Solved

Issues with a VBScript

Posted on 2010-08-31
8
971 Views
Last Modified: 2012-05-10
I am getting this error when running the attached script.  Can anyone help?

Code Error  8000500D -
The directory property cannot be found in the cache
'Define Constants
Const ForReading = 1
Const ADS_SCOPE_SUBTREE = 2 ' Search target object and all sub levels
Const ADS_GROUP_TYPE_SECURITY_ENABLED = &H80000000

DQ = Chr(34) 'Double Quote

strOutputHeader = "Date Script was executed: " & Now() & VbCrLf & VbCrLf & _
"USER INFORMATION" & VbCrLf & _
"*************************************************************"

'Prompt for username
Do
	strUsername = _
	InputBox("Please enter the username:", _
	"Username Input", "username")
	If strUsername = False Then
		WScript.Quit
	End If
Loop Until strUsername <> ""

WScript.Echo "Creating file for " & strUsername

'Create Objects
Set objShell = CreateObject("WScript.Shell")
Set objFSO = CreateObject("Scripting.FileSystemObject")
Set SecurityGroups = CreateObject("System.Collections.ArrayList")
Set DistributionGroups = CreateObject("System.Collections.ArrayList")

'Construct an ADsPath to the Current Domain with rootDSE
Set objRootDSE = GetObject("LDAP://rootDSE")
strADsPath = "LDAP://" & objRootDSE.Get("defaultNamingContext")

'Connect to Active Directory
Set objConnection = CreateObject("ADODB.Connection")
Set objCommand = CreateObject("ADODB.Command")
objConnection.Provider = "ADsDSOObject"
objConnection.Open "Active Directory Provider"
Set objCommand.ActiveConnection = objConnection
objCommand.Properties("Page Size") = 1000
objCommand.Properties("Searchscope") = ADS_SCOPE_SUBTREE

'Create output text file
strScriptPath = Replace(WScript.ScriptFullName, WScript.ScriptName, "")
strOutputFilePath = strScriptPath & strUsername & ".txt"
Set objOutputFile = objFSO.CreateTextFile(strOutputFilePath)

'Search AD for user
objCommand.CommandText = _
"SELECT ADsPath FROM '" & strADsPath & _
"' WHERE objectCategory='user' and sAMAccountName='" & strUsername & "'"
Set objRecordSet = objCommand.Execute

'Verify user was found
If objRecordSet.EOF Then
	WScript.echo "User named " & strUser & " not found."
Else
	objRecordSet.MoveFirst
	Do Until objRecordSet.EOF
		strUserADsPath = objRecordSet.Fields("ADsPath").Value
		objRecordSet.MoveNext
	Loop
End If

'Connect to user account
Set objUser = GetObject(strUserADsPath)

'Get user information
strsAMAccountName = objUser.sAMAccountName
strEmployeeID = objUser.EmployeeID
struserprincipalname = objUser.userPrincipalName
strdisplayName = objUser.displayName
strtitle = objUser.title
strdescription = objUser.description
strmanager = objUser.manager
strdepartment = objUser.department
strdistinguishedName = objUser.distinguishedName
struserAccountControl = objUser.userAccountControl
strwhenCreated = objUser.whenCreated

'Format Last Logon Time Stamp
Set objLastLogon = objUser.Get("lastLogonTimestamp")
intLastLogonTime = objLastLogon.HighPart * (2 ^ 32) + objLastLogon.LowPart
intLastLogonTime = intLastLogonTime / (60 * 10000000)
intLastLogonTime = intLastLogonTime / 1440
dtmLastLogon = intLastLogonTime + # 1 / 1 / 1601 #

'Put groups in arrays based on type and sort them
strGroups = objUser.memberOf
For Each strGroup In strGroups
	Set objGroup = GetObject("LDAP://" & strGroup)
	strGroupType = GetType(objGroup.GroupType)
	If strGroupType = "Security" Then
		SecurityGroups.Add objGroup.CN
	End If
	If strGroupType = "Distribution" Then
		DistributionGroups.Add objGroup.CN
	End If
Next
SecurityGroups.Sort()
DistributionGroups.Sort()

'Populate text file
objOutputFile.WriteLine strOutputHeader
objOutputFile.WriteLine "sAMAccountName - " & strsAMAccountName & VbCrLf
objOutputFile.WriteLine "EmployeeID - " & strEmployeeID & VbCrLf
objOutputFile.WriteLine "userprincipalname - " & struserprincipalname & VbCrLf
objOutputFile.WriteLine "displayName - " & strdisplayName & VbCrLf
objOutputFile.WriteLine "title - " & strtitle & VbCrLf
objOutputFile.WriteLine "description - " & strDescription & VbCrLf
objOutputFile.WriteLine "manager - " & strmanager & VbCrLf
objOutputFile.WriteLine "department - " & strdepartment & VbCrLf
objOutputFile.WriteLine "distinguishedName - " & strdistinguishedName & VbCrLf
objOutputFile.WriteLine "userAccountControl - " & struserAccountControl & VbCrLf
objOutputFile.WriteLine "whenCreated - " & strwhenCreated & VbCrLf
objOutputFile.WriteLine "lastlogon - " & dtmLastLogon & VbCrLf
objOutputFile.WriteLine "*************************************************************" & VbCrLf
objOutputFile.WriteLine "Distribution Group List"
objOutputFile.WriteLine "*************************************************************"

For Each strGroup In DistributionGroups
	objOutputFile.WriteLine strGroup
Next

objOutputFile.WriteLine "*************************************************************" & VbCrLf
objOutputFile.WriteLine "Security Group List"
objOutputFile.WriteLine "*************************************************************"

