Want to protect your cyber security and still get fast solutions? Ask a secure question today.Go Premium

x
?
Solved

Script to get email addresses from Active Directory

Posted on 2009-04-27
11
Medium Priority
?
440 Views
Last Modified: 2012-05-06
I have a script I have modified that is working, but does not write to the text file like I would like.
The results show up as:
DisplayName1
user1@domain.com
DisplayName2
user2@domain.com

I would like for them to show as:
DisplayName1<user1@domain.com>
DisplayName2<user2@domain.com>

Can't seem to get it to work. Any help is appreciated.
'Set up constant for deleting values from multivalued attribute memberOf
 
Const ADS_PROPERTY_NOT_FOUND  = &h8000500D
Const ADS_UF_ACCOUNTDISABLE = 2                       'For UserAccountControl
Const strX400Search = "X400"
'______________________________________________________
 
'Set RootDSE
Set objRootDSE = GetObject("LDAP://rootDSE")
strDomain = objRootDSE.Get("defaultNamingContext")
strADPath = "LDAP://" & strDomain
'wscript.Echo strADPath
Set objDomain = GetObject(strADPath)
'wscript.echo "objDomain: " & objDomain.distinguishedName
 
'Setup ADODB connection
Set objConnection = CreateObject("ADODB.Connection")
objConnection.Open "Provider=ADsDSOObject;"
Set objCommand = CreateObject("ADODB.Command")
objCommand.ActiveConnection = objConnection
 
 
'*************************************
'Begin second query for users
varDisabledCounter = 0                  
 
'Execute search command to look for user
    objCommand.CommandText = _
      "<" & strADPath & ">" & ";(&(objectClass=user)(mail=*))" & ";distinguishedName,displayName,mail;subtree"
 
    'Execute search to get Recordset
    Set objRecordSet = objCommand.Execute
    
    strResult = strResult & vbCrlf &  "#Users"
    strResult = strResult & VbCrlf &  "#Total Records Found (users): " & objRecordSet.RecordCount & VbCrlf
    
 
 
       While Not objRecordSet.EOF 'Iterate through the search results
            strUserDN = objRecordSet.Fields("distinguishedName")     'Get User's distinguished name from Recordset into a string
            set objUser= GetObject("LDAP://"& strUserDN & "")         'Use string to bind to user object
            
            
            If objUser.AccountDisabled = TRUE Then                    'If User account disabled, then skip proxy address enum
               varDisabledCounter = varDisabledCounter + 1
               strResult2 = strResult2 & VbCrLf & varDisabledCounter & " " & objUser.displayName & VbCrlf
 
                strResult2 = strResult2 & "cn: " & objUser.cn
                strResult2 = strResult2 & VbCrlf & objUser.mail
                       
                 
            Else
            
 
 
                       strResult = strResult & VbCrlf & objUser.cn
                       strResult = strResult & VbCrlf & objUser.mail
    
                      
                
          End If   'End check for disabled user 
            
     objRecordSet.MoveNext 
Wend  'End second query for users
 
 
'Output to a text file
Set objFileSystem = CreateObject("Scripting.FileSystemObject")
Set objOutputFile = objFileSystem.CreateTextFile("C:\emailaddresses.txt")
objOutputFile.Write strResult

Open in new window

0
Comment
Question by:barrykeel
  • 4
  • 4
  • 2
  • +1
11 Comments
 
LVL 11

Expert Comment

by:Chris Gralike
ID: 24241605
strResult & VbCrlf & objUser.mail

Remove the  VbCrlf

strResult & objUser.mail & VbCrlf
0
 
LVL 11

Expert Comment

by:Chris Gralike
ID: 24241624
VbCrlf  Means to insert a \r\n (newline) into the var.

i.e.


set strResult = "abc"
strResult = strResult & VbCrlf & strResult

will output
abc
abc

set strResult = "abc"
strResult = strResult &  strResult

will output
abcabc

Rgrds,
0
 

Author Comment

by:barrykeel
ID: 24241716
I have tried removing the VbCrlf and it does not work. I also need to get the < > in the output file.
0
Simplify Active Directory Administration

Administration of Active Directory does not have to be hard.  Too often what should be a simple task is made more difficult than it needs to be.The solution?  Hyena from SystemTools Software.  With ease-of-use as well as powerful importing and bulk updating capabilities.

 
LVL 11

Expert Comment

by:Chris Gralike
ID: 24241904
You need to reformat the string. I.e.
If objUser.AccountDisabled = TRUE Then                  
	varDisabledCounter = varDisabledCounter + 1
	strResult2 = strResult2 & objUser.cn & "<" & objUser.mail & ">" & VbCrlf 
Else
	strResult = strResult & objUser.cn & "<" & objUser.mail & ">" & VbCrlf 
End If

Open in new window

0
 
LVL 1

Accepted Solution

by:
thekod earned 2000 total points
ID: 24241960
Try the following code...I did what the original answers suggested -- removed the vbCRLF, and I added angle brackets.
'Set up constant for deleting values from multivalued attribute memberOf
 
Const ADS_PROPERTY_NOT_FOUND  = &h8000500D
Const ADS_UF_ACCOUNTDISABLE = 2                       'For UserAccountControl
Const strX400Search = "X400"
'______________________________________________________
 
