The_Waltzing_Shark
asked on
VBS Script to extract users login script in Ad by AD group Membership
Hi
I have the following VBS script that someone posted on here a while back and would like to add a field that tell me what the login script is for each user of a certain group.
The script first asks for the AD group name then outputs their display name and Logon name to C:\
I would like to add the users profile path and login script to this as the each user has their own login script for some reason.
The script is as below
'Script begins here
Dim objGroup, objUser, objFSO, objFile, strDomain, strGroup, Domain, Group
'Change DomainName to the name of the domain the group is In
'strDomain = Inputbox ("Enter the Domain name", "Data needed", "Default domain name")
'Change GroupName to the name of the group whose members you want to export
strGroup = InputBox ("Enter the Group name", "Data needed", "Default group name")
Set objFSO = CreateObject("Scripting.Fi leSystemOb ject")
'On the next line change the name and path of the file that export data will be written to.
Set objFile = objFSO.CreateTextFile("C:\ " & strGroup & " - Members.txt")
strGroupDN = Get_LDAP_User_Properties(" group", "name", strGroup, "distinguishedName")
If InStr(UCase(strGroupDN), "CN=") > 0 Then
'Set objGroup = GetObject("WinNT://" & strDomain & "/" & strGroup & ",group")
Set objGroup = GetObject("LDAP://" & strGroupDN)
For Each objUser In objGroup.Members
' objFile.WriteLine objUser.Name & " - " & objUser.Class
objFile.WriteLine "Display Name: " & objUser.DisplayName
objFile.WriteLine "Logon Name: " & objUser.sAMAccountname
' objFile.WriteLine "Title: " & objUser.Title
' objFile.WriteLine "Department: " & objUser.Department
' objFile.WriteLine "Company: " & objUser.Company
' objFile.WriteLine "Telephone: " & objUser.TelephoneNumber
' objFile.WriteLine "Office " & objUser.physicalDeliveryOf ficeName
' objFile.WriteLine "EMail: " & objUser.mail
objFile.WriteLine ""
Next
objFile.Close
Set objFile = Nothing
Set objFSO = Nothing
Set objUser = Nothing
Set objGroup = Nothing
Else
WScript.Echo "Could not find distinguished name for " & strGroup
End If
Wscript.Echo "Done"
Wscript.Echo "Please check the c: for your output file"
Function Get_LDAP_User_Properties(s trObjectTy pe, strSearchField, strObjectToGet, strCommaDelimProps)
' This is a custom function that connects to the Active Directory, and returns the specific
' Active Directory attribute value, of a specific Object.
' strObjectType: usually "User" or "Computer"
' strSearchField: the field by which to seach the AD by. This acts like an SQL Query's WHERE clause.
' It filters the results by the value of strObjectToGet
' strObjectToGet: the value by which the results are filtered by, according the strSearchField.
' For example, if you are searching based on the user account name, strSearchField
' would be "samAccountName", and strObjectToGet would be that speicific account name,
' such as "jsmith". This equates to "WHERE 'samAccountName' = 'jsmith'"
' strCommaDelimProps: the field from the object to actually return. For example, if you wanted
' the home folder path, as defined by the AD, for a specific user, this would be
' "homeDirectory". If you want to return the ADsPath so that you can bind to that
' user and get your own parameters from them, then use "ADsPath" as a return string,
' then bind to the user: Set objUser = GetObject("LDAP://" & strReturnADsPath)
' Now we're checking if the user account passed may have a domain already specified,
' in which case we connect to that domain in AD, instead of the default one.
If InStr(strObjectToGet, "\") > 0 Then
arrGroupBits = Split(strObjectToGet, "\")
strDC = arrGroupBits(0)
strDNSDomain = strDC & "/" & "DC=" & Replace(Mid(strDC, InStr(strDC, ".") + 1), ".", ",DC=")
strObjectToGet = arrGroupBits(1)
Else
' Otherwise we just connect to the default domain
Set objRootDSE = GetObject("LDAP://RootDSE" )
strDNSDomain = objRootDSE.Get("defaultNam ingContext ")
End If
strBase = "<LDAP://" & strDNSDomain & ">"
' Setup ADO objects.
