Re: ADSI Script to return all Active Directory users with Dialin-E
- From: Chris <Chris@xxxxxxxxxxxxxxxxxxxxxxxxx>
- Date: Wed, 30 Apr 2008 06:33:00 -0700
That's great, thanks. How easy is it to output the title and company from
the organisation tab as well? I've been trying to get it working but can't
seem to format it right. I don't think I'm defining objects correctly, it's
all a bit of a maze to me!
Chris
"Richard Mueller [MVP]" wrote:
Chris wrote:.
I've been searching around and trying to cobble together various scripts
but
I can't quite get my head round what I need to do to make it work
I want a list output to Excel or similar with the names (display name,
distinguished name, anything really not fussy as long as I can tell which
user it is from it!) of users who have msNPAllowDialin set to TRUE within
Active Directory.
Does anyone have an existing script I could modify or could help me
through
this? As a novice scripter I'm having some issues working out how to
display
the usernames I'm targeting - I'm a bit lost!
You can use ADO in a VBScript program to retrieve all users where
(msNPAllowDialin=TRUE). The "TRUE" must be all caps. For more on using ADO
see this link:
http://www.rlmueller.net/ADOSearchTips.htm
In this case, the code could be:
==============
Option Explicit
Dim adoCommand, adoConnection, strBase, strFilter, strAttributes
Dim objRootDSE, strDNSDomain, strQuery, adoRecordset, strDN
' Setup ADO objects.
Set adoCommand = CreateObject("ADODB.Command")
Set adoConnection = CreateObject("ADODB.Connection")
adoConnection.Provider = "ADsDSOObject"
adoConnection.Open "Active Directory Provider"
adoCommand.ActiveConnection = adoConnection
' Search entire Active Directory domain.
Set objRootDSE = GetObject("LDAP://RootDSE";)
strDNSDomain = objRootDSE.Get("defaultNamingContext")
strBase = "<LDAP://"; & strDNSDomain & ">"
' Filter on user objects with msNPAllowDialin set to True.
strFilter = "(&(objectCategory=person)(objectClass=user)" _
& "(msNPAllowDialin=TRUE))"
' Comma delimited list of attribute values to retrieve.
strAttributes = "distinguishedName"
' Construct the LDAP syntax query.
strQuery = strBase & ";" & strFilter & ";" & strAttributes & ";subtree"
adoCommand.CommandText = strQuery
adoCommand.Properties("Page Size") = 100
adoCommand.Properties("Timeout") = 30
adoCommand.Properties("Cache Results") = False
' Run the query.
Set adoRecordset = adoCommand.Execute
' Enumerate the resulting recordset.
Do Until adoRecordset.EOF
' Retrieve values and display.
strDN = adoRecordset.Fields("distinguishedName").Value
Wscript.Echo strDN
' Move to the next record in the recordset.
adoRecordset.MoveNext
Loop
' Clean up.
adoRecordset.Close
adoConnection.Close
===========
The script should be run at a command prompt with the cscript host. The
output can be redirected to a text file.
--
Richard Mueller
Microsoft MVP Scripting and ADSI
Hilltop Lab - http://www.rlmueller.net
--
- Follow-Ups:
- References:
- ADSI Script to return all Active Directory users with Dialin-Enabl
- From: Chris
- Re: ADSI Script to return all Active Directory users with Dialin-Enabl
- From: Richard Mueller [MVP]
- ADSI Script to return all Active Directory users with Dialin-Enabl
- Prev by Date: Re: Need a script to compare two files
- Next by Date: HTA - Refresh
- Previous by thread: Re: ADSI Script to return all Active Directory users with Dialin-Enabl
- Next by thread: Re: ADSI Script to return all Active Directory users with Dialin-E
- Index(es):
Relevant Pages
|
