.Fields("distinguishedName").Value
wscript.echo "description: " &
strDes
wscript.echo "e-mail address: " &
rs.Fields("mail").Value
wscript.echo "telephone number: " &
rs.Fields("telephoneNumber").Value
wscript.echo
"-----------------------------------------------------------"
objFile.WriteBlanklines(1)
objFile.Writeline "user details for: " &
rs.Fields("samAccountName").Value
objFile.Writeline
"-----------------------------------------------------------"
objFile.Writeline "display name: " &
rs.Fields("displayName").Value
objFile.Writeline "user object: " &
rs.Fields("distinguishedName").Value
objFile.Writeline "description: " &
strDes
objFile.Writeline "e-mail
address: " &
rs.Fields("mail").Value
objFile.Writeline "telephone number: " &
rs.Fields("telephoneNumber").Value
objFile.Writeline
"-----------------------------------------------------------"
strDes = ""
rs.MoveNext
Wend
wscript.echo ""
wscript.echo "script ended at:
" & Now
objFile.WriteBlanklines(2)
objFile.Writeline "script ended at:
" & Now
objFile.Close
> -----Original
Message-----
> From: Puckett, Richard
> Sent: Friday, November 01,
2002 8:49 PM
> To: '[EMAIL PROTECTED]'
> Subject: RE:
[ActiveDir] User List from AD
>
>
>
>
Travis,
>
> Here's an example using VBS (just messing about on a
Friday
> night). Should
> do what you want (I
think).
>
> Hope this helps,
>
Richard
>
>
>
> option explicit
>
> on error
resume next
>
> dim RootDSE, DomainNC, DNPath, ChangeVal, fso,
objFile, strLogFile
> dim Com, con, rs, strSearch, sDesc, strDes,
i
>
> Public Const ADS_SCOPE_BASE =
0
> Public Const ADS_SCOPE_ONELEVEL = 1
> Public Const
ADS_SCOPE_SUBTREE = 2
> Public Const
ADS_CHASE_REFERRALS_NEVER = 0
> Public
Const ADS_CHASE_REFERRALS_SUBORDINATE = &H20
> Public Const
ADS_CHASE_REFERRALS_EXTERNAL = &H40
> Public Const
ADS_CHASE_REFERRALS_ALWAYS =
&H60
>
> strLogFile = "c:\temp\users.log"
>
> Set
fso = CreateObject("Scripting.FileSystemObject")
> Set objFile =
fso.CreateTextFile(strLogFile, 8, True)
>
> wscript.echo "script
started at: " & Now
> wscript.echo ""
> objFile.Writeline
"script started at: " & Now
>
objFile.WriteBlanklines(2)
>
> Set RootDSE =
GetObject("LDAP://RootDSE")
> DomainNC =
RootDSE.Get("defaultNamingContext")
>
> wscript.echo "searching "
& DomainNC & "..."
> objFile.Writeline "searching " & DomainNC
& "..."
>
> Set con = CreateObject("ADODB.Connection")
>
Set com = CreateObject("ADODB.Command")
>
>
con.Provider
= "ADsDSOObject"
> con.Properties("User
ID") =
"DOMAIN\userid"
>
con.Properties("Password") =
"password"
> con.Properties("Encrypt Password") = True
>
>
con.Open "Active Directory Provider"
> Set Com.ActiveConnection =
con
>
> strSearch = "SELECT samAccountName, distinguishedName,
displayName,
> description, telephoneNumber, mail " & _
>
"FROM 'LDAP://" & DomainNC &
"' " & _
>
"WHERE objectClass = 'user' AND
objectCategory =
> 'person'"
>
' (you could add the below to do
alphabetical
> returns based on the first letter of each
>
' userid if you wanted to narrow the
>
result scope and
> reduce the load on your servers)
>
' AND samAccountName =
'z*'
>
> wscript.echo "search string: " & strSearch
>
wscript.echo ""
> objFile.Writeline "search string: " &
strSearch
> objFile.WriteBlanklines(1)
>
> Com.CommandText =
strSearch
>
> Com.Properties("Cache Results") =
False
> Com.Properties("Chase Referrals") =
ADS_CHASE_REFERRALS_SUBORDINATE
> Com.Properties("Page
Size") = 100
>
Com.Properties("searchscope") =
ADS_SCOPE_SUBTREE
> Com.Properties("Sort
On") = "samAccountName"
>
Com.Properties("Time Limit") = 0
>
Com.Properties("Timeout") =
0
>
> Set rs = Com.Execute
>
>
rs.MoveFirst
>
> While Not rs.EOF
>
>
sDesc = rs.Fields("description").Value
>
For i = LBound(sDesc) To UBound(sDesc)
>
strDes
= strDes & sDesc(i)
>
Next
>
> wscript.echo " "
>
wscript.echo "user details for: " &
>
rs.Fields("samAccountName").Value
>
wscript.echo
>
"-----------------------------------------------------------"
>
wscript.echo "display
name: " &
>