Set adoCommand = CreateObject("ADODB.Comman d")
Set adoConnection = CreateObject("ADODB.Connec tion")
adoConnection.Provider = "ADsDSOObject"
adoConnection.Open "Active Directory Provider"
adoCommand.ActiveConnectio n = adoConnection
' Filter on user objects.
'strFilter = "(&(objectCategory=person) (objectCla ss=user))"
strFilter = "(&(objectClass=" & strObjectType & ")(" & strSearchField & "=" & strObjectToGet & "))"
' Comma delimited list of attribute values to retrieve.
strAttributes = strCommaDelimProps
arrProperties = Split(strCommaDelimProps, ",")
' Construct the LDAP syntax query.
strQuery = strBase & ";" & strFilter & ";" & strAttributes & ";subtree"
'InputBox "Prompt", "Title", strQuery
adoCommand.CommandText = strQuery
' Define the maximum records to return
adoCommand.Properties("Pag e Size") = 100
adoCommand.Properties("Tim eout") = 30
adoCommand.Properties("Cac he Results") = False
' Run the query.
Set adoRecordset = adoCommand.Execute
' Enumerate the resulting recordset.
strReturnVal = ""
Do Until adoRecordset.EOF
' Retrieve values and display.
For intCount = LBound(arrProperties) To UBound(arrProperties)
If strReturnVal = "" Then
strReturnVal = adoRecordset.Fields(intCou nt).Value
Else
strReturnVal = strReturnVal & VbCrLf & adoRecordset.Fields(intCou nt).Value
End If
Next
' Move to the next record in the recordset.
adoRecordset.MoveNext
Loop
' Clean up.
adoRecordset.Close
adoConnection.Close
Get_LDAP_User_Properties = strReturnVal
End Function
Thanks in advance
I have the following VBS script that someone posted on here a while back and would like to add a field that tell me what the login script is for each user of a certain group.
The script first asks for the AD group name then outputs their display name and Logon name to C:\
I would like to add the users profile path and login script to this as the each user has their own login script for some reason.
The script is as below
'Script begins here
Dim objGroup, objUser, objFSO, objFile, strDomain, strGroup, Domain, Group
'Change DomainName to the name of the domain the group is In
'strDomain = Inputbox ("Enter the Domain name", "Data needed", "Default domain name")
'Change GroupName to the name of the group whose members you want to export
strGroup = InputBox ("Enter the Group name", "Data needed", "Default group name")
Set objFSO = CreateObject("Scripting.Fi
'On the next line change the name and path of the file that export data will be written to.
Set objFile = objFSO.CreateTextFile("C:\
strGroupDN = Get_LDAP_User_Properties("
If InStr(UCase(strGroupDN), "CN=") > 0 Then
'Set objGroup = GetObject("WinNT://" & strDomain & "/" & strGroup & ",group")
Set objGroup = GetObject("LDAP://" & strGroupDN)
For Each objUser In objGroup.Members
' objFile.WriteLine objUser.Name & " - " & objUser.Class
objFile.WriteLine "Display Name: " & objUser.DisplayName
objFile.WriteLine "Logon Name: " & objUser.sAMAccountname
' objFile.WriteLine "Title: " & objUser.Title
' objFile.WriteLine "Department: " & objUser.Department
' objFile.WriteLine "Company: " & objUser.Company
' objFile.WriteLine "Telephone: " & objUser.TelephoneNumber
' objFile.WriteLine "Office " & objUser.physicalDeliveryOf
' objFile.WriteLine "EMail: " & objUser.mail
objFile.WriteLine ""
Next
objFile.Close
Set objFile = Nothing
Set objFSO = Nothing
Set objUser = Nothing
Set objGroup = Nothing
Else
WScript.Echo "Could not find distinguished name for " & strGroup
End If
Wscript.Echo "Done"
Wscript.Echo "Please check the c: for your output file"
Function Get_LDAP_User_Properties(s
' This is a custom function that connects to the Active Directory, and returns the specific
' Active Directory attribute value, of a specific Object.
