Solved

Query Active Directory for specific user information

Posted on 2008-10-08
7
878 Views
Last Modified: 2013-12-24
I need to query AD for specific information on about 300 users. I need to find out the following for each - Exchange Sever, Message Store and Exchange Database Name. I have a list of users by FirstName LastName. I realize I may have to get the username to make this easier. I've used Saved Queries before to find Disabled Users but never to find specific info on a specific list of users. This AD structure is very large with over 20 seperate Exchange Servers and 30,000+ users.

Thanks
JT
0
Comment
Question by:fatco
  • 3
  • 2
7 Comments
 
LVL 71

Expert Comment

by:Chris Dent
ID: 22678250

Hmm Firstname and lastname introduces a serious amount of work. We cannot guarantee unique matches on those, do you prefer to aim for getting the username? Or do we go ahead with just those?

I'll pop together some samples in Vb.NET for you to play with.

Chris
0
 
LVL 71

Expert Comment

by:Chris Dent
ID: 22678358

The attached shows how we might use the DirectorySearcher to find users when all we have is the givenName and sN attributes.

The match isn't certain we must use FindAll(), because of the size of the domain we're likely to contend with multiple results for each search.

The attribute that contains the information you're after is "homeMDB". It contains everything, although getting that information out of the string takes a bit of work.

Chris
imports System.DirectoryServices
...
Dim searchFilter As String = "(&(givenName=Chris)(sn=Dent))"
Dim domainRoot As New DirectoryEntry()
Dim ldapSearch As New DirectorySearcher(domainRoot, searchFilter)
ldapSearch.PropertiesToLoad.Add("homeMDB")
Dim ldapSearchResults As SearchResultCollection = ldapSearch.FindAll()
 
Dim ldapSearchResult As SearchResult
For Each ldapSearchResult In ldapSearchResults
   Label1.Text = ldapSearchResult.Properties("homemdb")(0).ToString()
Next

Open in new window

0
 
LVL 71

Accepted Solution

by:
Chris Dent earned 250 total points
ID: 22678405

If you only have one domain you can use the sAMAccountName (pre-Windows 2000 Logon name) as a unique ID.

If you have multiple domains you need something that will be unique across the forest, either userPrincipalName (logon name) or an SMTP address.

This example shows filters build around both, those will allow us to use FindOne().

If you prefer a different language for this please let me know, I can help with VbScript, PowerShell, C# . NET and VB .NET.

Chris
' Using sAMAccountName
Dim searchFilter As String = "(&(sAMAccountName=dentc))"
' Using userPrincipalName
Dim searchFilter = "(&(userPrincipalName=dentc@local.highorbit.co.uk))"
 
Dim domainRoot As New DirectoryEntry()
Dim ldapSearch As New DirectorySearcher(domainRoot, searchFilter)
ldapSearch.PropertiesToLoad.Add("homeMDB")
Dim ldapSearchResult As SearchResult = ldapSearch.FindOne()
 
Label1.Text = ldapSearchResult.Properties("homemdb")(0).ToString()

Open in new window

0
Windows Server 2016: All you need to know

Learn about Hyper-V features that increase functionality and usability of Microsoft Windows Server 2016. Also, throughout this eBook, you’ll find some basic PowerShell examples that will help you leverage the scripts in your environments!

 
LVL 13

Assisted Solution

by:ach_patil
ach_patil earned 250 total points
ID: 22678442
Ok, heres a sample script for you. I wrote this script to create a lost of users created between 2 specific dates. it generates the user's name, email. I have modified for it to display homeMDB attribute which gives you the user Mailbox information.

You will need to change the LDAP path to your OU.

'On Error Resume Next
Set objFSO = CreateObject("Scripting.FileSystemObject")
Set objFile = objFSO.CreateTextFile("c:\UserReports\useroutput.csv")
Dim conn,cmd,RS,dt1,dt2,dt3,dt4,strQuery,OUContainer
 
Wscript.StdOut.Write "Enter Start Date: "
dtstart = Wscript.StdIn.Readline
Wscript.StdOut.Write "Enter End Date: "
dtend = Wscript.StdIn.Readline
 
Set conn=CreateObject("ADODB.Connection")
Set cmd=CreateObject("ADODB.Command")
Set OUContainer=GetObject("LDAP://OU=USERS,DC=domain,DC=com")
'Set myDomain=GetObject("LDAP://"&OUContainer.get("DefaultNamingContext"))
strQuery="Select givenname,sn,displayName,mail,homeMDB,WhenCreated from '" & _
 OUContainer.AdsPath & "' Where objectcategory='person' AND objectclass='user'"  
 
set cat=GetObject("GC:")
 
for each obj In cat
 set GC=obj
Next
 
conn.Provider="ADSDSOObject"
conn.Open "Active Directory Provider"
cmd.ActiveConnection=conn
cmd.Properties("Page Size") = 100
cmd.Properties("asynchronous")=True
cmd.Properties("Timeout") =30
cmd.Properties("Cache Results") = False
cmd.CommandText=strQuery
 
RS=Space(1600)
set RS=cmd.Execute 
'Wscript.Echo " "& dt1 &" , "& dt2 &" "
do While not RS.EOF
If RS.Fields("WhenCreated").Value > CDate(dtstart) AND RS.Fields("WhenCreated").Value <= cDate(dtend) Then
objFile.WriteLine(rs.Fields("displayName")& "," &RS.Fields("givenname")& "," &RS.Fields("sn")& "," &RS.Fields("mail")& "," &RS.Fields("homeMDB")) 
End If
 rs.movenext
Loop
 
rs.Close
objFile.Close
conn.Close

Open in new window

0
 

Author Comment

by:fatco
ID: 22711542
Sorry for the delay and thanks for the suggestions. I posted this question just before taking a few days off so I am just now getting back to it. This is exactly what I am looking for, some examples of scripts to mine out this information. I'll look these over this afternoon and respond.

JT
0
 

Author Closing Comment

by:fatco
ID: 31504307
As I am not highly experienced with running scripts it will take me a little time to work with these but I am confident they will be a good starting point to complete my project. Thanks for the help!
0

Featured Post

Windows Server 2016: All you need to know

Learn about Hyper-V features that increase functionality and usability of Microsoft Windows Server 2016. Also, throughout this eBook, you’ll find some basic PowerShell examples that will help you leverage the scripts in your environments!

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

When it comes to protecting Oracle Database servers and systems, there are a ton of myths out there. Here are the most common.
A company’s centralized system that manages user data, security, and distributed resources is often a focus of criminal attention. Active Directory (AD) is no exception. In truth, it’s even more likely to be targeted due to the number of companies …
The basic steps you have just learned will be implemented in this video. The basic steps are shown to configure an Exchange DAG in a live working Exchange Server Environment and manage the same (Exchange Server 2010 Software is used in a Windows Ser…
To add imagery to an HTML email signature, you have two options available to you. You can either add a logo/image by embedding it directly into the signature or hosting it externally and linking to it. The vast majority of email clients display l…

685 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question