Link to home
Create AccountLog in
Avatar of The_Waltzing_Shark
The_Waltzing_Shark

asked on

VBS Script to extract users login script in Ad by AD group Membership

Hi

I have the following VBS script that someone posted on here a while back and would like to add a field that tell me what the login script is for each user of a certain group.
The script first asks for the AD group name then outputs their display name and Logon name to C:\  
I would like to add the users profile path and login script to this as the each user has their own login script for some reason.

The script is as below

'Script begins here
Dim objGroup, objUser, objFSO, objFile, strDomain, strGroup, Domain, Group
'Change DomainName to the name of the domain the group is In
'strDomain = Inputbox ("Enter the Domain name", "Data needed", "Default domain name")
'Change GroupName to the name of the group whose members you want to export
strGroup = InputBox ("Enter the Group name", "Data needed", "Default group name")
Set objFSO = CreateObject("Scripting.FileSystemObject")
'On the next line change the name and path of the file that export data will be written to.
Set objFile = objFSO.CreateTextFile("C:\" & strGroup & " - Members.txt")
strGroupDN = Get_LDAP_User_Properties("group", "name", strGroup, "distinguishedName")
If InStr(UCase(strGroupDN), "CN=") > 0 Then
      'Set objGroup = GetObject("WinNT://" & strDomain & "/" & strGroup & ",group")
      Set objGroup = GetObject("LDAP://" & strGroupDN)
      For Each objUser In objGroup.Members
'          objFile.WriteLine objUser.Name & " - " & objUser.Class
          objFile.WriteLine "Display Name: " & objUser.DisplayName
            objFile.WriteLine "Logon Name: " & objUser.sAMAccountname
'            objFile.WriteLine "Title: " & objUser.Title
'            objFile.WriteLine "Department: " & objUser.Department
'            objFile.WriteLine "Company: " & objUser.Company
'            objFile.WriteLine "Telephone: " & objUser.TelephoneNumber
'            objFile.WriteLine "Office " & objUser.physicalDeliveryOfficeName
'            objFile.WriteLine "EMail: " & objUser.mail
            objFile.WriteLine ""
      Next
      objFile.Close
      Set objFile = Nothing
      Set objFSO = Nothing
      Set objUser = Nothing
      Set objGroup = Nothing
Else
      WScript.Echo "Could not find distinguished name for " & strGroup
End If
Wscript.Echo "Done"
Wscript.Echo "Please check the c: for your output file"
 
Function Get_LDAP_User_Properties(strObjectType, strSearchField, strObjectToGet, strCommaDelimProps)
     
      ' This is a custom function that connects to the Active Directory, and returns the specific
      ' Active Directory attribute value, of a specific Object.
      ' strObjectType: usually "User" or "Computer"
      ' strSearchField: the field by which to seach the AD by. This acts like an SQL Query's WHERE clause.
      '                        It filters the results by the value of strObjectToGet
      ' strObjectToGet: the value by which the results are filtered by, according the strSearchField.
      '                        For example, if you are searching based on the user account name, strSearchField
      '                        would be "samAccountName", and strObjectToGet would be that speicific account name,
      '                        such as "jsmith".  This equates to "WHERE 'samAccountName' = 'jsmith'"
      '      strCommaDelimProps: the field from the object to actually return.  For example, if you wanted
      '                        the home folder path, as defined by the AD, for a specific user, this would be
      '                        "homeDirectory".  If you want to return the ADsPath so that you can bind to that
      '                        user and get your own parameters from them, then use "ADsPath" as a return string,
      '                        then bind to the user: Set objUser = GetObject("LDAP://" & strReturnADsPath)
     
      ' Now we're checking if the user account passed may have a domain already specified,
      ' in which case we connect to that domain in AD, instead of the default one.
      If InStr(strObjectToGet, "\") > 0 Then
            arrGroupBits = Split(strObjectToGet, "\")
            strDC = arrGroupBits(0)
            strDNSDomain = strDC & "/" & "DC=" & Replace(Mid(strDC, InStr(strDC, ".") + 1), ".", ",DC=")
            strObjectToGet = arrGroupBits(1)
      Else
      ' Otherwise we just connect to the default domain
            Set objRootDSE = GetObject("LDAP://RootDSE")
            strDNSDomain = objRootDSE.Get("defaultNamingContext")
      End If
 
      strBase = "<LDAP://" & strDNSDomain & ">"
      ' Setup ADO objects.
      Set adoCommand = CreateObject("ADODB.Command")
      Set adoConnection = CreateObject("ADODB.Connection")
      adoConnection.Provider = "ADsDSOObject"
      adoConnection.Open "Active Directory Provider"
      adoCommand.ActiveConnection = adoConnection
 
 
      ' Filter on user objects.
      'strFilter = "(&(objectCategory=person)(objectClass=user))"
      strFilter = "(&(objectClass=" & strObjectType & ")(" & strSearchField & "=" & strObjectToGet & "))"
 
      ' Comma delimited list of attribute values to retrieve.
      strAttributes = strCommaDelimProps
      arrProperties = Split(strCommaDelimProps, ",")
 
      ' Construct the LDAP syntax query.
      strQuery = strBase & ";" & strFilter & ";" & strAttributes & ";subtree"
      'InputBox "Prompt", "Title", strQuery
      adoCommand.CommandText = strQuery
      ' Define the maximum records to return
      adoCommand.Properties("Page Size") = 100
      adoCommand.Properties("Timeout") = 30
      adoCommand.Properties("Cache Results") = False
 
      ' Run the query.
      Set adoRecordset = adoCommand.Execute
      ' Enumerate the resulting recordset.
      strReturnVal = ""
      Do Until adoRecordset.EOF
          ' Retrieve values and display.    
          For intCount = LBound(arrProperties) To UBound(arrProperties)
                If strReturnVal = "" Then
                      strReturnVal = adoRecordset.Fields(intCount).Value
                Else
                      strReturnVal = strReturnVal & VbCrLf & adoRecordset.Fields(intCount).Value
                End If
          Next
          ' Move to the next record in the recordset.
          adoRecordset.MoveNext
      Loop
 
      ' Clean up.
      adoRecordset.Close
      adoConnection.Close
      Get_LDAP_User_Properties = strReturnVal
 
End Function


Thanks in advance
Avatar of The_Waltzing_Shark
The_Waltzing_Shark

ASKER

.
ASKER CERTIFIED SOLUTION
Avatar of exx1976
exx1976
Flag of United States of America image

Link to home
membership
Create a free account to see this answer
Signing up is free and takes 30 seconds. No credit card required.
See answer
thats Brillaint, works a treat.

You're a legend, thnaks very much.
Thank you for this, much appreciated