Link to home
Start Free TrialLog in
Avatar of bsharath
bsharathFlag for India

asked on

Check if every user has 2 X500's.

Hi,

Check if every user has 2 X500's.
Need help scanning all users in a OU and all child OU's for these 2 paths

/o=Group/ou=First Administrative Group/cn=Recipients/cn=
/o=ScopeGroup/ou=First Administrative Group/cn=Recipients/cn=

And list all users thats does not have 1 or more.

Could be Mail enabled/Linked user

Regards
sharath
Avatar of RobSampson
RobSampson
Flag of Australia image

Sharath, I'm not sure if this is going to work, but this should list each user / contact, and whether they have
 - no addresses at all
 - addresses, but no X500 addresses
 - one or more X500 addresses

Regards,

Rob.
If LCase(Right(Wscript.FullName, 11)) = "wscript.exe" Then
    strPath = Wscript.ScriptFullName
    strCommand = "%comspec% /k cscript  """ & strPath & """"
    Set objShell = CreateObject("Wscript.Shell")
    objShell.Run(strCommand), 1, True
    Wscript.Quit
End If

strOU = "OU=Users,OU=Office1,DC=domain,DC=com"

Const ADS_SCOPE_SUBTREE = 2
Set objConnection = CreateObject("ADODB.Connection")
Set objCommand = CreateObject("ADODB.Command")
objConnection.Provider = "ADsDSOObject"
objConnection.Open "Active Directory Provider"
Set objCommand.ActiveConnection = objConnection

objCommand.Properties("Page Size") = 1000
objCommand.Properties("Searchscope") = ADS_SCOPE_SUBTREE 

objCommand.CommandText = "SELECT adsPath FROM 'LDAP://" & strOU & "' WHERE objectClass='user' OR objectClass='contact'"
Set objRecordSet = objCommand.Execute
While Not objRecordSet.EOF
	Set objUser = GetObject(objRecordSet.Fields("adsPath").Value)
	If Not IsEmpty(objUser.proxyAddresses) Then
		'OutPutFile.Write User.DisplayName
		strAliases = ""
		If IsArray(objUser.proxyAddresses) = True Then
			strX500s = ""
			For Each strAlias In objUser.proxyAddresses
				If Left(LCase(strAlias), 5) = "x500:" Then
					If strX500s = "" Then
						strX500s = strAlias
					Else
						strX500s = strX500s & VbCrLf & strAlias
					End If
				End If
			Next
			If strX500s = "" Then
				WScript.Echo objUser.adsPath & VbCrLf & "has addresses, but no X500 addresses." & VbCrLf
			Else
				WScript.Echo objUser.adsPath & VbCrLf & "has X500 addresses." & VbCrLf
			End If
		Else
			WScript.Echo objUser.adsPath & VbCrLf & "has no addresses." & VbCrLf
		End If
	Else
		WScript.Echo objUser.adsPath & VbCrLf & "has no addresses." & VbCrLf
	End If
	objRecordSet.MoveNext
Wend
objRecordSet.Close

Open in new window

Avatar of bsharath

ASKER

Thanks Rob
But will need to find these specific
/o=Group/ou=First Administrative Group/cn=Recipients/cn=
/o=ScopeGroup/ou=First Administrative Group/cn=Recipients/cn=

Any ways
Try this.

Rob.
If LCase(Right(Wscript.FullName, 11)) = "wscript.exe" Then
    strPath = Wscript.ScriptFullName
    strCommand = "%comspec% /k cscript  """ & strPath & """"
    Set objShell = CreateObject("Wscript.Shell")
    objShell.Run(strCommand), 1, True
    Wscript.Quit
End If

strOU = "OU=Users,OU=Office1,DC=domain,DC=com"

