Passing variable to LDAP query

Posted on 2010-11-18
Last Modified: 2013-11-08
I have a functioning vbscript that I would like to expand. It currently connects only to WMI.  Here is an excerpt:

...For Each objComputer in colComputer
          strUserName = "User Name: " & objComputer.UserName...

The resultant strUserName is always in the form 'domain\username'.

I need to remove the 'domain\' portion from strUserName.

In this modified form, strUserName matches the user's sAMAccountName in Active Directory. How do I pass the strUserName to an LDAP query that reveals the user's display name, phone number, and manager?
Question by:jcb431
  • 2
LVL 65

Expert Comment

ID: 34168859
Hi, this code will do that for you.  If you need anything explained, let me know.


strComputer = InputBox("Enter computer name:")

If Ping(strComputer) = True Then

	Set objWMIService = GetObject("winmgmts:{impersonationLevel=impersonate}!\\" & strComputer & "\root\cimv2") 

	Set colComputer = objWMIService.ExecQuery("Select UserName from Win32_ComputerSystem")

	For Each objComputer In colComputer

		strUserName = objComputer.UserName


	If InStr(strUserName, "\") > 0 Then strUserName = Mid(strUserName, InStrRev(strUserName, "\") + 1)

	strUserADsPath = Get_LDAP_User_Properties("user", "samAccountName", strUserName, "adsPath")

	If Left(strUserADsPath, 7) = "LDAP://" Then

		Set objUser = GetObject(strUserADsPath)

		strDisplayName = objUser.DisplayName

		strPhoneNumber = objUser.telephoneNumber

		strManager = objUser.Manager

		strManager = Left(Split(strManager, "=")(1), Len(Split(strManager, "=")(1)) - 3)

		MsgBox "Username: " & strUserName & VbCrLf & _

		"Display Name: " & strDisplayName & VbCrLf & _

		"Phone Number: " & strPhoneNumber & VbCrLf & _

		"Manager: " & strManager


		MsgBox "Could not find ADsPath for " & strUserName

	End If


	MsgBox strComputer & " did not respond to ping."

End If

Function Ping(strComputer)

	Dim objShell, boolCode

	Set objShell = CreateObject("WScript.Shell")

	boolCode = objShell.Run("Ping -n 1 -w 300 " & strComputer, 0, True)

	If boolCode = 0 Then

		Ping = True


		Ping = False

	End If

End Function

Function Get_LDAP_User_Properties(strObjectType, strSearchField, strObjectToGet, strCommaDelimProps)


      ' This is a custom function that connects to the Active Directory, and returns the specific

      ' Active Directory attribute value, of a specific Object.

      ' strObjectType: usually "User" or "Computer"

      ' strSearchField: the field by which to seach the AD by. This acts like an SQL Query's WHERE clause.

      '				It filters the results by the value of strObjectToGet

      ' strObjectToGet: the value by which the results are filtered by, according the strSearchField.

      '				For example, if you are searching based on the user account name, strSearchField

      '				would be "samAccountName", and strObjectToGet would be that speicific account name,

      '				such as "jsmith".  This equates to "WHERE 'samAccountName' = 'jsmith'"

      '	strCommaDelimProps: the field from the object to actually return.  For example, if you wanted

      '				the home folder path, as defined by the AD, for a specific user, this would be

      '				"homeDirectory".  If you want to return the ADsPath so that you can bind to that

      '				user and get your own parameters from them, then use "ADsPath" as a return string,

      '				then bind to the user: Set objUser = GetObject("LDAP://" & strReturnADsPath)


      ' Now we're checking if the user account passed may have a domain already specified,

      ' in which case we connect to that domain in AD, instead of the default one.

      If InStr(strObjectToGet, "\") > 0 Then

            arrGroupBits = Split(strObjectToGet, "\")

            strDC = arrGroupBits(0)

            strDNSDomain = strDC & "/" & "DC=" & Replace(Mid(strDC, InStr(strDC, ".") + 1), ".", ",DC=")

            strObjectToGet = arrGroupBits(1)


      ' Otherwise we just connect to the default domain

            Set objRootDSE = GetObject("LDAP://RootDSE")

            strDNSDomain = objRootDSE.Get("defaultNamingContext")

      End If

      strBase = "<LDAP://" & strDNSDomain & ">"

      ' Setup ADO objects.

      Set adoCommand = CreateObject("ADODB.Command")

      Set adoConnection = CreateObject("ADODB.Connection")

      adoConnection.Provider = "ADsDSOObject"

      adoConnection.Open "Active Directory Provider"

      adoCommand.ActiveConnection = adoConnection


      ' Filter on user objects.

      'strFilter = "(&(objectCategory=person)(objectClass=user))"

      strFilter = "(&(objectClass=" & strObjectType & ")(" & strSearchField & "=" & strObjectToGet & "))"

      ' Comma delimited list of attribute values to retrieve.

      strAttributes = strCommaDelimProps

      arrProperties = Split(strCommaDelimProps, ",")

      ' Construct the LDAP syntax query.

      strQuery = strBase & ";" & strFilter & ";" & strAttributes & ";subtree"

      adoCommand.CommandText = strQuery

      ' Define the maximum records to return

      adoCommand.Properties("Page Size") = 100

      adoCommand.Properties("Timeout") = 30

      adoCommand.Properties("Cache Results") = False

      ' Run the query.

      Set adoRecordset = adoCommand.Execute

      ' Enumerate the resulting recordset.

      strReturnVal = ""

      Do Until adoRecordset.EOF

          ' Retrieve values and display.    

          For intCount = LBound(arrProperties) To UBound(arrProperties)

                If strReturnVal = "" Then

                      strReturnVal = adoRecordset.Fields(intCount).Value


                      strReturnVal = strReturnVal & VbCrLf & adoRecordset.Fields(intCount).Value

                End If


          ' Move to the next record in the recordset.



      ' Clean up.



      Get_LDAP_User_Properties = strReturnVal

End Function

Open in new window

LVL 65

Accepted Solution

RobSampson earned 500 total points
ID: 34168873
Actually, change this:
            strManager = Left(Split(strManager, "=")(1), Len(Split(strManager, "=")(1)) - 3)

to this
            If strManager <> "" Then strManager = Left(Split(strManager, "=")(1), Len(Split(strManager, "=")(1)) - 3)

just in case the user has no manager.



Author Closing Comment

ID: 34259273
Excellent! Outstanding! Happy Holidays!

Featured Post

How to run any project with ease

Manage projects of all sizes how you want. Great for personal to-do lists, project milestones, team priorities and launch plans.
- Combine task lists, docs, spreadsheets, and chat in one
- View and edit from mobile/offline
- Cut down on emails

Join & Write a Comment

A Bare Metal Image backup allows for the restore of an entire system to a similar or dissimilar hardware. They are highly useful for migrations and disaster recovery. Bare Metal Image backups support Full and Incremental backups. Differential backup…
Today, still in the boom of Apple, PC's and products, nearly 50% of the computer users use Windows as graphical operating systems. If you are among those users who love windows, but are grappling to keep the system's hard drive optimized, then you s…
This Micro Tutorial will give you a basic overview of Windows DVD Burner through its features and interface. This will be demonstrated using Windows 7 operating system.
In this seventh video of the Xpdf series, we discuss and demonstrate the PDFfonts utility, which lists all the fonts used in a PDF file. It does this via a command line interface, making it suitable for use in programs, scripts, batch files — any pl…

746 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

11 Experts available now in Live!

Get 1:1 Help Now