rs.Fields("displayName").Value
>
wscript.echo "user object: " &
>
rs.Fields("distinguishedName").Value
>
wscript.echo "description: " &
strDes
>
wscript.echo "e-mail address: " &
rs.Fields("mail").Value
> wscript.echo
"telephone number: " &
>
rs.Fields("telephoneNumber").Value
>
wscript.echo
>
"-----------------------------------------------------------"
>
>
objFile.WriteBlanklines(1)
>
objFile.Writeline "user details for: " &
>
rs.Fields("samAccountName").Value
>
objFile.Writeline
>
"-----------------------------------------------------------"
>
objFile.Writeline "display
name: " &
>
rs.Fields("displayName").Value
>
objFile.Writeline "user object: " &
>
rs.Fields("distinguishedName").Value
>
objFile.Writeline "description: " &
strDes
> objFile.Writeline "e-mail
address: " & rs.Fields("mail").Value
>
objFile.Writeline "telephone number: "
&
> rs.Fields("telephoneNumber").Value
>
objFile.Writeline
>
"-----------------------------------------------------------"
>
>
strDes = ""
>
rs.MoveNext
>
> Wend
>
>
wscript.echo ""
> wscript.echo "script ended at: " & Now
>
objFile.WriteBlanklines(2)
> objFile.Writeline "script ended at: " &
Now
>
>
objFile.Close
>
>
>
>
>
>
> >
-----Original Message-----
> > From: Travis Riddle [mailto:[EMAIL PROTECTED]]
> >
Sent: Friday, November 01, 2002 1:48 PM
> > To:
[EMAIL PROTECTED]
> > Subject: RE: [ActiveDir] User List
from AD
> >
> >
> > I am very new to windows
scripting, or any type of
> > programming for that matter (who thought
there was more to
> > Windows Administration!). I come from
a Unix Administration
> > background, which doesn't help much either.
So I guess I am
> > warining you that the next few questions will
probably sound
> > very simple, but please bear with me :)
>
>
> > I copied your script, customized it and saved it as a
.js
> > file. Is this correct? If so, how do I run it so I
get
> > retainable results (I guess such as a .txt file or even
a
> .htm file).
> >
> > Aside from not knowing how to
run the silly thing, I am not
> > sure what your ldap address is
refering too. Would it be
> > dc=domain
controller,dc=domain
> > name,dc=extension(net/com/org)? I get an
error: no such
> > object on the server. I tried other
combinations but each
> > returned errors.
> >
>
> To simplify things, lets say my FQDN for the GC I am working
> >
against is hostgc.test.net. What else do I need to know to
> >
perform this function. Am I way out in left field? I already
> >
know I am out of my league but I am learning.
> >
> > Thanks
again for your patience and time, I do appreciate it.
> >
> >
Travis
> >
> >
> > -----Original Message-----
>
> From: Hutchins, Mike [mailto:[EMAIL PROTECTED]]
> > Sent: Friday, November 01, 2002 10:52 AM
>
> To: [EMAIL PROTECTED]
> > Subject: RE: [ActiveDir] User
List from AD
> >
> >
> > Well, first you need to not
bother with binding to an object,
> > just bind to the domain, then
just enumerate... Here is
> > something I use it is in
jscript..
> >
> > // This is where I bind to the
domain
> > var oDomain =
GetObject("LDAP://DC=NPR1,DC=ROOT01,DC=ORG");
> > // Create a new
enumerator
> > uList = new Enumerator(oDomain);
> > // Start
my step thru the domain to get the objects
> > for (; !uList.atEnd();
uList.moveNext())
> > {
> > s = uList.item();
> > //
Start adding stuff to display
> > WScript.Echo(s.displayName +
s.Description + s.telephone +
> > s.givenName); }
> >
>
>
> >
> > -----Original Message-----
> > From:
Travis Riddle [mailto:[EMAIL PROTECTED]]
> >
Sent: Friday, November 01, 2002 10:35 AM
> > To:
[EMAIL PROTECTED]
> > Subject: [ActiveDir] User List from
AD
> >
> >
> > Hello everyone,
> >
>
> I would like to retrieve a list of all of my users in Active
> >
Directory. I have searched several places over the last 2
> > days and
have found a few scripts, but either they don't
> > return the
information I need or I can't get them to work. I
> > have
ordered a couple of books, but I am under a bit of
> > pressure to
produce this list asap.