Const ADS_SCOPE_SUBTREE = 2
Set objConnection = CreateObject("ADODB.Connection")
Set objCommand = CreateObject("ADODB.Command")
objConnection.Provider = "ADsDSOObject"
objConnection.Open "Active Directory Provider"
Set objCommand.ActiveConnection = objConnection

objCommand.Properties("Page Size") = 1000
objCommand.Properties("Searchscope") = ADS_SCOPE_SUBTREE 

objCommand.CommandText = "SELECT adsPath FROM 'LDAP://" & strOU & "' WHERE objectClass='user' OR objectClass='contact'"
Set objRecordSet = objCommand.Execute
While Not objRecordSet.EOF
	Set objUser = GetObject(objRecordSet.Fields("adsPath").Value)
	If Not IsEmpty(objUser.proxyAddresses) Then
		'OutPutFile.Write User.DisplayName
		strAliases = ""
		If IsArray(objUser.proxyAddresses) = True Then
			strX500s = ""
			For Each strAlias In objUser.proxyAddresses
				If Left(LCase(strAlias), 5) = "x500:" Then
					If InStr(LCase(strAlias), LCase("/o=Group/ou=First Administrative Group/cn=Recipients/cn=")) > 0 Or InStr(LCase(strAlias), LCase("/o=ScopeGroup/ou=First Administrative Group/cn=Recipients/cn=")) > 0 Then
						If strX500s = "" Then
							strX500s = strAlias
						Else
							strX500s = strX500s & VbCrLf & strAlias
						End If
					End If
				End If
			Next
			If strX500s = "" Then
				WScript.Echo objUser.adsPath & VbCrLf & "has addresses, but not the specific X500 addresses we are searching for." & VbCrLf
			Else
				WScript.Echo objUser.adsPath & VbCrLf & "X500 addresses found." & VbCrLf
			End If
		Else
			WScript.Echo objUser.adsPath & VbCrLf & "has no addresses." & VbCrLf
		End If
	Else
		WScript.Echo objUser.adsPath & VbCrLf & "has no addresses." & VbCrLf
	End If
	objRecordSet.MoveNext
Wend
objRecordSet.Close

Open in new window

Rob for every user i get
X500 addresses found.
If you change

                                WScript.Echo objUser.adsPath & VbCrLf & "X500 addresses found." & VbCrLf

to this

                                WScript.Echo objUser.adsPath & VbCrLf & "X500 addresses found." & VbCrLf & strX500s & VbCrLf

then you should see each X500 address that is found to match the two you're after.  Maybe we can find something wrong with that output.

Rob.
Now it displays perfect
LDAP://CN=Thri,OU=Temp2,dc=lth,DC=local
X500 addresses found.
X500:/o=LTH/ou=First Administrative Group/cn=Recipients/cn=Thri
X500:/o=Group/ou=First Administrative Group/cn=Recipients/cn=Thri
So what output do you need to change?

Rob.
I want only users who may not have 1 or both
In that case, if you just comment out the line we just changed:
                               WScript.Echo objUser.adsPath & VbCrLf & "X500 addresses found." & VbCrLf & strX500s & VbCrLf

then it should only list those users that have not got those X500 addresses.

Rob.
Even if 1 address is not there it says Found
But with that line commented out, it will not say when it has found one or both of the addresses.

It might say "<user> has addresses, but not the specific X500 addresses we are searching for.", but that just means that there are other email addresses, but none of the ones you are looking for.

Isn't that what you wanted?  I'm sorry I can't test it....

Rob.
I want to know if these 2 are there
/o=Group/ou=First Administrative Group/cn=Recipients/cn=
/o=ScopeGroup/ou=First Administrative Group/cn=Recipients/cn=
If one is also missing then record it
Oh, I think that's the other way round.  Try this.

Rob.
If LCase(Right(Wscript.FullName, 11)) = "wscript.exe" Then
    strPath = Wscript.ScriptFullName
    strCommand = "%comspec% /k cscript  """ & strPath & """"
    Set objShell = CreateObject("Wscript.Shell")
    objShell.Run(strCommand), 1, True
    Wscript.Quit
End If

strOU = "OU=Users,OU=Office1,DC=domain,DC=com"

