Solved

How can I list all smtp addresses for a user including group smtp addresses?

Posted on 2009-04-03
15
266 Views
Last Modified: 2012-05-06
How can I list all smtp addresses for a user including group smtp addresses?
I have Exchange 2003 on a Windows 2003 server within a Windows 2003 Active Directory environment.

I need a script if possible as I need to run this for every user in the domain. Approx 100 users.

Thanks
0
Comment
Question by:mepack
  • 7
  • 7
15 Comments
 
LVL 16

Expert Comment

by:speshalyst
Comment Utility
0
 

Author Comment

by:mepack
Comment Utility
I need to return the Group SMTP addresses for the user as well as the primary and secondary SMTP addresses.

Thanks
0
 
LVL 27

Expert Comment

by:bluntTony
Comment Utility
The below script would do what you need. Call it via cscript and you can pipe to a text file, e.g.
cscript list_smtp.vbs > results.txt
It'll go through every user in the domain, list all the smtp addresses, then all the smtp addresses associated with groups the user is a member of. It's going to give you a lot of output but it gives you what you asked for. Let me know if you need me to modify to make more user friendly. I've knocked it together quickly so it's a bit basic at the moment....
You shouldn't need to change any of the code.

Set oRootDSE = GetObject("LDAP://RootDSE")

strBase   =  "<LDAP://" & oRootDSE.get("defaultNamingContext") & ">;"

strFilter = "(&(objectclass=user)(objectcategory=person));" 

strAttrs  = "distinguishedName;"

strScope  = "subtree"
 

Set objConn = CreateObject("ADODB.Connection")

objConn.Provider = "ADsDSOObject"

objConn.Open "Active Directory Provider"

Set objRS = objConn.Execute(strBase & strFilter & strAttrs & strScope)
 

objRS.MoveFirst

While Not objRS.EOF

	Set objUser = GetObject("LDAP://" & objRS.Fields(0).Value)

	WScript.Echo "Listing Email Addresses For " & objUser.cn & "................................................"

	listEmail objUser.distinguishedName

	

	'Get group membership and list emails...

	If IsEmpty(objUser.memberOf) Then

		'Do nothing...

	ElseIf (TypeName(objUser.memberOf) = "String") Then

		WScript.Echo objUser.cn & " is a member of " & objUser.memberOf

		listEmail objUser.memberOf 

	Else

		For Each groupDN In objUser.memberOf

			WScript.Echo objUser.cn & " is a member of " & groupDN

			listEmail groupDN

		Next

	End If

    objRS.MoveNext

Wend
 
 
 

Sub listEmail(objDN)

Set obj = GetObject("LDAP://" & objDN)

If IsEmpty(obj.proxyAddresses) Then

	'Member of no groups.

ElseIf (TypeName(obj.proxyAddresses) = "String") Then

	'Member of 1 group

	If UCase(Left(obj.proxyAddresses,4)) = "SMTP" Then WScript.Echo obj.proxyAddresses

Else

	'Member of >1 groups

	For Each proxyAdd In obj.proxyAddresses

		If UCase(Left(proxyAdd,4)) = "SMTP" Then WScript.Echo proxyAdd

	Next

End If

End Sub

Open in new window

0
 

Author Comment

by:mepack
Comment Utility
Thanks Tony..
Is there anyway you can get the script to select only Mail enabled groups?

Thanks
0
 
LVL 27

Expert Comment

by:bluntTony
Comment Utility
Try this....
(should only output the groups with 1 or more email addresses...)

Set oRootDSE = GetObject("LDAP://RootDSE")

strBase   =  "<LDAP://" & oRootDSE.get("defaultNamingContext") & ">;"

strFilter = "(&(objectclass=user)(objectcategory=person));" 

strAttrs  = "distinguishedName;"

strScope  = "subtree"
 

Set objConn = CreateObject("ADODB.Connection")

objConn.Provider = "ADsDSOObject"

objConn.Open "Active Directory Provider"

Set objRS = objConn.Execute(strBase & strFilter & strAttrs & strScope)
 

objRS.MoveFirst

While Not objRS.EOF

	Set objUser = GetObject("LDAP://" & objRS.Fields(0).Value)

	WScript.Echo "Listing Email Addresses For " & objUser.cn & "................................................"

	listEmail objUser.distinguishedName

	

	'Get group membership and list emails...

