Solved

Query Active Directory for specific user information

Posted on 2008-10-08
7
895 Views
Last Modified: 2013-12-24
I need to query AD for specific information on about 300 users. I need to find out the following for each - Exchange Sever, Message Store and Exchange Database Name. I have a list of users by FirstName LastName. I realize I may have to get the username to make this easier. I've used Saved Queries before to find Disabled Users but never to find specific info on a specific list of users. This AD structure is very large with over 20 seperate Exchange Servers and 30,000+ users.

Thanks
JT
0
Comment
Question by:fatco
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
  • 3
  • 2
7 Comments
 
LVL 71

Expert Comment

by:Chris Dent
ID: 22678250

Hmm Firstname and lastname introduces a serious amount of work. We cannot guarantee unique matches on those, do you prefer to aim for getting the username? Or do we go ahead with just those?

I'll pop together some samples in Vb.NET for you to play with.

Chris
0
 
LVL 71

Expert Comment

by:Chris Dent
ID: 22678358

The attached shows how we might use the DirectorySearcher to find users when all we have is the givenName and sN attributes.

The match isn't certain we must use FindAll(), because of the size of the domain we're likely to contend with multiple results for each search.

The attribute that contains the information you're after is "homeMDB". It contains everything, although getting that information out of the string takes a bit of work.

Chris
imports System.DirectoryServices
...
Dim searchFilter As String = "(&(givenName=Chris)(sn=Dent))"
Dim domainRoot As New DirectoryEntry()
Dim ldapSearch As New DirectorySearcher(domainRoot, searchFilter)
ldapSearch.PropertiesToLoad.Add("homeMDB")
Dim ldapSearchResults As SearchResultCollection = ldapSearch.FindAll()
 
Dim ldapSearchResult As SearchResult
For Each ldapSearchResult In ldapSearchResults
   Label1.Text = ldapSearchResult.Properties("homemdb")(0).ToString()
Next

Open in new window

0
 
LVL 71

Accepted Solution

by:
Chris Dent earned 250 total points
ID: 22678405

If you only have one domain you can use the sAMAccountName (pre-Windows 2000 Logon name) as a unique ID.

If you have multiple domains you need something that will be unique across the forest, either userPrincipalName (logon name) or an SMTP address.

This example shows filters build around both, those will allow us to use FindOne().

If you prefer a different language for this please let me know, I can help with VbScript, PowerShell, C# . NET and VB .NET.

Chris
' Using sAMAccountName
Dim searchFilter As String = "(&(sAMAccountName=dentc))"
' Using userPrincipalName
Dim searchFilter = "(&(userPrincipalName=dentc@local.highorbit.co.uk))"
 
Dim domainRoot As New DirectoryEntry()
Dim ldapSearch As New DirectorySearcher(domainRoot, searchFilter)
ldapSearch.PropertiesToLoad.Add("homeMDB")
Dim ldapSearchResult As SearchResult = ldapSearch.FindOne()
 
Label1.Text = ldapSearchResult.Properties("homemdb")(0).ToString()

Open in new window

0
Salesforce Made Easy to Use

On-screen guidance at the moment of need enables you & your employees to focus on the core, you can now boost your adoption rates swiftly and simply with one easy tool.

 
LVL 13

Assisted Solution

by:ach_patil
ach_patil earned 250 total points
ID: 22678442
Ok, heres a sample script for you. I wrote this script to create a lost of users created between 2 specific dates. it generates the user's name, email. I have modified for it to display homeMDB attribute which gives you the user Mailbox information.

You will need to change the LDAP path to your OU.

'On Error Resume Next
Set objFSO = CreateObject("Scripting.FileSystemObject")
Set objFile = objFSO.CreateTextFile("c:\UserReports\useroutput.csv")
Dim conn,cmd,RS,dt1,dt2,dt3,dt4,strQuery,OUContainer
 
Wscript.StdOut.Write "Enter Start Date: "
dtstart = Wscript.StdIn.Readline
Wscript.StdOut.Write "Enter End Date: "
dtend = Wscript.StdIn.Readline
 
Set conn=CreateObject("ADODB.Connection")
Set cmd=CreateObject("ADODB.Command")
Set OUContainer=GetObject("LDAP://OU=USERS,DC=domain,DC=com")
'Set myDomain=GetObject("LDAP://"&OUContainer.get("DefaultNamingContext"))
strQuery="Select givenname,sn,displayName,mail,homeMDB,WhenCreated from '" & _
 OUContainer.AdsPath & "' Where objectcategory='person' AND objectclass='user'"  
 
set cat=GetObject("GC:")
 
for each obj In cat
 set GC=obj
Next
 
conn.Provider="ADSDSOObject"
conn.Open "Active Directory Provider"
cmd.ActiveConnection=conn
cmd.Properties("Page Size") = 100
cmd.Properties("asynchronous")=True
cmd.Properties("Timeout") =30
cmd.Properties("Cache Results") = False
cmd.CommandText=strQuery
 
RS=Space(1600)
set RS=cmd.Execute 
'Wscript.Echo " "& dt1 &" , "& dt2 &" "
do While not RS.EOF
If RS.Fields("WhenCreated").Value > CDate(dtstart) AND RS.Fields("WhenCreated").Value <= cDate(dtend) Then
objFile.WriteLine(rs.Fields("displayName")& "," &RS.Fields("givenname")& "," &RS.Fields("sn")& "," &RS.Fields("mail")& "," &RS.Fields("homeMDB")) 
End If
 rs.movenext
Loop
 
rs.Close
objFile.Close
conn.Close

Open in new window

0
 

Author Comment

by:fatco
ID: 22711542
Sorry for the delay and thanks for the suggestions. I posted this question just before taking a few days off so I am just now getting back to it. This is exactly what I am looking for, some examples of scripts to mine out this information. I'll look these over this afternoon and respond.

JT
0
 

Author Closing Comment

by:fatco
ID: 31504307
As I am not highly experienced with running scripts it will take me a little time to work with these but I am confident they will be a good starting point to complete my project. Thanks for the help!
0

Featured Post

Office 365 Training for IT Pros

Learn how to provision tenants, synchronize on-premise Active Directory, implement Single Sign-On, customize Office deployment, and protect your organization with eDiscovery and DLP policies.  Only from Platform Scholar.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Uncontrolled local administrators groups within any organization pose a huge security risk. Because these groups are locally managed it becomes difficult to audit and maintain them.
Compliance and data security require steps be taken to prevent unauthorized users from copying data.  Here's one method to prevent data theft via USB drives (and writable optical media).
The video tutorial explains the basics of the Exchange server Database Availability groups. The components of this video include: 1. Automatic Failover 2. Failover Clustering 3. Active Manager
This video shows how to quickly and easily add an email signature for all users on Exchange 2016. The resulting signature is applied on a server level by Exchange Online. The email signature template has been downloaded from: www.mail-signatures…

630 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question