Const ADS_SCOPE_SUBTREE = 2
Set objConnection = CreateObject("ADODB.Connection")
Set objCommand = CreateObject("ADODB.Command")
objConnection.Provider = "ADsDSOObject"
objConnection.Open "Active Directory Provider"
Set objCommand.ActiveConnection = objConnection

objCommand.Properties("Page Size") = 1000
objCommand.Properties("Searchscope") = ADS_SCOPE_SUBTREE 

objCommand.CommandText = "SELECT adsPath FROM 'LDAP://" & strOU & "' WHERE objectClass='user' OR objectClass='contact'"
Set objRecordSet = objCommand.Execute
While Not objRecordSet.EOF
	Set objUser = GetObject(objRecordSet.Fields("adsPath").Value)
	If Not IsEmpty(objUser.proxyAddresses) Then
		'OutPutFile.Write User.DisplayName
		strAliases = ""
		If IsArray(objUser.proxyAddresses) = True Then
			strX500s = ""
			For Each strAlias In objUser.proxyAddresses
				If Left(LCase(strAlias), 5) = "x500:" Then
					If InStr(LCase(strAlias), LCase("/o=Group/ou=First Administrative Group/cn=Recipients/cn=")) > 0 Or InStr(LCase(strAlias), LCase("/o=ScopeGroup/ou=First Administrative Group/cn=Recipients/cn=")) > 0 Then
						If strX500s = "" Then
							strX500s = strAlias
						Else
							strX500s = strX500s & VbCrLf & strAlias
						End If
					End If
				End If
			Next
			If strX500s = "" Then
				WScript.Echo objUser.adsPath & VbCrLf & "is missing both X500 addresses." & VbCrLf
			ElseIf UBound(Split(strX500s, VbCrLf)) = 0 Then
				WScript.Echo objUser.adsPath & VbCrLf & "is missing one of the X500 addresses." & VbCrLf
			Else
				'WScript.Echo objUser.adsPath & VbCrLf & "has both of the X500 addresses." & VbCrLf
			End If
		Else
			WScript.Echo objUser.adsPath & VbCrLf & "has no addresses." & VbCrLf
		End If
	Else
		WScript.Echo objUser.adsPath & VbCrLf & "has no addresses." & VbCrLf
	End If
	objRecordSet.MoveNext
Wend
objRecordSet.Close

Open in new window

Perfect its exact what i wanted

Can the script check for all OU's below 1 root
Like
I have
India (OU Name)
Withgin this i have many Ou's. Can it run for all users

One more Q. What will the change be for Contacts and i need to check just 1 type of X500. Can you give me the change in a seperate snippet please..
Hi,

It should already be searching any sub OUs of strOU because it has this
objCommand.Properties("Searchscope") = ADS_SCOPE_SUBTREE

It should also be finding users or contacts because it has this
WHERE objectClass='user' OR objectClass='contact'

To check just one address, you can use the code below.

Regards,

Rob.
If LCase(Right(Wscript.FullName, 11)) = "wscript.exe" Then 
    strPath = Wscript.ScriptFullName 
    strCommand = "%comspec% /k cscript  """ & strPath & """" 
    Set objShell = CreateObject("Wscript.Shell") 
    objShell.Run(strCommand), 1, True 
    Wscript.Quit 
End If 
 
strOU = "OU=Users,OU=Office1,DC=domain,DC=com" 
 
Const ADS_SCOPE_SUBTREE = 2 
Set objConnection = CreateObject("ADODB.Connection") 
Set objCommand = CreateObject("ADODB.Command") 
objConnection.Provider = "ADsDSOObject" 
objConnection.Open "Active Directory Provider" 
Set objCommand.ActiveConnection = objConnection 
 
objCommand.Properties("Page Size") = 1000 
objCommand.Properties("Searchscope") = ADS_SCOPE_SUBTREE  
 