	If IsEmpty(objUser.memberOf) Then

		'Do nothing...

	ElseIf (TypeName(objUser.memberOf) = "String") Then

		listEmail objUser.memberOf 

	Else

		For Each groupDN In objUser.memberOf

			listEmail groupDN

		Next

	End If

    objRS.MoveNext

Wend
 
 
 

Sub listEmail(objDN)

Set obj = GetObject("LDAP://" & objDN)

If IsEmpty(obj.proxyAddresses) Then

	'Member of no groups.

ElseIf (TypeName(obj.proxyAddresses) = "String") Then

	WScript.Echo objUser.cn & " is a member of " & objDN

	If UCase(Left(obj.proxyAddresses,4)) = "SMTP" Then WScript.Echo obj.proxyAddresses

Else

	'Member of >1 groups

	WScript.Echo objUser.cn & " is a member of " & objDN

	For Each proxyAdd In obj.proxyAddresses

		If UCase(Left(proxyAdd,4)) = "SMTP" Then WScript.Echo proxyAdd

	Next

End If

End Sub

Open in new window

0
 

Author Comment

by:mepack
Comment Utility
Tony..
Script is returning the correct values except it errors on a particular user everytime with the following message..
list_smtp.vbs(14, 2) (null): 0x80005000

Thanks
0
 
LVL 27

Expert Comment

by:bluntTony
Comment Utility
What is the name (CN) of the user it is failing on (as it is displayed in AD Users & Computers)? Does it have any special characters in it?
0
Find Ransomware Secrets With All-Source Analysis

Ransomware has become a major concern for organizations; its prevalence has grown due to past successes achieved by threat actors. While each ransomware variant is different, we’ve seen some common tactics and trends used among the authors of the malware.

 

Author Comment

by:mepack
Comment Utility
cn=RedhatPrint
0
 
LVL 27

Expert Comment

by:bluntTony
Comment Utility
Seems strange that it would fail on one particular user. What sort of account is this? It's like the distinguishedName attribute is null or malformed?
Whats the actual distinguishedName attribute? Check in ADSIEDIT.msc and let us know. I'm leaving the office now but I'll check tomorrow.
Tony
0
 

Author Comment

by:mepack
Comment Utility
Tony..
distinguishedName attribute =
CN=RedhatPrint,OU=System Accounts,OU=Users,OU=MELDOM,DC=domain,DC=com
Thanks
0
 
LVL 27

Expert Comment

by:bluntTony
Comment Utility
Actually it can't be this user it's failing on. It must be the next one after this, as the echo statement is after the LDAP connection. I've added some error trapping to the code it will enable the script to continue in the event of a failed connection, and will return any error codes, and the offending DN.
Let me know what the error generated is.
Thanks,
Tony

Set oRootDSE = GetObject("LDAP://RootDSE")

strBase   =  "<LDAP://" & oRootDSE.get("defaultNamingContext") & ">;"

strFilter = "(&(objectclass=user)(objectcategory=person));" 

strAttrs  = "distinguishedName;"

strScope  = "subtree"

 

Set objConn = CreateObject("ADODB.Connection")

objConn.Provider = "ADsDSOObject"

objConn.Open "Active Directory Provider"

Set objRS = objConn.Execute(strBase & strFilter & strAttrs & strScope)

 

objRS.MoveFirst

While Not objRS.EOF

	If objRS.Fields(0).Value <> "" Then

		On Error Resume Next

		Set objUser = GetObject("LDAP://" & objRS.Fields(0).Value)

		If Err.Number <> 0 Then

			WScript.Echo "!!!!ERROR binding to object with the DN : " & objRS.Fields(0).Value

			WScript.Echo "Error : " & Err.Number & " - " & Err.Description

			Err.Clear

		End If

		On Error Goto 0

		WScript.Echo ""

		WScript.Echo "Listing Email Addresses For " & objUser.cn & "................................................"

		listEmail objUser.distinguishedName

		

		'Get group membership and list emails...