'Set RootDSE
Set objRootDSE = GetObject("LDAP://rootDSE")
strDomain = objRootDSE.Get("defaultNamingContext")
strADPath = "LDAP://" & strDomain
'wscript.Echo strADPath
Set objDomain = GetObject(strADPath)
'wscript.echo "objDomain: " & objDomain.distinguishedName
 
'Setup ADODB connection
Set objConnection = CreateObject("ADODB.Connection")
objConnection.Open "Provider=ADsDSOObject;"
Set objCommand = CreateObject("ADODB.Command")
objCommand.ActiveConnection = objConnection
 
 
'*************************************
'Begin second query for users
varDisabledCounter = 0                  
 
'Execute search command to look for user
    objCommand.CommandText = _
      "<" & strADPath & ">" & ";(&(objectClass=user)(mail=*))" & ";distinguishedName,displayName,mail;subtree"
 
    'Execute search to get Recordset
    Set objRecordSet = objCommand.Execute
    
    strResult = "#Users"
    strResult = strResult & VbCrlf &  "#Total Records Found (users): " & objRecordSet.RecordCount & VbCrlf & vbCRLF
    
 
 
       While Not objRecordSet.EOF 'Iterate through the search results
            strUserDN = objRecordSet.Fields("distinguishedName")     'Get User's distinguished name from Recordset into a string
            set objUser= GetObject("LDAP://"& strUserDN & "")         'Use string to bind to user object
            
            
            If objUser.AccountDisabled = TRUE Then                    'If User account disabled, then skip proxy address enum
               varDisabledCounter = varDisabledCounter + 1
               strResult2 = strResult2 & VbCrlf & varDisabledCounter & " " & objUser.displayName & VbCrlf
 
                strResult2 = strResult2 & "cn: " & objUser.cn
                strResult2 = strResult2 & VbCrlf & objUser.mail
                       
                 
            Else
            
 
 
                       strResult = strResult & VbCrlf & objUser.cn
                       strResult = strResult & " <" & objUser.mail & ">"
    
                      
                
          End If   'End check for disabled user 
            
     objRecordSet.MoveNext 
Wend  'End second query for users
 
 
'Output to a text file
Set objFileSystem = CreateObject("Scripting.FileSystemObject")
Set objOutputFile = objFileSystem.CreateTextFile("C:\emailaddresses.txt")
objOutputFile.Write strResult

Open in new window

0
 
LVL 57

Expert Comment

by:Mike Kline
ID: 24242373
alternate method is to use something like adfind
 http://www.joeware.net/freetools/tools/adfind/index.htm
adfind -default -f  "&(objectcategory=person)(objectclass=user)(mail=*)" displayname mail -csv -nodn > c:\emailaddresses.csv
Thanks
Mike
0
 

Author Closing Comment

by:barrykeel
ID: 31574928
Thanks. Worked perfectly.
0
 
LVL 11

Expert Comment

by:Chris Gralike
ID: 24248666
Shame the accepted solution is a copy of the suggested solution.

In any account, if you want to learn vb scripting you might need to put some effort in learning it.

"Give a man a fish and he will eat for a day, learn a man to fish and he will eat for a lifetime"

Rgrds,
0
 
LVL 1

Expert Comment

by:thekod
ID: 24248988
I agree.  Sorry, man, I said so in my post, wasn't trying to steal the points.
0
 

Author Comment

by:barrykeel
ID: 24249191
Not to caue an issue here, but I tried the suggestion in your post Chris and I could not get it to work. Either there was something with the post or there was something I did incorrectly. BTW, look at the line in the in your oringinal answer that looks like:
If objUser.AccountDisabled = TRUE Then                  
      varDisabledCounter = varDisabledCounter + 1
      strResult2 = strResult2 & objUser.cn & "<" & objUser.mail & ">" & VbCrlf

That is different than the answer I gave points to. With the   "<" & objUser.mail & ">"  in there it did not work for me. Maybe I am overlooking something but it gave me an error.
0
 

Author Comment

by:barrykeel
ID: 24260361
I also wanted to add that I am learning VB Script and am doing do by trying different scripts, reading, and asking questions. The script I had a problem was a script I got and I heavily modified it to get it to do what I needed. I could not get the results exactly right and then I posed the question here after many attempts with different syntax. Actually my main prolem was the way I was combining the results into a single line and not the VbCrlf. I do know that is a return. Sometimes it just takes a second set of eyes to see what you are overlooking. At least I did not post the question "Can someone give me script to pull email from AD?"
0

Featured Post

VIDEO: THE CONCERTO CLOUD FOR HEALTHCARE

Modern healthcare requires a modern cloud. View this brief video to understand how the Concerto Cloud for Healthcare can help your organization.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Group policies can be applied selectively to specific devices with the help of groups. Utilising this, it is possible to phase-in group policies, over a period of time, by randomly adding non-members user or computers at a set interval, to a group f…
Active Directory can easily get cluttered with unused service, user and computer accounts. In this article, I will show you the way I like to implement ADCleanup..
Attackers love to prey on accounts that have privileges. Reducing privileged accounts and protecting privileged accounts therefore is paramount. Users, groups, and service accounts need to be protected to help protect the entire Active Directory …
Sometimes it takes a new vantage point, apart from our everyday security practices, to truly see our Active Directory (AD) vulnerabilities. We get used to implementing the same techniques and checking the same areas for a breach. This pattern can re…
Suggested Courses

564 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question