Solved

how to return the LDAP OU name and location for a given user

Posted on 2008-10-13
4
833 Views
Last Modified: 2013-12-24
How can I return the LDAP OU name and location for a given user?

The example below works fine for the currently logged on user.  But I would like pass a user ID and have the script return the OU name a location.

i.e.:
User "MYUserName" exists in:
"OU=MyUserOU,DC=Domain,DC=Local"


On Error Resume Next
 

Set objSysInfo = CreateObject("ADSystemInfo")
 

strUser = objSysInfo.UserName

Set objUser = GetObject("LDAP://" & strUser)
 

Wscript.Echo objUser.AdsPath

Open in new window

0
Comment
Question by:alliedfusion
  • 2
  • 2
4 Comments
 
LVL 70

Assisted Solution

by:Chris Dent
Chris Dent earned 50 total points
Comment Utility
Just a little change :)

The parent method returns the full ADSPath of the objects parent container.

HTH

Chris
On Error Resume Next

 

Set objSysInfo = CreateObject("ADSystemInfo")

 

strUser = objSysInfo.UserName

Set objUser = GetObject("LDAP://" & strUser)

 

Wscript.Echo objUser.Parent

Open in new window

0
 

Accepted Solution

by:
alliedfusion earned 0 total points
Comment Utility
Thanks Chris,
I am 50% of the way there.

"objuser.parent" gives me the LDAP OU string of the user who is running the script.

I have a spreadsheet filled with user data.  The spread sheet sucessfully creates users, and makes them a member of a security group.

The variable "UserID" is the users logon name.

Using the variable called "UserID".  how do I get the LDAP OU string for that user ID?

I have been trying the following test code without success:
On Error Resume Next

UserID = "JoeB"

 

Set objSysInfo = CreateObject("ADSystemInfo")

 

strUser = objSysInfo.UserID

Set objUser = GetObject("LDAP://" & strUser)

 

Wscript.Echo objUser.Parent

Open in new window

0
 
LVL 70

Expert Comment

by:Chris Dent
Comment Utility

You'd need to perform a search for the user. I recommend you use PowerShell instead of VbScript. It'll be far less code to worry about, would that be any use?

Chris
0
 

Author Comment

by:alliedfusion
Comment Utility
Solution was to use the Name Translate functions.

Solution found in part from Google and remainder from Experts Exchange.

Thanks Chris for your help.
' Constants for the NameTranslate object.

Const ADS_NAME_INITTYPE_DOMAIN = 1

Const ADS_NAME_TYPE_NT4 = 3

Const ADS_NAME_TYPE_1179 = 1
 

' Specify NT name. You could also prompt for this, or pass

' the name as a parameter. Or, if you want the DN of the

' current user, you could retrieve this from the WshNetwork object.

strNTName = UserID

MsgBox "strNTName:" & strNTName
 

' Determine DNS domain name from RootDSE object.

Set objRootDSE = GetObject("LDAP://RootDSE")

strDNSDomain = objRootDSE.Get("defaultNamingContext")
 

' Use the NameTranslate object to find the NetBIOS domain name from the

' DNS domain name.

Set objTrans = CreateObject("NameTranslate")

objTrans.Init ADS_NAME_TYPE_NT4, strDNSDomain

objTrans.Set ADS_NAME_TYPE_1179, strDNSDomain

strNetBIOSDomain = objTrans.Get(ADS_NAME_TYPE_NT4)

' Remove trailing backslash.

strNetBIOSDomain = Left(strNetBIOSDomain, Len(strNetBIOSDomain) - 1)

MsgBox "strNetBIOSDomain:" & strNetBIOSDomain
 

' Use the NameTranslate object to convert the NT user name to the

' Distinguished Name required for the LDAP provider.

objTrans.Init ADS_NAME_INITTYPE_DOMAIN, strNetBIOSDomain

objTrans.Set ADS_NAME_TYPE_NT4, strNetBIOSDomain & "\" & strNTName

strUserDN = objTrans.Get(ADS_NAME_TYPE_1179)
 

MsgBox "strUserDN:" & strUserDN
 

' Bind to the user object in Active Directory with the LDAP provider.

Set objUser = GetObject("LDAP://" & strUserDN)
 

'Display just the OU which contains the User object

MsgBox "This is the parent OU: " & objUser.Parent

Open in new window

0

Featured Post

What Should I Do With This Threat Intelligence?

Are you wondering if you actually need threat intelligence? The answer is yes. We explain the basics for creating useful threat intelligence.

Join & Write a Comment

Resolve DNS query failed errors for Exchange
Disabling the Directory Sync Service Account in Office 365 will stop directory synchronization from working.
This tutorial will walk an individual through the steps necessary to join and promote the first Windows Server 2012 domain controller into an Active Directory environment running on Windows Server 2008. Determine the location of the FSMO roles by lo…
This tutorial will walk an individual through the process of configuring their Windows Server 2012 domain controller to synchronize its time with a trusted, external resource. Use Google, Bing, or other preferred search engine to locate trusted NTP …

744 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

20 Experts available now in Live!

Get 1:1 Help Now