		If IsEmpty(objUser.memberOf) Then

			'Do nothing...

		ElseIf (TypeName(objUser.memberOf) = "String") Then

			listEmail objUser.memberOf 

		Else

			For Each groupDN In objUser.memberOf

				listEmail groupDN

			Next

		End If

	    objRS.MoveNext

	Else

		WScript.Echo "!!!!ERROR Query result with no DN!!"

	End if

Wend

 

 

 

Sub listEmail(objDN)

Set obj = GetObject("LDAP://" & objDN)

If IsEmpty(obj.proxyAddresses) Then

	'Member of no groups.

ElseIf (TypeName(obj.proxyAddresses) = "String") Then

	WScript.Echo objUser.cn & " is a member of " & objDN

	If UCase(Left(obj.proxyAddresses,4)) = "SMTP" Then WScript.Echo obj.proxyAddresses

Else

	'Member of >1 groups

	WScript.Echo objUser.cn & " is a member of " & objDN

	For Each proxyAdd In obj.proxyAddresses

		If UCase(Left(proxyAdd,4)) = "SMTP" Then WScript.Echo proxyAdd

	Next

End If

End Sub

Open in new window

0
 
LVL 27

Expert Comment

by:bluntTony
Comment Utility
Actually, scrub that - use this code (bad day!)
Set oRootDSE = GetObject("LDAP://RootDSE")

strBase   =  "<LDAP://" & oRootDSE.get("defaultNamingContext") & ">;"

strFilter = "(&(objectclass=user)(objectcategory=person));" 

strAttrs  = "distinguishedName;"

strScope  = "subtree"

 

Set objConn = CreateObject("ADODB.Connection")

objConn.Provider = "ADsDSOObject"

objConn.Open "Active Directory Provider"

Set objRS = objConn.Execute(strBase & strFilter & strAttrs & strScope)

 

objRS.MoveFirst

While Not objRS.EOF

	If objRS.Fields(0).Value <> "" Then

		On Error Resume Next

		Set objUser = GetObject("LDAP://" & objRS.Fields(0).Value)

		If Err.Number <> 0 Then

			WScript.Echo "!!!!ERROR binding to object with the DN : " & objRS.Fields(0).Value

			WScript.Echo "Error : " & Err.Number & " - " & Err.Description

			Err.Clear

		Else

			On Error Goto 0

			WScript.Echo ""

			WScript.Echo "Listing Email Addresses For " & objUser.cn & "................................................"

			listEmail objUser.distinguishedName

			

			'Get group membership and list emails...

			If IsEmpty(objUser.memberOf) Then

				'Do nothing...

			ElseIf (TypeName(objUser.memberOf) = "String") Then

				listEmail objUser.memberOf 

			Else

				For Each groupDN In objUser.memberOf

					listEmail groupDN

				Next

			End If

		    objRS.MoveNext

	    End If

	Else

		WScript.Echo "!!!!ERROR Query result with no DN!!"

	End if

Wend

 

 

 

Sub listEmail(objDN)

Set obj = GetObject("LDAP://" & objDN)

If IsEmpty(obj.proxyAddresses) Then

	'Member of no groups.

ElseIf (TypeName(obj.proxyAddresses) = "String") Then

	WScript.Echo objUser.cn & " is a member of " & objDN

	If UCase(Left(obj.proxyAddresses,4)) = "SMTP" Then WScript.Echo obj.proxyAddresses

Else

	'Member of >1 groups

	WScript.Echo objUser.cn & " is a member of " & objDN

	For Each proxyAdd In obj.proxyAddresses

		If UCase(Left(proxyAdd,4)) = "SMTP" Then WScript.Echo proxyAdd

	Next

End If

End Sub

Open in new window

0
 

Author Comment

by:mepack
Comment Utility
Tony,

!!!!ERROR binding to object with the DN : CN=Burning / Feedback,OU=System Accounts,OU=Users,OU=MELDOM,DC=domain,DC=com

Thanks
0
 
LVL 27

Accepted Solution

by:
bluntTony earned 500 total points
Comment Utility
Try this...
The above DN has a special character '/' in it which has to be escaped with a preceeding '\'. The below code now does this for you.

