Solved

How can I list all smtp addresses for a user including group smtp addresses?

Posted on 2009-04-03
15
279 Views
Last Modified: 2012-05-06
How can I list all smtp addresses for a user including group smtp addresses?
I have Exchange 2003 on a Windows 2003 server within a Windows 2003 Active Directory environment.

I need a script if possible as I need to run this for every user in the domain. Approx 100 users.

Thanks
0
Comment
Question by:mepack
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
  • 7
  • 7
15 Comments
 
LVL 16

Expert Comment

by:speshalyst
ID: 24059037
0
 

Author Comment

by:mepack
ID: 24059061
I need to return the Group SMTP addresses for the user as well as the primary and secondary SMTP addresses.

Thanks
0
 
LVL 27

Expert Comment

by:bluntTony
ID: 24059112
The below script would do what you need. Call it via cscript and you can pipe to a text file, e.g.
cscript list_smtp.vbs > results.txt
It'll go through every user in the domain, list all the smtp addresses, then all the smtp addresses associated with groups the user is a member of. It's going to give you a lot of output but it gives you what you asked for. Let me know if you need me to modify to make more user friendly. I've knocked it together quickly so it's a bit basic at the moment....
You shouldn't need to change any of the code.

Set oRootDSE = GetObject("LDAP://RootDSE")
strBase   =  "<LDAP://" & oRootDSE.get("defaultNamingContext") & ">;"
strFilter = "(&(objectclass=user)(objectcategory=person));" 
strAttrs  = "distinguishedName;"
strScope  = "subtree"
 
Set objConn = CreateObject("ADODB.Connection")
objConn.Provider = "ADsDSOObject"
objConn.Open "Active Directory Provider"
Set objRS = objConn.Execute(strBase & strFilter & strAttrs & strScope)
 
objRS.MoveFirst
While Not objRS.EOF
	Set objUser = GetObject("LDAP://" & objRS.Fields(0).Value)
	WScript.Echo "Listing Email Addresses For " & objUser.cn & "................................................"
	listEmail objUser.distinguishedName
	
	'Get group membership and list emails...
	If IsEmpty(objUser.memberOf) Then
		'Do nothing...
	ElseIf (TypeName(objUser.memberOf) = "String") Then
		WScript.Echo objUser.cn & " is a member of " & objUser.memberOf
		listEmail objUser.memberOf 
	Else
		For Each groupDN In objUser.memberOf
			WScript.Echo objUser.cn & " is a member of " & groupDN
			listEmail groupDN
		Next
	End If
    objRS.MoveNext
Wend
 
 
 
Sub listEmail(objDN)
Set obj = GetObject("LDAP://" & objDN)
If IsEmpty(obj.proxyAddresses) Then
	'Member of no groups.
ElseIf (TypeName(obj.proxyAddresses) = "String") Then
	'Member of 1 group
	If UCase(Left(obj.proxyAddresses,4)) = "SMTP" Then WScript.Echo obj.proxyAddresses
Else
	'Member of >1 groups
	For Each proxyAdd In obj.proxyAddresses
		If UCase(Left(proxyAdd,4)) = "SMTP" Then WScript.Echo proxyAdd
	Next
End If
End Sub

Open in new window

0
Has Powershell sent you back into the Stone Age?

If managing Active Directory using Windows Powershell® is making you feel like you stepped back in time, you are not alone.  For nearly 20 years, AD admins around the world have used one tool for day-to-day AD management: Hyena. Discover why.

 

Author Comment

by:mepack
ID: 24059169
Thanks Tony..
Is there anyway you can get the script to select only Mail enabled groups?

Thanks
0
 
LVL 27

Expert Comment

by:bluntTony
ID: 24059328
Try this....
(should only output the groups with 1 or more email addresses...)

