Logo Questions Linux Laravel Mysql Ubuntu Git Menu
 

Querying Active Directory using VBScript

I want to query Active Directory using VBScript (classic ASP). How can I accomplish that?

like image 261
Frank Avatar asked Jul 07 '09 04:07

Frank


2 Answers

To look at all the members of an OU, try this...

Set objOU = GetObject("LDAP://OU=YourOU,DC=YourDomain,DC=com")
For each objMember in ObjOU  ' get all the members'

    ' do something'

Next

To do a custom search for DNs try this...

set conn = createobject("ADODB.Connection")
Set iAdRootDSE = GetObject("LDAP://RootDSE")
strDefaultNamingContext = iAdRootDSE.Get("defaultNamingContext")
Conn.Provider = "ADsDSOObject"
Conn.Open "ADs Provider"

strQueryDL = "<LDAP://" & strDefaultNamingContext & ">;(&(objectCategory=person)(objectClass=user));distinguishedName,adspath;subtree"
set objCmd = createobject("ADODB.Command")
objCmd.ActiveConnection = Conn
objCmd.Properties("SearchScope") = 2 ' we want to search everything
objCmd.Properties("Page Size") = 500 ' and we want our records in lots of 500 

objCmd.CommandText = strQueryDL
Set objRs = objCmd.Execute

While Not objRS.eof

    ' do something with objRS.Fields("distinguishedName")'
    objRS.MoveNext
Wend
like image 106
KennetRunner Avatar answered Nov 10 '22 01:11

KennetRunner


I had to query WinAD by oldskool username, this .vbs script prints user accounts.

  • find by sAMAccountname, use * wildcard
  • print few attributes from each user object
  • use AccountType filter its most optimized way of iterating AD user objects

Test script first gets an user object by fully qualified string, its just an example. Second part does actual query by smith* filter.

WinADSearch.vbs

' c:> cscript -nologo script.vbs
' c:> wscript script.vbs
' http://msdn.microsoft.com/en-us/library/d6dw7aeh%28v=vs.85%29.aspx

' WindowsAD queries
' http://www.kouti.com/tables/userattributes.htm

Option Explicit
'On Error Resume Next

Dim StdOut: Set StdOut = WScript.StdOut

Dim objUser
Set objUser = GetObject("LDAP://CN=Firstname Lastname,OU=Internal Users,OU=MyCompany,OU=Boston,OU=Root,DC=REGION1,DC=COM")
println(objUser.givenName & " " & objUser.middleName & " " & objUser.lastName) 
println("name=" & objUser.name)
println("displayName=" & objUser.displayName)
println("userPrincipalName=" & objUser.userPrincipalName)
println("sAMAccountName=" & objUser.sAMAccountName)
println("distinguishedName=" & objUser.distinguishedName)


println("")
Dim conn, strQueryDL, strAttrs, objCmd, objRs, idx

set conn = createobject("ADODB.Connection")
conn.Provider = "ADsDSOObject"
conn.Open "ADs Provider"

strAttrs = "sAMAccountName,displayName,distinguishedName" ' get attributes

'strQueryDL = "<LDAP://dc=REGION1,dc=COM>;(& (objectCategory=person) );" & strAttrs & ";SubTree"
'strQueryDL = "<LDAP://dc=REGION1,dc=COM>;(& (objectCategory=person)(objectClass=user) );" & strAttrs & ";SubTree"    
'strQueryDL = "<LDAP://dc=REGION1,dc=COM>;(& (objectCategory=person)(objectClass=user)(sAMAccountName=smith*) );" & strAttrs & ";SubTree"

strQueryDL = "<LDAP://dc=REGION1,dc=COM>;(& (samAccountType=805306368)(sAMAccountName=smith*) );" & strAttrs & ";SubTree"

set objCmd = createobject("ADODB.Command")
objCmd.ActiveConnection = Conn
objCmd.Properties("SearchScope") = 2 ' search everything
objCmd.Properties("Page Size") = 100 ' bulk operation

objCmd.CommandText = strQueryDL
println(objCmd.CommandText)
Set objRs = objCmd.Execute
idx=0
do while Not objRS.eof
  idx=idx+1
  println( objRs.Fields("sAMAccountName") & " / " & objRs.Fields("displayName") & " / " & objRs.Fields("distinguishedName") )
  if (idx>5) then exit do
  objRS.MoveNext
loop
objRs.Close
Conn.close
set objRs = Nothing
set conn = Nothing
println("end")


'********************************************************************
Sub println(ByVal str) 
    If (StdOut Is Nothing) Then Exit Sub
    StdOut.WriteLine str
End Sub
like image 1
Whome Avatar answered Nov 10 '22 02:11

Whome