Solved

How to get GUID using LDAP & VB Script with ADS

Posted on 2003-11-10
10
11,091 Views
Last Modified: 2008-05-30
Dear Experts,
  How to get All GUID of my network using LDAP and VB Script  with Active Directory Services.
This is very urgent requirement.
Thanks in advance
Venkat
0
Comment
Question by:N_K_venkat
  • 3
  • 2
  • 2
10 Comments
 
LVL 6

Expert Comment

by:pillbug22
Comment Utility
Here's a .vb file I use - You can just ru it and it will return the results in a text file, but you can change it to for writing to a web page or whatever you need (it's in VBScript/WScript).

As it is, it returns all users in a specified OU, but you can also change that to return a specific user or all users in your AD.:


The parseFirstName() and parseLastName() functions are only needed if your AD is not filled in completely (the first and last names of each person aren't filled in) - it just splits up the display name into pieces.



' *****************************************
' AD_query.vbs
' Selects AD info for all users (specified by criteria)
' Can be changed to select one user, members of specific OU, or
' all members in AD.

Function ParseOU(strDN)
      dim DNarray
      DNarray = Split(strDN, "=", -1, 1)
      ParseOU = Left(DNarray(3), 5)
End Function


Function ParseSubOU(strDN)
      dim DNarray
      DNarray = Split(strDN, "=", -1, 1)
      ParseSubOU = Left(DNarray(2), 6)
End Function


Function ParseFirstName(strCN)
      dim nameArray
      nameArray = Split(strCN, " ", -1, 1)
      ParseFirstName = nameArray(1)
End Function



Function ParseLastName(strCN)
      dim nameArray
      nameArray = Split(strCN, " ", -1, 1)
      ParseLastName = nameArray(0)
End Function






Sub queryAD
      
      Set ADOConn = CreateObject("ADODB.Connection")
      ADOConn.Provider = "ADSDSOObject"
      ADOConn.Open "Active Directory Provider"

      Set objCmd = CreateObject("ADODB.Command")
      Set objCmd.ActiveConnection = ADOConn

      objCmd.CommandText = "SELECT cn, sAMAccountName, mail, givenName, sn, displayName, distinguishedName FROM " & _
            "'LDAP://OU=000555,dc=subDomain,dc=domain,dc=com' WHERE objectClass='user'"

                  ' AND sAMAccountName='userName'"

      set rs = objCmd.Execute


      dim fso, myFile
      set fso = createObject("Scripting.FileSystemObject")
      set myFile = fso.CreateTextFile("c:\ldap.txt", true)


      on error resume next


      do while not rs.eof
            
            myFile.WriteLine("CN: " & rs.fields("cn"))
            myFile.WriteLine("SAMAccountName: " & rs.fields("sAMAccountName"))
            myFile.WriteLine("Email Address: " & rs.fields("mail"))
            myFile.WriteLine("Firstname: " & rs.fields("givenName"))
            myFile.WriteLine("Surname: " & rs.fields("sn"))
            myFile.WriteLine("Display Name: " & rs.Fields("displayName"))
            myFile.WriteLine("DN: " & rs.fields("distinguishedName"))
            Set ou = GetObject("LDAP://OU=" & ParseSubOU(rs.Fields("distinguishedName")) & ",OU=" & ParseOU(rs.Fields("distinguishedName")) & ",DC=hca,DC=corpad,DC=net")
            myFile.WriteLine("OU: " & ParseOU(rs.Fields("distinguishedName")))
            myFile.WriteLine("Sub OU: " & ParseSubOU(rs.Fields("distinguishedName")))
            myFile.WriteLine("Description: " & ou.description)
            myFile.WriteLine("Display Name: " & ou.displayName)
            myFile.WriteLine("----------------------------------------------")


            rs.movenext
      loop





      myFile.Close
      rs.Close
      ADOConn.Close

      Set RS = Nothing
      Set objCmd = Nothing
      Set ADOConn = Nothing

End Sub

wscript.echo("running...")
queryAd
wscript.echo("File has ben saved to c:\ldap.txt")

' *****************************************
0
 

Author Comment

by:N_K_venkat
Comment Utility
Hi pillbug22,
  Its working fine but it is returning the GUID.i want that only

Thanks
Venkat
0
 

Expert Comment

by:gfergus
Comment Utility
Using pillbug's scripting above, you can reference the SID using:

myFile.WriteLine("SID: " & rs.fields("SID"))

Result:
 SID: S-1-5-21-2025429265-1417001333-682003330-3613

Is that what you're after?

Greg
0
Maximize Your Threat Intelligence Reporting

Reporting is one of the most important and least talked about aspects of a world-class threat intelligence program. Here’s how to do it right.

 

Author Comment

by:N_K_venkat
Comment Utility
Dear gfergus,
 is SID and GUID are same?
0
 

Author Comment

by:N_K_venkat
Comment Utility
Hi gfergus,
 I changed the code "'LDAP://dc=domain Name' WHERE objectClass='user'"

Insead of 'LDAP://OU=000555,dc=subDomain,dc=domain,dc=com' WHERE objectClass='user'"
(Refer code given by pillbug22). As u said SID returns GUID i have a doubt whether SID and GUID are same.
 Moreover i couldnt get the SID also using the recordset.i want to know whether this is because of the code i changed or not??

Thanks and Regards,
Venkat
0
 
LVL 6

Accepted Solution

by:
pillbug22 earned 500 total points
Comment Utility
Does the code work as given if all you change is the domain names?


If so, try changing the beginning of the loop:

                      do while not rs.eof
            Set prov = GetObject("LDAP:")
            Set user = prov.OpenDSObject("LDAP://CN=" & rs.Fields("cn") & ",CN=Users,OU=<OU here>,dc=<subDomain>,dc=<domain>,dc=<com/net/whatever>")
            myFile.WriteLine("GUID: " & user.GUID)
                                ...
                                ...
                      loop


I found some code in a book that talks about having to bind to an object in order to get some properties (including GUID) that aren't available when you do a recordset-style query.      
0
 

Expert Comment

by:gfergus
Comment Utility
Hi N_K_venkat,

Looks like pillbug22 is on the right track. 'user.GUID' would appear to be the correct syntax.

Let us know how it works for you.

PS. Just to rehash a little, why do you need all GUID's in such a hurry anyway? Maybe there's another way of solving the original problem.

Greg
0

Featured Post

How to run any project with ease

Manage projects of all sizes how you want. Great for personal to-do lists, project milestones, team priorities and launch plans.
- Combine task lists, docs, spreadsheets, and chat in one
- View and edit from mobile/offline
- Cut down on emails

Join & Write a Comment

Resolve DNS query failed errors for Exchange
Disabling the Directory Sync Service Account in Office 365 will stop directory synchronization from working.
This tutorial will walk an individual through the process of configuring their Windows Server 2012 domain controller to synchronize its time with a trusted, external resource. Use Google, Bing, or other preferred search engine to locate trusted NTP …
In this fifth video of the Xpdf series, we discuss and demonstrate the PDFdetach utility, which is able to list and, more importantly, extract attachments that are embedded in PDF files. It does this via a command line interface, making it suitable …

728 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

11 Experts available now in Live!

Get 1:1 Help Now