Set oRootDSE = GetObject("LDAP://RootDSE")
strBase   =  "<LDAP://" & oRootDSE.get("defaultNamingContext") & ">;"
strFilter = "(&(objectclass=user)(objectcategory=person));" 
strAttrs  = "distinguishedName;"
strScope  = "subtree"
 
Set objConn = CreateObject("ADODB.Connection")
objConn.Provider = "ADsDSOObject"
objConn.Open "Active Directory Provider"
Set objRS = objConn.Execute(strBase & strFilter & strAttrs & strScope)
 
objRS.MoveFirst
While Not objRS.EOF
	Set objUser = GetObject("LDAP://" & objRS.Fields(0).Value)
	WScript.Echo "Listing Email Addresses For " & objUser.cn & "................................................"
	listEmail objUser.distinguishedName
	
	'Get group membership and list emails...
	If IsEmpty(objUser.memberOf) Then
		'Do nothing...
	ElseIf (TypeName(objUser.memberOf) = "String") Then
		listEmail objUser.memberOf 
	Else
		For Each groupDN In objUser.memberOf
			listEmail groupDN
		Next
	End If
    objRS.MoveNext
Wend
 
 
 
Sub listEmail(objDN)
Set obj = GetObject("LDAP://" & objDN)
If IsEmpty(obj.proxyAddresses) Then
	'Member of no groups.
ElseIf (TypeName(obj.proxyAddresses) = "String") Then
	WScript.Echo objUser.cn & " is a member of " & objDN
	If UCase(Left(obj.proxyAddresses,4)) = "SMTP" Then WScript.Echo obj.proxyAddresses
Else
	'Member of >1 groups
	WScript.Echo objUser.cn & " is a member of " & objDN
	For Each proxyAdd In obj.proxyAddresses
		If UCase(Left(proxyAdd,4)) = "SMTP" Then WScript.Echo proxyAdd
	Next
End If
End Sub

Open in new window

0
 

Author Comment

by:mepack
ID: 24060706
Tony..
Script is returning the correct values except it errors on a particular user everytime with the following message..
list_smtp.vbs(14, 2) (null): 0x80005000

Thanks
0
 
LVL 27

Expert Comment

by:bluntTony
ID: 24061067
What is the name (CN) of the user it is failing on (as it is displayed in AD Users & Computers)? Does it have any special characters in it?
0
 

Author Comment

by:mepack
ID: 24061138
cn=RedhatPrint
0
 
LVL 27

Expert Comment

by:bluntTony
ID: 24061589
Seems strange that it would fail on one particular user. What sort of account is this? It's like the distinguishedName attribute is null or malformed?
Whats the actual distinguishedName attribute? Check in ADSIEDIT.msc and let us know. I'm leaving the office now but I'll check tomorrow.
Tony
0
 

Author Comment

by:mepack
ID: 24062151
Tony..
distinguishedName attribute =
CN=RedhatPrint,OU=System Accounts,OU=Users,OU=MELDOM,DC=domain,DC=com
Thanks
0
 
LVL 27

Expert Comment

by:bluntTony
ID: 24067770
Actually it can't be this user it's failing on. It must be the next one after this, as the echo statement is after the LDAP connection. I've added some error trapping to the code it will enable the script to continue in the event of a failed connection, and will return any error codes, and the offending DN.
Let me know what the error generated is.
Thanks,
Tony

Set oRootDSE = GetObject("LDAP://RootDSE")
strBase   =  "<LDAP://" & oRootDSE.get("defaultNamingContext") & ">;"
strFilter = "(&(objectclass=user)(objectcategory=person));" 
strAttrs  = "distinguishedName;"
strScope  = "subtree"
 
Set objConn = CreateObject("ADODB.Connection")
objConn.Provider = "ADsDSOObject"
objConn.Open "Active Directory Provider"
Set objRS = objConn.Execute(strBase & strFilter & strAttrs & strScope)
 
objRS.MoveFirst
While Not objRS.EOF
	If objRS.Fields(0).Value <> "" Then
		On Error Resume Next
		Set objUser = GetObject("LDAP://" & objRS.Fields(0).Value)
		If Err.Number <> 0 Then
			WScript.Echo "!!!!ERROR binding to object with the DN : " & objRS.Fields(0).Value
			WScript.Echo "Error : " & Err.Number & " - " & Err.Description
			Err.Clear
		End If
		On Error Goto 0
		WScript.Echo ""
		WScript.Echo "Listing Email Addresses For " & objUser.cn & "................................................"
		listEmail objUser.distinguishedName
		