> >
> > What I need is:
>
>
> > User Name, Full Name, Description, Phone and Email
Address.
> >
> > Mostly this info is found on the
General Page in AD Users and
> > Groups, except of course for User Name
(or Login Name). I am
> > sure this isn't a very difficult
script, if I knew what the
> > heck I was doing. I imagine I even
found a script that would
> > come close, but I can't figure out the
syntax on one portion
> > of it. If anyone could help me out I
would be very grateful.
> >
> > Here is the script I got
off of TechNet that may work, if
> > someone else has a better one that
would be terrific.
> >
> > The problem I have with this script
is I can't figure out
> > what parameters to put in the LDAP
address. I assume that
> > cn=myerken is the user Ken Myer.
ou=management is the
> > management OU. Dc=fabrikam is the Domain
Name.
> > Unfortunately if I enter similar values relevant to
my
> > domain, it simply returns no data. Any ideas? Thanks
in advance.
> >
> >
> >
> > On Error Resume
Next
> > Set objUser = GetObject _
> >
("LDAP://cn=myerken,ou=management,dc=fabrikam,dc=com")
> >
objUser.GetInfo
> >
> > strGivenName =
objUser.Get("givenName")
> > strInitials =
objUser.Get("initials")
> > strSn = objUser.Get("sn")
> >
strDisplayName = objUser.Get("displayName")
> >
strPhysicalDeliveryOfficeName = _
> >
objUser.Get("physicalDeliveryOfficeName")
> > strTelephoneNumber =
objUser.Get("telephoneNumber")
> > strMail =
objUser.Get("mail")
> > strWwwHomePage =
objUser.Get("wWWHomePage")
> >
> > strDescription =
objUser.GetEx("description")
> > strOtherTelephone =
objUser.GetEx("otherTelephone")
> > strUrl =
objUser.GetEx("url")
> >
> > WScript.echo "givenName: " &
strGivenName
> > WScript.echo "initials: " & strInitials
>
> WScript.echo "sn: " & strSn
> > WScript.echo "displayName: "
& strDisplayName
> > WScript.echo "physicalDeliveryOfficeName: "
& _
> > strPhysicalDeliveryOfficeName WScript.echo
"telephoneNumber:
> > " & strTelephoneNumber WScript.echo "mail: "
& strMail WScript.echo
> > "wWWHomePage: " &
strWwwHomePage
> >
> > For Each strValue in
strDescription
> > WScript.echo "description: " &
strValue
> > Next
> > For Each strValue in
strOtherTelephone
> > WScript.echo "otherTelephone: " &
strValue
> > Next
> > For Each strValue in strUrl
>
> WScript.echo "url: " & strValue
> > Next
>
> List info : http://www.activedir.org/mail_list.htm
> > List FAQ : http://www.activedir.org/list_faq.htm
> > List archive:
> > http://www.mail-archive.com/activedir%> 40mail.activedir.org/
> >
> > List
info :
> > http://www.activedir.org/mail_list.htm
> > List FAQ : http://www.activedir.org/list_faq.htm
> > List archive:
> > http://www.mail-archive.com/activedir%> 40mail.activedir.org/
> >
> >
> >
List info :
> > http://www.activedir.org/mail_list.htm
> > List FAQ : http://www.activedir.org/list_faq.htm
> > List archive:
> > http://www.mail-archive.com/activedir%> 40mail.activedir.org/
> >
> List
info : http://www.activedir.org/mail_list.htm
> List FAQ : http://www.activedir.org/list_faq.htm
> List archive:
> http://www.mail-archive.com/activedir%> 40mail.activedir.org/
>
Title: Message
- [ActiveDir] User List from AD Travis Riddle
- Re: [ActiveDir] User List from AD Al Lilianstrom
- RE: [ActiveDir] User List from AD Hutchins, Mike
- RE: [ActiveDir] User List from AD Van Donk, Fred
- RE: [ActiveDir] User List from AD Travis Riddle
- RE: [ActiveDir] User List from AD Travis Riddle
- RE: [ActiveDir] User List from AD Puckett, Richard
- RE: [ActiveDir] User List from AD Amit Zinman
- RE: [ActiveDir] User List from AD Puckett, Richard
- RE: [ActiveDir] User List from AD Roger Seielstad
