Solved

how to return the LDAP OU name and location for a given user

Posted on 2008-10-13
4
841 Views
Last Modified: 2013-12-24
How can I return the LDAP OU name and location for a given user?

The example below works fine for the currently logged on user.  But I would like pass a user ID and have the script return the OU name a location.

i.e.:
User "MYUserName" exists in:
"OU=MyUserOU,DC=Domain,DC=Local"


On Error Resume Next
 
Set objSysInfo = CreateObject("ADSystemInfo")
 
strUser = objSysInfo.UserName
Set objUser = GetObject("LDAP://" & strUser)
 
Wscript.Echo objUser.AdsPath

Open in new window

0
Comment
Question by:alliedfusion
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
  • 2
  • 2
4 Comments
 
LVL 71

Assisted Solution

by:Chris Dent
Chris Dent earned 50 total points
ID: 22701597
Just a little change :)

The parent method returns the full ADSPath of the objects parent container.

HTH

Chris
On Error Resume Next
 
Set objSysInfo = CreateObject("ADSystemInfo")
 
strUser = objSysInfo.UserName
Set objUser = GetObject("LDAP://" & strUser)
 
Wscript.Echo objUser.Parent

Open in new window

0
 

Accepted Solution

by:
alliedfusion earned 0 total points
ID: 22701794
Thanks Chris,
I am 50% of the way there.

"objuser.parent" gives me the LDAP OU string of the user who is running the script.

I have a spreadsheet filled with user data.  The spread sheet sucessfully creates users, and makes them a member of a security group.

The variable "UserID" is the users logon name.

Using the variable called "UserID".  how do I get the LDAP OU string for that user ID?

I have been trying the following test code without success:
On Error Resume Next
UserID = "JoeB"
 
Set objSysInfo = CreateObject("ADSystemInfo")
 
strUser = objSysInfo.UserID
Set objUser = GetObject("LDAP://" & strUser)
 
Wscript.Echo objUser.Parent

Open in new window

0
 
LVL 71

Expert Comment

by:Chris Dent
ID: 22701987

You'd need to perform a search for the user. I recommend you use PowerShell instead of VbScript. It'll be far less code to worry about, would that be any use?

Chris
0
 

Author Comment

by:alliedfusion
ID: 22703117
Solution was to use the Name Translate functions.

Solution found in part from Google and remainder from Experts Exchange.

Thanks Chris for your help.
' Constants for the NameTranslate object.
Const ADS_NAME_INITTYPE_DOMAIN = 1
Const ADS_NAME_TYPE_NT4 = 3
Const ADS_NAME_TYPE_1179 = 1
 
' Specify NT name. You could also prompt for this, or pass
' the name as a parameter. Or, if you want the DN of the
' current user, you could retrieve this from the WshNetwork object.
strNTName = UserID
MsgBox "strNTName:" & strNTName
 
' Determine DNS domain name from RootDSE object.
Set objRootDSE = GetObject("LDAP://RootDSE")
strDNSDomain = objRootDSE.Get("defaultNamingContext")
 
' Use the NameTranslate object to find the NetBIOS domain name from the
' DNS domain name.
Set objTrans = CreateObject("NameTranslate")
objTrans.Init ADS_NAME_TYPE_NT4, strDNSDomain
objTrans.Set ADS_NAME_TYPE_1179, strDNSDomain
strNetBIOSDomain = objTrans.Get(ADS_NAME_TYPE_NT4)
' Remove trailing backslash.
strNetBIOSDomain = Left(strNetBIOSDomain, Len(strNetBIOSDomain) - 1)
MsgBox "strNetBIOSDomain:" & strNetBIOSDomain
 
' Use the NameTranslate object to convert the NT user name to the
' Distinguished Name required for the LDAP provider.
objTrans.Init ADS_NAME_INITTYPE_DOMAIN, strNetBIOSDomain
objTrans.Set ADS_NAME_TYPE_NT4, strNetBIOSDomain & "\" & strNTName
strUserDN = objTrans.Get(ADS_NAME_TYPE_1179)
 
MsgBox "strUserDN:" & strUserDN
 
' Bind to the user object in Active Directory with the LDAP provider.
Set objUser = GetObject("LDAP://" & strUserDN)
 
'Display just the OU which contains the User object
MsgBox "This is the parent OU: " & objUser.Parent

Open in new window

0

Featured Post

Free Tool: Port Scanner

Check which ports are open to the outside world. Helps make sure that your firewall rules are working as intended.

One of a set of tools we are providing to everyone as a way of saying thank you for being a part of the community.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Auditing domain password hashes is a commonly overlooked but critical requirement to ensuring secure passwords practices are followed. Methods exist to extract hashes directly for a live domain however this article describes a process to extract u…
After seeing many questions for JRNL_WRAP_ERROR for replication failure, I thought it would be useful to write this article.
This tutorial will walk an individual through the process of configuring their Windows Server 2012 domain controller to synchronize its time with a trusted, external resource. Use Google, Bing, or other preferred search engine to locate trusted NTP …
Are you ready to implement Active Directory best practices without reading 300+ pages? You're in luck. In this webinar hosted by Skyport Systems, you gain insight into Microsoft's latest comprehensive guide, with tips on the best and easiest way…

726 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question