Still celebrating National IT Professionals Day with 3 months of free Premium Membership. Use Code ITDAY17

x
?
Solved

How to get GUID using LDAP & VB Script with ADS

Posted on 2003-11-10
10
Medium Priority
?
11,137 Views
Last Modified: 2008-05-30
Dear Experts,
  How to get All GUID of my network using LDAP and VB Script  with Active Directory Services.
This is very urgent requirement.
Thanks in advance
Venkat
0
Comment
Question by:N_K_venkat
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
  • 3
  • 2
  • 2
10 Comments
 
LVL 6

Expert Comment

by:pillbug22
ID: 9723597
Here's a .vb file I use - You can just ru it and it will return the results in a text file, but you can change it to for writing to a web page or whatever you need (it's in VBScript/WScript).

As it is, it returns all users in a specified OU, but you can also change that to return a specific user or all users in your AD.:


The parseFirstName() and parseLastName() functions are only needed if your AD is not filled in completely (the first and last names of each person aren't filled in) - it just splits up the display name into pieces.



' *****************************************
' AD_query.vbs
' Selects AD info for all users (specified by criteria)
' Can be changed to select one user, members of specific OU, or
' all members in AD.

Function ParseOU(strDN)
      dim DNarray
      DNarray = Split(strDN, "=", -1, 1)
      ParseOU = Left(DNarray(3), 5)
End Function


Function ParseSubOU(strDN)
      dim DNarray
      DNarray = Split(strDN, "=", -1, 1)
      ParseSubOU = Left(DNarray(2), 6)
End Function


Function ParseFirstName(strCN)
      dim nameArray
      nameArray = Split(strCN, " ", -1, 1)
      ParseFirstName = nameArray(1)
End Function



Function ParseLastName(strCN)
      dim nameArray
      nameArray = Split(strCN, " ", -1, 1)
      ParseLastName = nameArray(0)
End Function






Sub queryAD
      
      Set ADOConn = CreateObject("ADODB.Connection")
      ADOConn.Provider = "ADSDSOObject"
      ADOConn.Open "Active Directory Provider"

      Set objCmd = CreateObject("ADODB.Command")
      Set objCmd.ActiveConnection = ADOConn

      objCmd.CommandText = "SELECT cn, sAMAccountName, mail, givenName, sn, displayName, distinguishedName FROM " & _
            "'LDAP://OU=000555,dc=subDomain,dc=domain,dc=com' WHERE objectClass='user'"

                  ' AND sAMAccountName='userName'"

      set rs = objCmd.Execute


      dim fso, myFile
      set fso = createObject("Scripting.FileSystemObject")
      set myFile = fso.CreateTextFile("c:\ldap.txt", true)


      on error resume next


      do while not rs.eof
            
            myFile.WriteLine("CN: " & rs.fields("cn"))
            myFile.WriteLine("SAMAccountName: " & rs.fields("sAMAccountName"))
            myFile.WriteLine("Email Address: " & rs.fields("mail"))
            myFile.WriteLine("Firstname: " & rs.fields("givenName"))
            myFile.WriteLine("Surname: " & rs.fields("sn"))
            myFile.WriteLine("Display Name: " & rs.Fields("displayName"))
            myFile.WriteLine("DN: " & rs.fields("distinguishedName"))
            Set ou = GetObject("LDAP://OU=" & ParseSubOU(rs.Fields("distinguishedName")) & ",OU=" & ParseOU(rs.Fields("distinguishedName")) & ",DC=hca,DC=corpad,DC=net")
            myFile.WriteLine("OU: " & ParseOU(rs.Fields("distinguishedName")))
            myFile.WriteLine("Sub OU: " & ParseSubOU(rs.Fields("distinguishedName")))
            myFile.WriteLine("Description: " & ou.description)
            myFile.WriteLine("Display Name: " & ou.displayName)
            myFile.WriteLine("----------------------------------------------")


            rs.movenext
      loop





      myFile.Close
      rs.Close
      ADOConn.Close

      Set RS = Nothing
      Set objCmd = Nothing
      Set ADOConn = Nothing

End Sub

wscript.echo("running...")
queryAd
wscript.echo("File has ben saved to c:\ldap.txt")

' *****************************************
0
 

Author Comment

by:N_K_venkat
ID: 9728111
Hi pillbug22,
  Its working fine but it is returning the GUID.i want that only

Thanks
Venkat
0
 

Expert Comment

by:gfergus
ID: 9728406
Using pillbug's scripting above, you can reference the SID using:

myFile.WriteLine("SID: " & rs.fields("SID"))

Result:
 SID: S-1-5-21-2025429265-1417001333-682003330-3613

Is that what you're after?

Greg
0
Concerto Cloud for Software Providers & ISVs

Can Concerto Cloud Services help you focus on evolving your application offerings, while delivering the best cloud experience to your customers? From DevOps to revenue models and customer support, the answer is yes!

Learn how Concerto can help you.

 

Author Comment

by:N_K_venkat
ID: 9728777
Dear gfergus,
 is SID and GUID are same?
0
 

Author Comment

by:N_K_venkat
ID: 9728805
Hi gfergus,
 I changed the code "'LDAP://dc=domain Name' WHERE objectClass='user'"

Insead of 'LDAP://OU=000555,dc=subDomain,dc=domain,dc=com' WHERE objectClass='user'"
(Refer code given by pillbug22). As u said SID returns GUID i have a doubt whether SID and GUID are same.
 Moreover i couldnt get the SID also using the recordset.i want to know whether this is because of the code i changed or not??

Thanks and Regards,
Venkat
0
 
LVL 6

Accepted Solution

by:
pillbug22 earned 2000 total points
ID: 9731978
Does the code work as given if all you change is the domain names?


If so, try changing the beginning of the loop:

                      do while not rs.eof
            Set prov = GetObject("LDAP:")
            Set user = prov.OpenDSObject("LDAP://CN=" & rs.Fields("cn") & ",CN=Users,OU=<OU here>,dc=<subDomain>,dc=<domain>,dc=<com/net/whatever>")
            myFile.WriteLine("GUID: " & user.GUID)
                                ...
                                ...
                      loop


I found some code in a book that talks about having to bind to an object in order to get some properties (including GUID) that aren't available when you do a recordset-style query.      
0
 

Expert Comment

by:gfergus
ID: 9736066
Hi N_K_venkat,

Looks like pillbug22 is on the right track. 'user.GUID' would appear to be the correct syntax.

Let us know how it works for you.

PS. Just to rehash a little, why do you need all GUID's in such a hurry anyway? Maybe there's another way of solving the original problem.

Greg
0

Featured Post

Office 365 Training for Admins - 7 Day Trial

Learn how to provision tenants, synchronize on-premise Active Directory, implement Single Sign-On, customize Office deployment, and protect your organization with eDiscovery and DLP policies.  Only from Platform Scholar.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Make the most of your online learning experience.
How to deal with a specific error when using the Enable-RemoteMailbox cmdlet to create a mailbox in the cloud-based service, for an existing user in an on-premises Active Directory.
This tutorial will walk an individual through the process of transferring the five major, necessary Active Directory Roles, commonly referred to as the FSMO roles to another domain controller. Log onto the new domain controller with a user account t…
Microsoft Active Directory, the widely used IT infrastructure, is known for its high risk of credential theft. The best way to test your Active Directory’s vulnerabilities to pass-the-ticket, pass-the-hash, privilege escalation, and malware attacks …

670 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question