Re: ADSI Script to return all Active Directory users with Dialin-E

Tech-Archive recommends: Speed Up your PC by fixing your registry

I was overcomplicating things, got it sorted now. Thanks a lot for your reply
Richard, helped loads.

Chris

"Chris" wrote:

That's great, thanks. How easy is it to output the title and company from
the organisation tab as well? I've been trying to get it working but can't
seem to format it right. I don't think I'm defining objects correctly, it's
all a bit of a maze to me!

Chris

"Richard Mueller [MVP]" wrote:

Chris wrote:

I've been searching around and trying to cobble together various scripts
but
I can't quite get my head round what I need to do to make it work

I want a list output to Excel or similar with the names (display name,
distinguished name, anything really not fussy as long as I can tell which
user it is from it!) of users who have msNPAllowDialin set to TRUE within
Active Directory.

Does anyone have an existing script I could modify or could help me
through
this? As a novice scripter I'm having some issues working out how to
display
the usernames I'm targeting - I'm a bit lost!

You can use ADO in a VBScript program to retrieve all users where
(msNPAllowDialin=TRUE). The "TRUE" must be all caps. For more on using ADO
see this link:

http://www.rlmueller.net/ADOSearchTips.htm

In this case, the code could be:
==============
Option Explicit

Dim adoCommand, adoConnection, strBase, strFilter, strAttributes

Dim objRootDSE, strDNSDomain, strQuery, adoRecordset, strDN



' Setup ADO objects.

Set adoCommand = CreateObject("ADODB.Command")
Set adoConnection = CreateObject("ADODB.Connection")
adoConnection.Provider = "ADsDSOObject"
adoConnection.Open "Active Directory Provider"
adoCommand.ActiveConnection = adoConnection



' Search entire Active Directory domain.

Set objRootDSE = GetObject("LDAP://RootDSE";)

strDNSDomain = objRootDSE.Get("defaultNamingContext")
strBase = "<LDAP://"; & strDNSDomain & ">"


' Filter on user objects with msNPAllowDialin set to True.
strFilter = "(&(objectCategory=person)(objectClass=user)" _

& "(msNPAllowDialin=TRUE))"



' Comma delimited list of attribute values to retrieve.
strAttributes = "distinguishedName"



' Construct the LDAP syntax query.
strQuery = strBase & ";" & strFilter & ";" & strAttributes & ";subtree"
adoCommand.CommandText = strQuery
adoCommand.Properties("Page Size") = 100
adoCommand.Properties("Timeout") = 30
adoCommand.Properties("Cache Results") = False



' Run the query.
Set adoRecordset = adoCommand.Execute


' Enumerate the resulting recordset.
Do Until adoRecordset.EOF

' Retrieve values and display.
strDN = adoRecordset.Fields("distinguishedName").Value

Wscript.Echo strDN

' Move to the next record in the recordset.
adoRecordset.MoveNext
Loop



' Clean up.

adoRecordset.Close

adoConnection.Close

===========

The script should be run at a command prompt with the cscript host. The
output can be redirected to a text file.


--
Richard Mueller
Microsoft MVP Scripting and ADSI
Hilltop Lab - http://www.rlmueller.net
--



.

Quantcast