objCommand.CommandText = "SELECT adsPath FROM 'LDAP://" & strOU & "' WHERE objectClass='user' OR objectClass='contact'" 
Set objRecordSet = objCommand.Execute 
While Not objRecordSet.EOF 
	Set objUser = GetObject(objRecordSet.Fields("adsPath").Value) 
	If Not IsEmpty(objUser.proxyAddresses) Then 
		'OutPutFile.Write User.DisplayName 
		strAliases = "" 
		If IsArray(objUser.proxyAddresses) = True Then 
			strX500s = "" 
			For Each strAlias In objUser.proxyAddresses 
				If Left(LCase(strAlias), 5) = "x500:" Then 
					If InStr(LCase(strAlias), LCase("/o=Group/ou=First Administrative Group/cn=Recipients/cn=")) > 0 Then 
						If strX500s = "" Then 
							strX500s = strAlias 
						Else 
							strX500s = strX500s & VbCrLf & strAlias 
						End If 
					End If 
				End If 
			Next 
			If strX500s = "" Then 
				WScript.Echo objUser.adsPath & VbCrLf & "is missing the X500 address." & VbCrLf 
			'ElseIf UBound(Split(strX500s, VbCrLf)) = 0 Then 
			'	WScript.Echo objUser.adsPath & VbCrLf & "is missing one of the X500 addresses." & VbCrLf 
			Else 
				'WScript.Echo objUser.adsPath & VbCrLf & "has both of the X500 addresses." & VbCrLf 
			End If 
		Else 
			WScript.Echo objUser.adsPath & VbCrLf & "has no addresses." & VbCrLf 
		End If 
	Else 
		WScript.Echo objUser.adsPath & VbCrLf & "has no addresses." & VbCrLf 
	End If 
	objRecordSet.MoveNext 
Wend 
objRecordSet.Close

Open in new window

Thanks Rob ...Is there any where i can change if its just Users or justs groups.
As i want to take it in 2 phases
Rob any help on the other posts
Yep, for

Users and Contacts:
objCommand.CommandText = "SELECT adsPath FROM 'LDAP://" & strOU & "' WHERE objectClass='user' OR objectClass='contact'"

Users only
objCommand.CommandText = "SELECT adsPath FROM 'LDAP://" & strOU & "' WHERE objectClass='user'"

Contacts only
objCommand.CommandText = "SELECT adsPath FROM 'LDAP://" & strOU & "' WHERE objectClass='contact'"

Groups only
objCommand.CommandText = "SELECT adsPath FROM 'LDAP://" & strOU & "' WHERE objectClass='group'"

Regards,

Rob.
Rob this is the editted version i have for contacts but it fetches non
If LCase(Right(Wscript.FullName, 11)) = "wscript.exe" Then  
    strPath = Wscript.ScriptFullName  
    strCommand = "%comspec% /k cscript  """ & strPath & """"  
    Set objShell = CreateObject("Wscript.Shell")  
    objShell.Run(strCommand), 1, True  
    Wscript.Quit  
End If  
  
strOU = "OU=Named,OU=offices,DC=lth,DC=Local"  
  
Const ADS_SCOPE_SUBTREE = 2  
Set objConnection = CreateObject("ADODB.Connection")  
Set objCommand = CreateObject("ADODB.Command")  
objConnection.Provider = "ADsDSOObject"  
objConnection.Open "Active Directory Provider"  
Set objCommand.ActiveConnection = objConnection  
  
objCommand.Properties("Page Size") = 10000
objCommand.Properties("Searchscope") = ADS_SCOPE_SUBTREE   
  
objCommand.CommandText = "SELECT adsPath FROM 'LDAP://" & strOU & "' WHERE objectClass='contact'"