For Each strGroup In SecurityGroups
	objOutputFile.WriteLine strGroup
Next
objOutputFile.WriteLine "*************************************************************"

WScript.Echo "Finished creating file"
objOutputFile.Close

'Open file
strOpenFile = MsgBox("Do you want to open the output file?", VbYesNo + VBQuestion, "Open Output File?")
If strOpenFile = VbYes Then
	objShell.Run("notepad.exe " & DQ & strOutputFilePath & DQ)
End If

Function GetType(ByVal lngFlag)
	' Function to determine group type.
	If ((lngFlag And ADS_GROUP_TYPE_SECURITY_ENABLED) <> 0) Then
		GetType = "Security"
	Else
		GetType = "Distribution"
	End If
End Function

Open in new window

0
Comment
Question by:seaninman
8 Comments
 
LVL 4

Expert Comment

by:mikesuss
Comment Utility
http://www.computerperformance.co.uk/Logon/code/code_8000500D.htm


Sounds like a typo in ldap reference, or the ldap changed names
0
 
LVL 5

Expert Comment

by:talkinsmak
Comment Utility
Your VBScript contains an illegal LDAP reference, probably a typing mistake, maybe an extra letter.  Check the spelling of your objects in the script.
 
What does the error message say is the source?
 
0
 
LVL 4

Author Comment

by:seaninman
Comment Utility
Source is Active Directory.  However it doesn't error when i run it on other user account's.  Just this one particular account.  
0
 
LVL 4

Author Comment

by:seaninman
Comment Utility
looks like it errors on line 82 when its trying to get the last login in time stamp.  If I comment that out it runs fine but I need that information.
0
Better Security Awareness With Threat Intelligence

See how one of the leading financial services organizations uses Recorded Future as part of a holistic threat intelligence program to promote security awareness and proactively and efficiently identify threats.

 
LVL 4

Author Comment

by:seaninman
Comment Utility
Okay so I found this which makes since.  http://www.experts-exchange.com/Programming/Languages/Visual_Basic/Q_23906325.html

However, would someone be able to help me figure out a way to update this script so that if it gets that error on that line that it will not error out that it will simply put User has Never Logged In?
0
 
LVL 16

Expert Comment

by:ThinkPaper
Comment Utility
Then you would need to include some error handling.
You would need to include something like this.......

http://technet.microsoft.com/en-us/library/ee692852.aspx
Throw this line on the top of your code:

On Error Resume Next



Then right under your line 82:

'=====The user never logged on so timestamp does not exist========

If Err.Number <> 0 Then                  

    WScript.Echo "User has never logged in"

    ' It doesn't exist so you are skipping that portion of code and making the default values NULL or blank 



    intLastLogonTime = ""

    dtmLastLogon = ""



     Err.Clear



'=====The user logged on, so timestamp exists =======

Else                                                 



   'Format Last Logon Time Stamp

  Set objLastLogon = objUser.Get("lastLogonTimestamp")

  intLastLogonTime = objLastLogon.HighPart * (2 ^ 32) + objLastLogon.LowPart

  intLastLogonTime = intLastLogonTime / (60 * 10000000)

  intLastLogonTime = intLastLogonTime / 1440

  dtmLastLogon = intLastLogonTime + # 1 / 1 / 1601 #





End If



' The rest of your code (lines 87 and up)

Open in new window

0
 
LVL 4

Author Comment

by:seaninman
Comment Utility
Thats good, but I'd like to have it write in the output file on the line for last logon if it doesnt exist then have it say User has never logged on.
0
 
LVL 16

Accepted Solution

by:
ThinkPaper earned 500 total points
Comment Utility
Then you should simply modify dtmLastLogon, so instead of blank  it displays what you want it to print out:

dtmLastLogon = "USER NEVER LOGGED ON"

Then continue with the rest of the code...
'=====The user never logged on so timestamp does not exist========

If Err.Number <> 0 Then                  

    WScript.Echo "User has never logged in"

    ' It doesn't exist so you are skipping that portion of code and making the default values NULL or blank 



    intLastLogonTime = ""

    dtmLastLogon = "USER NEVER LOGGED ON"  'Change it right here to print this out



     Err.Clear



'=====The user logged on, so timestamp exists =======

Else                                                 



   'Format Last Logon Time Stamp

  Set objLastLogon = objUser.Get("lastLogonTimestamp")

  intLastLogonTime = objLastLogon.HighPart * (2 ^ 32) + objLastLogon.LowPart

  intLastLogonTime = intLastLogonTime / (60 * 10000000)

  intLastLogonTime = intLastLogonTime / 1440

  dtmLastLogon = intLastLogonTime + # 1 / 1 / 1601 #





End If

Open in new window

0

Featured Post

Top 6 Sources for Identifying Threat Actor TTPs

Understanding your enemy is essential. These six sources will help you identify the most popular threat actor tactics, techniques, and procedures (TTPs).

Join & Write a Comment

Script to copy or move mouse-selected collection of files plus targets referenced by shortcuts (.lnk) The purpose of this article is to help illuminate the real challenges and options available (where they may exist) for utilizing simple scriptin…
Introduction During my participation as a VBScript contributor at Experts Exchange, one of the most common questions I come across is this: "I have a script that runs against only one computer. How can I make it run against a list of computers in …
Sending a Secure fax is easy with eFax Corporate (http://www.enterprise.efax.com). First, Just open a new email message.  In the To field, type your recipient's fax number @efaxsend.com. You can even send a secure international fax — just include t…
In this tutorial you'll learn about bandwidth monitoring with flows and packet sniffing with our network monitoring solution PRTG Network Monitor (https://www.paessler.com/prtg). If you're interested in additional methods for monitoring bandwidt…

743 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

15 Experts available now in Live!

Get 1:1 Help Now