Set oRootDSE = GetObject("LDAP://RootDSE")

strBase   =  "<LDAP://" & oRootDSE.get("defaultNamingContext") & ">;"

strFilter = "(&(objectclass=user)(objectcategory=person));" 

strAttrs  = "distinguishedName;"

strScope  = "subtree"

 

Set objConn = CreateObject("ADODB.Connection")

objConn.Provider = "ADsDSOObject"

objConn.Open "Active Directory Provider"

Set objRS = objConn.Execute(strBase & strFilter & strAttrs & strScope)

 

objRS.MoveFirst

While Not objRS.EOF

	If objRS.Fields(0).Value <> "" Then

		On Error Resume Next

		Set objUser = GetObject("LDAP://" & Replace(objRS.Fields(0).Value,"/","\/"))

		If Err.Number <> 0 Then

			WScript.Echo "!!!!ERROR binding to object with the DN : " & objRS.Fields(0).Value

			WScript.Echo "Error : " & Err.Number & " - " & Err.Description

			Err.Clear

			On Error Goto 0

		Else

			On Error Goto 0

			WScript.Echo ""

			WScript.Echo "Listing Email Addresses For " & objUser.cn & "................................................"

			listEmail Replace(objUser.distinguishedName,"/","\/")

			

			'Get group membership and list emails...

			If IsEmpty(objUser.memberOf) Then

				'Do nothing...

			ElseIf (TypeName(objUser.memberOf) = "String") Then

				listEmail Replace(objUser.memberOf,"/","\/")

			Else

				For Each groupDN In objUser.memberOf

					listEmail Replace(groupDN,"/","\/")

				Next

			End If

		    objRS.MoveNext

	    End If

	Else

		WScript.Echo "!!!!ERROR Query result with no DN!!"

	End if

Wend

 

 

 

Sub listEmail(objDN)

On Error Resume Next

Set obj = GetObject("LDAP://" & objDN)

If Err.Number <> 0 Then

	WScript.Echo "!!!!ERROR binding to object with the DN : " & objRS.Fields(0).Value

	WScript.Echo "Error : " & Err.Number & " - " & Err.Description

	Err.Clear

	On Error Goto 0 			

Else	

	On Error Goto 0

	If IsEmpty(obj.proxyAddresses) Then

		'Member of no groups.

	ElseIf (TypeName(obj.proxyAddresses) = "String") Then

		WScript.Echo objUser.cn & " is a member of " & objDN

		If UCase(Left(obj.proxyAddresses,4)) = "SMTP" Then WScript.Echo obj.proxyAddresses

	Else

		'Member of >1 groups

		WScript.Echo objUser.cn & " is a member of " & objDN

		For Each proxyAdd In obj.proxyAddresses

			If UCase(Left(proxyAdd,4)) = "SMTP" Then WScript.Echo proxyAdd

		Next

	End If

End If
 

End Sub

Open in new window

0
 

Author Comment

by:mepack
Comment Utility
Tony.
Many Thanks for the script..
I've awarded the points.
0

Featured Post

Too many email signature updates to deal with?

Do you feel like you are taking up all of your time constantly visiting users’ desks to make changes to email signatures? Wish you could manage all signatures from one central location, easily design them and deploy them quickly to users? Well, there is an easy way!

Join & Write a Comment

Learn to move / copy / export exchange contacts to iPhone without using any software. Also see the issues in configuration of exchange with iPhone to migrate contacts.
Restoring deleted objects in Active Directory has been a standard feature in Active Directory for many years, yet some admins may not know what is available.
The video tutorial explains the basics of the Exchange server Database Availability groups. The components of this video include: 1. Automatic Failover 2. Failover Clustering 3. Active Manager
To add imagery to an HTML email signature, you have two options available to you. You can either add a logo/image by embedding it directly into the signature or hosting it externally and linking to it. The vast majority of email clients display l…

772 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

11 Experts available now in Live!

Get 1:1 Help Now