Set objRecordSet = objCommand.Execute  
While Not objRecordSet.EOF  
        Set objUser = GetObject(objRecordSet.Fields("adsPath").Value)  
        If Not IsEmpty(objUser.proxyAddresses) Then  
                'OutPutFile.Write User.DisplayName  
                strAliases = ""  
                If IsArray(objUser.proxyAddresses) = True Then  
                        strX500s = ""  
                        For Each strAlias In objUser.proxyAddresses  
                                If Left(LCase(strAlias), 5) = "x500:" Then  
                                        If InStr(LCase(strAlias), LCase("/o=Group/ou=First Administrative Group/cn=Recipients/cn=")) > 0 Then  
                                                If strX500s = "" Then  
                                                        strX500s = strAlias  
                                                Else  
                                                        strX500s = strX500s & VbCrLf & strAlias  
                                                End If  
                                        End If  
                                End If  
                        Next  
                        If strX500s = "" Then  
                                WScript.Echo objUser.adsPath & VbCrLf & "is missing the X500 address." & VbCrLf  
                        'ElseIf UBound(Split(strX500s, VbCrLf)) = 0 Then  
                        '       WScript.Echo objUser.adsPath & VbCrLf & "is missing one of the X500 addresses." & VbCrLf  
                        Else  
                                'WScript.Echo objUser.adsPath & VbCrLf & "has both of the X500 addresses." & VbCrLf  
                        End If  
                Else  
                        WScript.Echo objUser.adsPath & VbCrLf & "has no addresses." & VbCrLf  
                End If  
        Else  
                WScript.Echo objUser.adsPath & VbCrLf & "has no addresses." & VbCrLf  
        End If  
        objRecordSet.MoveNext  
Wend  
objRecordSet.Close

Open in new window

From what I can tell, Contacts do have proxyAddresses.  Are you looking at the proxyAddresses, or the single "mail" property?

Rob.
Even the mail contact has a X500 address. I want to check if its available or not. The path is mentioned in the code.
I think its proxy addresses
Rob at present i am using this code
 ID: 30765716
When run if one X500 address is not available it does not find it.
Any views
Rob if none are there it detects them right. if 1 is available and another is not even then it takes as both are available
Hi Rob any views on this
Hi Rob any views on this....
Hi Sharath,

I modified Rob's a tad.  Does this work for you?
ON ERROR RESUME NEXT

If LCase(Right(Wscript.FullName, 11)) = "wscript.exe" Then 
    strPath = Wscript.ScriptFullName 
    strCommand = "%comspec% /k cscript  """ & strPath & """" 
    Set objShell = CreateObject("Wscript.Shell") 
    objShell.Run(strCommand), 1, True 
    Wscript.Quit 
End If 
 
strOU = "OU=Users,OU=Office1,DC=domain,DC=com" 
strX500_A="/o=Group/ou=First Administrative Group/cn=Recipients/cn="
strX500_B="/o=ScopeGroup/ou=First Administrative Group/cn=Recipients/cn="

 
Const ADS_SCOPE_SUBTREE = 2 
Set objConnection = CreateObject("ADODB.Connection") 
Set objCommand = CreateObject("ADODB.Command") 
objConnection.Provider = "ADsDSOObject" 
objConnection.Open "Active Directory Provider" 
Set objCommand.ActiveConnection = objConnection 
 
objCommand.Properties("Page Size") = 1000 
objCommand.Properties("Searchscope") = ADS_SCOPE_SUBTREE  
 
objCommand.CommandText = "SELECT cn,adsPath FROM 'LDAP://" & strOU & "' WHERE objectClass='user' OR objectClass='contact'" 
Set objRecordSet = objCommand.Execute 
While Not objRecordSet.EOF 
	wscript.echo "----------------------------------------------------"
	Set objUser = GetObject(objRecordSet.Fields("adsPath").Value) 

	strAliases = "" 
	strX500s = "" 
	check1=False
	check2=False
	strFailures=""

	For Each strAlias In objUser.proxyAddresses 
	
		If Left(LCase(strAlias), 5) = "x500:" Then 

			'Check #1
			If InStr(LCase(strAlias), LCase(strX500_A)) Then check1=True
			'Check #2
			If InStr(LCase(strAlias), LCase(strX500_B)) Then check2=True
			
		End If 
	Next 
	
	If check1=False OR check2=False then
		wscript.echo objUser.cn
		If check1=False then WScript.Echo "MISSING:  " & strX500_A
		If check2=False then WScript.Echo "MISSING:  " & strX500_B
	End If
	
	'If check1 and check2 then wscript.echo objUser.cn & " is GOOD!"

	objRecordSet.MoveNext 
Wend 
objRecordSet.Close

Open in new window

Thanks
Can i get just the differences to a txt file
ASKER CERTIFIED SOLUTION
Avatar of jostrander
jostrander
Flag of United States of America image

Link to home
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
Start Free Trial