' strObjectType: usually "User" or "Computer"
' strSearchField: the field by which to seach the AD by. This acts like an SQL Query's WHERE clause.
' It filters the results by the value of strObjectToGet
' strObjectToGet: the value by which the results are filtered by, according the strSearchField.
' For example, if you are searching based on the user account name, strSearchField
' would be "samAccountName", and strObjectToGet would be that speicific account name,
' such as "jsmith". This equates to "WHERE 'samAccountName' = 'jsmith'"
' strCommaDelimProps: the field from the object to actually return. For example, if you wanted
' the home folder path, as defined by the AD, for a specific user, this would be
' "homeDirectory". If you want to return the ADsPath so that you can bind to that
' user and get your own parameters from them, then use "ADsPath" as a return string,
' then bind to the user: Set objUser = GetObject("LDAP://" & strReturnADsPath)
' Now we're checking if the user account passed may have a domain already specified,
' in which case we connect to that domain in AD, instead of the default one.
If InStr(strObjectToGet, "\") > 0 Then
arrGroupBits = Split(strObjectToGet, "\")
strDC = arrGroupBits(0)
strDNSDomain = strDC & "/" & "DC=" & Replace(Mid(strDC, InStr(strDC, ".") + 1), ".", ",DC=")
strObjectToGet = arrGroupBits(1)
Else
' Otherwise we just connect to the default domain
Set objRootDSE = GetObject("LDAP://RootDSE"
strDNSDomain = objRootDSE.Get("defaultNam
End If
strBase = "<LDAP://" & strDNSDomain & ">"
' Setup ADO objects.
Set adoCommand = CreateObject("ADODB.Comman
Set adoConnection = CreateObject("ADODB.Connec
adoConnection.Provider = "ADsDSOObject"
adoConnection.Open "Active Directory Provider"
adoCommand.ActiveConnectio
' Filter on user objects.
'strFilter = "(&(objectCategory=person)
strFilter = "(&(objectClass=" & strObjectType & ")(" & strSearchField & "=" & strObjectToGet & "))"
' Comma delimited list of attribute values to retrieve.
strAttributes = strCommaDelimProps
arrProperties = Split(strCommaDelimProps, ",")
' Construct the LDAP syntax query.
strQuery = strBase & ";" & strFilter & ";" & strAttributes & ";subtree"
'InputBox "Prompt", "Title", strQuery
adoCommand.CommandText = strQuery
' Define the maximum records to return
adoCommand.Properties("Pag
adoCommand.Properties("Tim
adoCommand.Properties("Cac
' Run the query.
Set adoRecordset = adoCommand.Execute
' Enumerate the resulting recordset.
strReturnVal = ""
Do Until adoRecordset.EOF
' Retrieve values and display.
For intCount = LBound(arrProperties) To UBound(arrProperties)
If strReturnVal = "" Then
strReturnVal = adoRecordset.Fields(intCou
Else
strReturnVal = strReturnVal & VbCrLf & adoRecordset.Fields(intCou
End If
Next
' Move to the next record in the recordset.
adoRecordset.MoveNext
Loop
' Clean up.
adoRecordset.Close
adoConnection.Close
Get_LDAP_User_Properties = strReturnVal
End Function
Thanks in advance
ASKER CERTIFIED SOLUTION
membership
Create a free account to see this answer
Signing up is free and takes 30 seconds. No credit card required.
ASKER
thats Brillaint, works a treat.
You're a legend, thnaks very much.
You're a legend, thnaks very much.
ASKER
Thank you for this, much appreciated
ASKER