		'Get group membership and list emails...
		If IsEmpty(objUser.memberOf) Then
			'Do nothing...
		ElseIf (TypeName(objUser.memberOf) = "String") Then
			listEmail objUser.memberOf 
		Else
			For Each groupDN In objUser.memberOf
				listEmail groupDN
			Next
		End If
	    objRS.MoveNext
	Else
		WScript.Echo "!!!!ERROR Query result with no DN!!"
	End if
Wend
 
 
 
Sub listEmail(objDN)
Set obj = GetObject("LDAP://" & objDN)
If IsEmpty(obj.proxyAddresses) Then
	'Member of no groups.
ElseIf (TypeName(obj.proxyAddresses) = "String") Then
	WScript.Echo objUser.cn & " is a member of " & objDN
	If UCase(Left(obj.proxyAddresses,4)) = "SMTP" Then WScript.Echo obj.proxyAddresses
Else
	'Member of >1 groups
	WScript.Echo objUser.cn & " is a member of " & objDN
	For Each proxyAdd In obj.proxyAddresses
		If UCase(Left(proxyAdd,4)) = "SMTP" Then WScript.Echo proxyAdd
	Next
End If
End Sub

Open in new window

0
 
LVL 27

Expert Comment

by:bluntTony
ID: 24067775
Actually, scrub that - use this code (bad day!)
Set oRootDSE = GetObject("LDAP://RootDSE")
strBase   =  "<LDAP://" & oRootDSE.get("defaultNamingContext") & ">;"
strFilter = "(&(objectclass=user)(objectcategory=person));" 
strAttrs  = "distinguishedName;"
strScope  = "subtree"
 
Set objConn = CreateObject("ADODB.Connection")
objConn.Provider = "ADsDSOObject"
objConn.Open "Active Directory Provider"
Set objRS = objConn.Execute(strBase & strFilter & strAttrs & strScope)
 
objRS.MoveFirst
While Not objRS.EOF
	If objRS.Fields(0).Value <> "" Then
		On Error Resume Next
		Set objUser = GetObject("LDAP://" & objRS.Fields(0).Value)
		If Err.Number <> 0 Then
			WScript.Echo "!!!!ERROR binding to object with the DN : " & objRS.Fields(0).Value
			WScript.Echo "Error : " & Err.Number & " - " & Err.Description
			Err.Clear
		Else
			On Error Goto 0
			WScript.Echo ""
			WScript.Echo "Listing Email Addresses For " & objUser.cn & "................................................"
			listEmail objUser.distinguishedName
			
			'Get group membership and list emails...
			If IsEmpty(objUser.memberOf) Then
				'Do nothing...
			ElseIf (TypeName(objUser.memberOf) = "String") Then
				listEmail objUser.memberOf 
			Else
				For Each groupDN In objUser.memberOf
					listEmail groupDN
				Next
			End If
		    objRS.MoveNext
	    End If
	Else
		WScript.Echo "!!!!ERROR Query result with no DN!!"
	End if
Wend
 
 
 
Sub listEmail(objDN)
Set obj = GetObject("LDAP://" & objDN)
If IsEmpty(obj.proxyAddresses) Then
	'Member of no groups.
ElseIf (TypeName(obj.proxyAddresses) = "String") Then
	WScript.Echo objUser.cn & " is a member of " & objDN
	If UCase(Left(obj.proxyAddresses,4)) = "SMTP" Then WScript.Echo obj.proxyAddresses
Else
	'Member of >1 groups
	WScript.Echo objUser.cn & " is a member of " & objDN
	For Each proxyAdd In obj.proxyAddresses
		If UCase(Left(proxyAdd,4)) = "SMTP" Then WScript.Echo proxyAdd
	Next
End If
End Sub

Open in new window

0
 

Author Comment

by:mepack
ID: 24075768
Tony,

!!!!ERROR binding to object with the DN : CN=Burning / Feedback,OU=System Accounts,OU=Users,OU=MELDOM,DC=domain,DC=com

Thanks
0
 
LVL 27

Accepted Solution

by:
bluntTony earned 500 total points
ID: 24076642
Try this...
The above DN has a special character '/' in it which has to be escaped with a preceeding '\'. The below code now does this for you.

