Solved

VB Script to output AD details to CSV/Notepad

Posted on 2010-09-20
5
719 Views
Last Modified: 2012-05-10
Hi Guys,
            I am after a single vbs script that can perform an export of Data from Active Directory for the entire domain, to either a CSV or txt file, I don't really mind which format as long as it is readable (seperate columns or tab seperated txt etc).

I am after the following:

Full Name
User Names
Created Date
Status (active/disabled/expired etc)
Last Logon Date
List of Groups the user is a member of

 I have researched on MS's technet script repository and numerous other sites, but none can give me what I am after or within 1 script/file.

We have numerous clients that have requested this type of information so it would be extremely helpful if you can provide any assistance.

thanks!

dan
0
Comment
Question by:KiandraSS
  • 2
  • 2
5 Comments
 
LVL 57

Accepted Solution

by:
Mike Kline earned 500 total points
ID: 33721696
I like adfind for this sort of thing

Joe Richards created adfind  http://www.joeware.net/freetools/tools/adfind/index.htm

That will give you enabled, take away the ! before useraccountcontrol for disabled users

adfind -default -bit -f "&(objectcategory=person)(objectclass=user)(!userAccountControl:AND:=2)"  samaccountname sn givenname lastlogontimestamp whencreated memberof -csv -tdca > c:\UsersExport.csv

So I only pulled certain attributes but you can pull/export whatever you want.  A good page with what the attribute names are is here   http://www.selfadsi.org/user-attributes-w2k3.htm

powershell is another good method for pulling reports, some examples in the link below (I also used adfind to help there)

http://www.experts-exchange.com/Database/LDAP/Q_26253451.html

Thanks

Mike
0
 

Author Comment

by:KiandraSS
ID: 33722012
Hi Mike,
               awesome solution mate!  worked a treat :)  give that man his points!

thanks

dan
0
 

Author Closing Comment

by:KiandraSS
ID: 33722014
awesome
0
 
LVL 8

Expert Comment

by:spinzr0
ID: 33722134
If you want a VBS, here you go.  Let me know if I missed any fields.
On Error Resume Next

Set oFS = WScript.CreateObject("Scripting.FileSystemObject")
Set oFile = oFS.CreateTextFile("All Users with Data.txt", True) 

oFile.WriteLine "First Name" & vbTab & "Last Name" & vbTab & "Logon Name" & vbTab & "Display Name" & _
                vbTab & "Created Date" & vbTab & "Enabled/Disabled" & vbTab & "Expiration Date" & _
                vbTab & "Last Logon" & vbTab & "Groups"

Call EnumerateObjects(GetObject("LDAP://" & GetObject("LDAP://RootDSE").Get("DefaultNamingContext")))

oFile.Close
Set oFS = Nothing
WScript.Echo "Finished"

Sub EnumerateObjects(oContainer)
    On Error Resume Next

    For Each oObject In oContainer
        Select Case LCase(oObject.Class)
               Case "user"
                   For Each oGroup in oObject.MemberOf
                       sGroups = sGroups & GetObject("LDAP://" & oGroup).sAMAccountName & ","
                   Next
                   tAccountExpiration = oObject.AccountExpirationDate 
                   If err.number = -2147467259 Or (datediff("d","01/01/1970",dtmAccountExpiration)<=0) Then 
                       sExpiration = "Not specified" 
                   Else 
                       sExpiration = oObject.AccountExpirationDate 
                   End If

                   sGroups = Left(sGroups, Len(sGroups) - 1)
                   If oObject.userAccountControl = 512 Then
                       oFile.WriteLine oObject.givenName & vbTab & oObject.sn & vbTab & oObject.sAMAccountName & vbTab & _
                                       oObject.DisplayName & vbTab & oObject.whenCreated & vbTab & "Enabled" & vbTab & _
                                       sExpiration & vbTab & Integer8Date(oObject.lastLogonTimeStamp) & vbTab & sGroups
                   Else
                       oFile.WriteLine oObject.givenName & vbTab & oObject.sn & vbTab & oObject.sAMAccountName & vbTab & _
                                       oObject.DisplayName & vbTab & oObject.whenCreated & vbTab & "Disabled" & vbTab & _
                                       sExpiration & vbTab & Integer8Date(oObject.lastLogonTimeStamp) & vbTab & sGroups
                   End If
               Case "organizationalunit", "container"
                   Call EnumerateObjects(oObject)
        End Select
    Next
End Sub

Function Integer8Date(objDate)
    intpwdLastSet = objDate.HighPart*(2^32) + objDate.LowPart
    intpwdLastSet = intpwdLastSet / (60*10000000)
    intpwdLastSet = intpwdLastSet / 1440 + #1/1/1601#
    Integer8Date = CDate(intpwdLastSet)
End Function

Open in new window

0
 
LVL 57

Expert Comment

by:Mike Kline
ID: 33722493
thanks a lot man, and a lot of credit to Joe Richard's for adfind,  also make sure to look at all the cool shortcuts in adfind

adfind -sc /??
0

Featured Post

Free Tool: Path Explorer

An intuitive utility to help find the CSS path to UI elements on a webpage. These paths are used frequently in a variety of front-end development and QA automation tasks.

One of a set of tools we're offering as a way of saying thank you for being a part of the community.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Disabling the Directory Sync Service Account in Office 365 will stop directory synchronization from working.
This article outlines the process to identify and resolve account lockout in an Active Directory environment.
This tutorial will walk an individual through the steps necessary to join and promote the first Windows Server 2012 domain controller into an Active Directory environment running on Windows Server 2008. Determine the location of the FSMO roles by lo…
This tutorial will walk an individual through the process of transferring the five major, necessary Active Directory Roles, commonly referred to as the FSMO roles to another domain controller. Log onto the new domain controller with a user account t…

839 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question