Re: Enumerating organisational units within vbs script

Tech-Archive recommends: Fix windows errors by optimizing your registry

TJ wrote:

I have developed alot of vbs logon scripts and administrate a medium
size network, we are just about to make certain users have "roaming
profiles", i have created the script below to read a list of account
names and set there profile path to do so the only problem is i have
to hardcode the organisational unit which the user is in, what i would
like to do is enumerate all containers so regardless of what ou the
user sits in it will update the profile.


Const ForReading = 1
Set objFSO = CreateObject("Scripting.FileSystemObject")
Set objTextFile = objFSO.OpenTextFile _
("roamingprofiles.txt", ForReading)

Do Until objTextFile.AtEndOfStream
AccountName = objTextFile.ReadLine
Set objUser = GetObject _
("LDAP://CN="; & AccountName & ",OU=staff,DC=my domain,DC=com")

objUser.Put "profilePath", "\\storage\profiles\" & accountName

wscript.echo "profile set for " & accountName & " to \\server\share\"
& accountName

objUser.SetInfo
Loop

' end of script

Any help would be greatly appreciated.

There are two approaches. One is a recursive function to enumerate OU's,
similar to:
==========
Dim objDomain

' Bind to domain object.
Set objDomain = GetObject(LDAP://dc=MyDomain,dc=com)

Call EnumOUs(objDomain)

Sub EnumOUs(objParent)
' Recursive sub to enumerate OU's.
Dim objUser, objChild

' First, enumerate users in the Parent.
objParent.Filter = Array("user")
For Each objUser In objParent
' Do something with each user.
objUser.Put "profilePath", \\storage\profiles\ _
& objUser.sAMAccountName
objUser.SetInfo
Next

' Filter on child OU's and containers.
objParent.Filter = Array("organizationalUnit", "container")
' Enumerate child OU's.
For Each objChild In objParent
' Call this sub recursively.
Call EnumOUs(objChild)
Next
End Sub
=========
The sAMAccountName attribute is the "pre-Windows 2000 logon name", which is
probably what you mean by account name.

Another approach is to use ADO to retrieve information on all users in the
domain. See this link for details:

http://www.rlmueller.net/ADOSearchTips.htm

However ADO cannot be used to modify attributes directly, so you must
retrieve the distinguishedNames of the users and use this bind to the user
object to make changes.

--
Richard Mueller
Microsoft MVP Scripting and ADSI
Hilltop Lab - http://www.rlmueller.net
--


.

Relevant Pages

  • Re: AD Migration Feedback
    ... enterprise-wide domain migration is not something you want to get "creative" ... > exactly as if it were one of the NT4 account domains. ... I guess the script ... > guessing that the user profile is somehow migrated by a 3rd party tool. ...
    (microsoft.public.win2000.active_directory)
  • Re: Script help
    ... > configure the machines to auto-logon to that account. ... > need the script, just log on the account and add the printer, followed by ... This would not only prevent profile buildup, ...
    (microsoft.public.windows.server.scripting)
  • Re: ADMT and log on scripts
    ... In the profile tab on the account properties in AD i ... > complaining that his drives arent mapped. ... If the script was migrated then ...
    (microsoft.public.win2000.active_directory)
  • Re: Script help
    ... If these are shared machines, which it sounds like they are, then I would ... configure the machines to auto-logon to that account. ... you could create your script on the C:\ drive ... > when they logon The printer will add to the profile of the user, ...
    (microsoft.public.windows.server.scripting)
  • Enumerate and then remove all networked printers
    ... Does this script look right to enumerate which network printers are attached to a user's profile and then delete them? ...
    (microsoft.public.scripting.vbscript)