How to get GUID using LDAP & VB Script with ADS

Dear Experts,
  How to get All GUID of my network using LDAP and VB Script  with Active Directory Services.
This is very urgent requirement.
Thanks in advance
Venkat
N_K_venkatAsked:
Who is Participating?

[Product update] Infrastructure Analysis Tool is now available with Business Accounts.Learn More

x
I wear a lot of hats...

"The solutions and answers provided on Experts Exchange have been extremely helpful to me over the last few years. I wear a lot of hats - Developer, Database Administrator, Help Desk, etc., so I know a lot of things but not a lot about one thing. Experts Exchange gives me answers from people who do know a lot about one thing, in a easy to use platform." -Todd S.

pillbug22Commented:
Here's a .vb file I use - You can just ru it and it will return the results in a text file, but you can change it to for writing to a web page or whatever you need (it's in VBScript/WScript).

As it is, it returns all users in a specified OU, but you can also change that to return a specific user or all users in your AD.:


The parseFirstName() and parseLastName() functions are only needed if your AD is not filled in completely (the first and last names of each person aren't filled in) - it just splits up the display name into pieces.



' *****************************************
' AD_query.vbs
' Selects AD info for all users (specified by criteria)
' Can be changed to select one user, members of specific OU, or
' all members in AD.

Function ParseOU(strDN)
      dim DNarray
      DNarray = Split(strDN, "=", -1, 1)
      ParseOU = Left(DNarray(3), 5)
End Function


Function ParseSubOU(strDN)
      dim DNarray
      DNarray = Split(strDN, "=", -1, 1)
      ParseSubOU = Left(DNarray(2), 6)
End Function


Function ParseFirstName(strCN)
      dim nameArray
      nameArray = Split(strCN, " ", -1, 1)
      ParseFirstName = nameArray(1)
End Function



Function ParseLastName(strCN)
      dim nameArray
      nameArray = Split(strCN, " ", -1, 1)
      ParseLastName = nameArray(0)
End Function






Sub queryAD
      
      Set ADOConn = CreateObject("ADODB.Connection")
      ADOConn.Provider = "ADSDSOObject"
      ADOConn.Open "Active Directory Provider"

      Set objCmd = CreateObject("ADODB.Command")
      Set objCmd.ActiveConnection = ADOConn

      objCmd.CommandText = "SELECT cn, sAMAccountName, mail, givenName, sn, displayName, distinguishedName FROM " & _
            "'LDAP://OU=000555,dc=subDomain,dc=domain,dc=com' WHERE objectClass='user'"

                  ' AND sAMAccountName='userName'"

      set rs = objCmd.Execute


      dim fso, myFile
      set fso = createObject("Scripting.FileSystemObject")
      set myFile = fso.CreateTextFile("c:\ldap.txt", true)


      on error resume next


      do while not rs.eof
            
            myFile.WriteLine("CN: " & rs.fields("cn"))
            myFile.WriteLine("SAMAccountName: " & rs.fields("sAMAccountName"))
            myFile.WriteLine("Email Address: " & rs.fields("mail"))
            myFile.WriteLine("Firstname: " & rs.fields("givenName"))
            myFile.WriteLine("Surname: " & rs.fields("sn"))
            myFile.WriteLine("Display Name: " & rs.Fields("displayName"))
            myFile.WriteLine("DN: " & rs.fields("distinguishedName"))
            Set ou = GetObject("LDAP://OU=" & ParseSubOU(rs.Fields("distinguishedName")) & ",OU=" & ParseOU(rs.Fields("distinguishedName")) & ",DC=hca,DC=corpad,DC=net")
            myFile.WriteLine("OU: " & ParseOU(rs.Fields("distinguishedName")))
            myFile.WriteLine("Sub OU: " & ParseSubOU(rs.Fields("distinguishedName")))
            myFile.WriteLine("Description: " & ou.description)
            myFile.WriteLine("Display Name: " & ou.displayName)
            myFile.WriteLine("----------------------------------------------")


            rs.movenext
      loop





      myFile.Close
      rs.Close
      ADOConn.Close

      Set RS = Nothing
      Set objCmd = Nothing
      Set ADOConn = Nothing

End Sub

wscript.echo("running...")
queryAd
wscript.echo("File has ben saved to c:\ldap.txt")

' *****************************************
N_K_venkatAuthor Commented:
Hi pillbug22,
  Its working fine but it is returning the GUID.i want that only

Thanks
Venkat
gfergusCommented:
Using pillbug's scripting above, you can reference the SID using:

myFile.WriteLine("SID: " & rs.fields("SID"))

Result:
 SID: S-1-5-21-2025429265-1417001333-682003330-3613

Is that what you're after?

Greg
Simplify Active Directory Administration

Administration of Active Directory does not have to be hard.  Too often what should be a simple task is made more difficult than it needs to be.The solution?  Hyena from SystemTools Software.  With ease-of-use as well as powerful importing and bulk updating capabilities.

N_K_venkatAuthor Commented:
Dear gfergus,
 is SID and GUID are same?
N_K_venkatAuthor Commented:
Hi gfergus,
 I changed the code "'LDAP://dc=domain Name' WHERE objectClass='user'"

Insead of 'LDAP://OU=000555,dc=subDomain,dc=domain,dc=com' WHERE objectClass='user'"
(Refer code given by pillbug22). As u said SID returns GUID i have a doubt whether SID and GUID are same.
 Moreover i couldnt get the SID also using the recordset.i want to know whether this is because of the code i changed or not??

Thanks and Regards,
Venkat
pillbug22Commented:
Does the code work as given if all you change is the domain names?


If so, try changing the beginning of the loop:

                      do while not rs.eof
            Set prov = GetObject("LDAP:")
            Set user = prov.OpenDSObject("LDAP://CN=" & rs.Fields("cn") & ",CN=Users,OU=<OU here>,dc=<subDomain>,dc=<domain>,dc=<com/net/whatever>")
            myFile.WriteLine("GUID: " & user.GUID)
                                ...
                                ...
                      loop


I found some code in a book that talks about having to bind to an object in order to get some properties (including GUID) that aren't available when you do a recordset-style query.      

Experts Exchange Solution brought to you by

Your issues matter to us.

Facing a tech roadblock? Get the help and guidance you need from experienced professionals who care. Ask your question anytime, anywhere, with no hassle.

Start your 7-day free trial
gfergusCommented:
Hi N_K_venkat,

Looks like pillbug22 is on the right track. 'user.GUID' would appear to be the correct syntax.

Let us know how it works for you.

PS. Just to rehash a little, why do you need all GUID's in such a hurry anyway? Maybe there's another way of solving the original problem.

Greg
It's more than this solution.Get answers and train to solve all your tech problems - anytime, anywhere.Try it for free Edge Out The Competitionfor your dream job with proven skills and certifications.Get started today Stand Outas the employee with proven skills.Start learning today for free Move Your Career Forwardwith certification training in the latest technologies.Start your trial today
Programming

From novice to tech pro — start learning today.