Set oRootDSE = GetObject("LDAP://RootDSE")
strBase   =  "<LDAP://" & oRootDSE.get("defaultNamingContext") & ">;"
strFilter = "(&(objectclass=user)(objectcategory=person));" 
strAttrs  = "distinguishedName;"
strScope  = "subtree"
 
Set objConn = CreateObject("ADODB.Connection")
objConn.Provider = "ADsDSOObject"
objConn.Open "Active Directory Provider"
Set objRS = objConn.Execute(strBase & strFilter & strAttrs & strScope)
 
objRS.MoveFirst
While Not objRS.EOF
	If objRS.Fields(0).Value <> "" Then
		On Error Resume Next
		Set objUser = GetObject("LDAP://" & Replace(objRS.Fields(0).Value,"/","\/"))
		If Err.Number <> 0 Then
			WScript.Echo "!!!!ERROR binding to object with the DN : " & objRS.Fields(0).Value
			WScript.Echo "Error : " & Err.Number & " - " & Err.Description
			Err.Clear
			On Error Goto 0
		Else
			On Error Goto 0
			WScript.Echo ""
			WScript.Echo "Listing Email Addresses For " & objUser.cn & "................................................"
			listEmail Replace(objUser.distinguishedName,"/","\/")
			
			'Get group membership and list emails...
			If IsEmpty(objUser.memberOf) Then
				'Do nothing...
			ElseIf (TypeName(objUser.memberOf) = "String") Then
				listEmail Replace(objUser.memberOf,"/","\/")
			Else
				For Each groupDN In objUser.memberOf
					listEmail Replace(groupDN,"/","\/")
				Next
			End If
		    objRS.MoveNext
	    End If
	Else
		WScript.Echo "!!!!ERROR Query result with no DN!!"
	End if
Wend
 
 
 
Sub listEmail(objDN)
On Error Resume Next
Set obj = GetObject("LDAP://" & objDN)
If Err.Number <> 0 Then
	WScript.Echo "!!!!ERROR binding to object with the DN : " & objRS.Fields(0).Value
	WScript.Echo "Error : " & Err.Number & " - " & Err.Description
	Err.Clear
	On Error Goto 0 			
Else	
	On Error Goto 0
	If IsEmpty(obj.proxyAddresses) Then
		'Member of no groups.
	ElseIf (TypeName(obj.proxyAddresses) = "String") Then
		WScript.Echo objUser.cn & " is a member of " & objDN
		If UCase(Left(obj.proxyAddresses,4)) = "SMTP" Then WScript.Echo obj.proxyAddresses
	Else
		'Member of >1 groups
		WScript.Echo objUser.cn & " is a member of " & objDN
		For Each proxyAdd In obj.proxyAddresses
			If UCase(Left(proxyAdd,4)) = "SMTP" Then WScript.Echo proxyAdd
		Next
	End If
End If
 
End Sub

Open in new window

0
 

Author Comment

by:mepack
ID: 24089685
Tony.
Many Thanks for the script..
I've awarded the points.
0

Featured Post

Salesforce Has Never Been Easier

Improve and reinforce salesforce training & adoption using WalkMe's digital adoption platform. Start saving on costly employee training by creating fast intuitive Walk-Thrus for Salesforce. Claim your Free Account Now

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Did you know that more than 4 billion data records have been recorded as lost or stolen since 2013? It was a staggering number brought to our attention during last week’s ManageEngine webinar, where attendees received a comprehensive look at the ma…
Group policies can be applied selectively to specific devices with the help of groups. Utilising this, it is possible to phase-in group policies, over a period of time, by randomly adding non-members user or computers at a set interval, to a group f…
Exchange organizations may use the Journaling Agent of the Transport Service to archive messages going through Exchange. However, if the Transport Service is integrated with some email content management application (such as an antispam), the admini…
Attackers love to prey on accounts that have privileges. Reducing privileged accounts and protecting privileged accounts therefore is paramount. Users, groups, and service accounts need to be protected to help protect the entire Active Directory …

729 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question