Solved

2003 ad script for enumeration

Posted on 2011-02-21
8
1,023 Views
Last Modified: 2012-05-11
In active directory users and computers, each user has a type and description column. Is it possible to run a vbscript to enumerate user, type and description for every domain user and domain group in a domain (2003)? Similar to that seen below? I only have domain user credentials not domain admin credentials, but as I can see it in ADUC as a domain user I assume it can also be enumerated...

http://www.axigen.com/usr/kb/AD_CreateAxiAcc1.jpg

0
Comment
Question by:pma111
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
  • 4
  • 4
8 Comments
 
LVL 12

Accepted Solution

by:
prashanthd earned 250 total points
ID: 34942040
Hi,

You can try this code
'On Error Resume Next

Dim objRootDSE, strDomain, strUsername, objConnection, objCommand, objRecordSet, strDN
Const ADS_SCOPE_SUBTREE = 2
Const ADS_GROUP_TYPE_GLOBAL_GROUP = &h2
Const ADS_GROUP_TYPE_LOCAL_GROUP = &h4
Const ADS_GROUP_TYPE_UNIVERSAL_GROUP = &h8
Const ADS_GROUP_TYPE_SECURITY_ENABLED = &h80000000


' Get domain components
Set objRootDSE = GetObject("LDAP://RootDSE")
strDomain = objRootDSE.Get("DefaultNamingContext")

' Set ADO connection
Set objConnection = CreateObject("ADODB.Connection")
objConnection.Provider = "ADsDSOObject"
objConnection.Open "Active Directory Provider"

' Set ADO command
Set objCommand = CreateObject("ADODB.Command")
Set objCommand.ActiveConnection = objConnection
objCommand.Properties("Searchscope") = ADS_SCOPE_SUBTREE

objCommand.CommandText = "SELECT distinguishedName FROM 'LDAP://" & strDomain & "' WHERE objectCategory='group'"
objCommand.Properties("Page Size") = 1000
objCommand.Properties("Timeout") = 30
objCommand.Properties("Cache Results") = False
' Set recordset to hold the query result
Set objRecordSet = objCommand.Execute

' If a Group was found - Retrieve the distinguishedName
Do While Not objRecordSet.EOF 
    strDN = "LDAP://" & objRecordSet.Fields("distinguishedName").Value
    
    Set objGroup = GetObject(strDN)
    objGroup.GetInfo
        
    strName = objGroup.Get("name")
    strSAMAccountName = objGroup.Get("sAMAccountName")
    intgroupType = objGroup.Get("groupType")
    
    strDescription = objGroup.GetEx("description")
    
    WScript.Echo "name: " & strName
    WScript.Echo "sAMAccountName: " & strSAMAccountName
    
    WScript.StdOut.Write "Group type: "
    If intGroupType And ADS_GROUP_TYPE_SECURITY_ENABLED Then
        WScript.Echo "Type : Security group"
    Else
        WScript.Echo "Type : Distribution group"
    End If
    
    For Each strValue In strDescription
        WScript.Echo "description: " & strValue
    Next    
    objRecordSet.MoveNext
Loop


objCommand.CommandText = "SELECT distinguishedName FROM 'LDAP://" & strDomain & "' WHERE objectCategory='person'"
objCommand.Properties("Page Size") = 1000
objCommand.Properties("Timeout") = 30
objCommand.Properties("Cache Results") = False
' Set recordset to hold the query result
Set objRecordSet = objCommand.Execute

' If a Group was found - Retrieve the distinguishedName
Do While Not objRecordSet.EOF 
    strDN = "LDAP://" & objRecordSet.Fields("distinguishedName").Value
    
    Set objUser = GetObject(strDN)
    objUser.GetInfo
        
    strName = objUser.Get("name")
    strSAMAccountName = objGroup.Get("sAMAccountName")
       
    strDescription = objGroup.GetEx("description")
    
    WScript.Echo "name: " & strName
    WScript.Echo "sAMAccountName: " & strSAMAccountName
    WScript.StdOut.Write "Type: User"
    
    For Each strValue In strDescription
        WScript.Echo "description: " & strValue
    Next    
    
    objRecordSet.MoveNext
Loop

Open in new window

0
 
LVL 3

Author Comment

by:pma111
ID: 34942088
where will it write the results out to?
0
 
LVL 12

Expert Comment

by:prashanthd
ID: 34942109
Use following command, it will write to output.txt

cscript vbfilename.vbs > output.txt
0
Free eBook: Backup on AWS

Everything you need to know about backup and disaster recovery with AWS, for FREE!

 
LVL 3

Author Comment

by:pma111
ID: 34942153
It fails,

enumerator.vbs (43, 5) Active Directory: The directory property cannot be found in cache
0
 
LVL 12

Expert Comment

by:prashanthd
ID: 34942233
try the following
On Error Resume Next

Dim objRootDSE, strDomain, strUsername, objConnection, objCommand, objRecordSet, strDN
Const ADS_SCOPE_SUBTREE = 2
Const ADS_GROUP_TYPE_GLOBAL_GROUP = &h2
Const ADS_GROUP_TYPE_LOCAL_GROUP = &h4
Const ADS_GROUP_TYPE_UNIVERSAL_GROUP = &h8
Const ADS_GROUP_TYPE_SECURITY_ENABLED = &h80000000


' Get domain components
Set objRootDSE = GetObject("LDAP://RootDSE")
strDomain = objRootDSE.Get("DefaultNamingContext")

' Set ADO connection
Set objConnection = CreateObject("ADODB.Connection")
objConnection.Provider = "ADsDSOObject"
objConnection.Open "Active Directory Provider"

' Set ADO command
Set objCommand = CreateObject("ADODB.Command")
Set objCommand.ActiveConnection = objConnection
objCommand.Properties("Searchscope") = ADS_SCOPE_SUBTREE

objCommand.CommandText = "SELECT distinguishedName FROM 'LDAP://" & strDomain & "' WHERE objectCategory='group'"
objCommand.Properties("Page Size") = 1000
objCommand.Properties("Timeout") = 30
objCommand.Properties("Cache Results") = False
' Set recordset to hold the query result
Set objRecordSet = objCommand.Execute

' If a Group was found - Retrieve the distinguishedName
Do While Not objRecordSet.EOF 
    strDN = "LDAP://" & objRecordSet.Fields("distinguishedName").Value
    
    Set objGroup = GetObject(strDN)
    objGroup.GetInfo
        
    strName = objGroup.Get("name")
    strSAMAccountName = objGroup.Get("sAMAccountName")
    intgroupType = objGroup.Get("groupType")
    
    strDescription = objGroup.Getex("description")
    
    WScript.Echo "name: " & strName
    WScript.Echo "sAMAccountName: " & strSAMAccountName
    
    WScript.StdOut.Write "Group type: "
    If intGroupType And ADS_GROUP_TYPE_SECURITY_ENABLED Then
        WScript.Echo "Type : Security group"
    Else
        WScript.Echo "Type : Distribution group"
    End If
    
    For Each strValue In strDescription
        WScript.Echo "description: " & strValue
    Next    
    objRecordSet.MoveNext
Loop


objCommand.CommandText = "SELECT distinguishedName FROM 'LDAP://" & strDomain & "' WHERE objectCategory='person'"
objCommand.Properties("Page Size") = 1000
objCommand.Properties("Timeout") = 30
objCommand.Properties("Cache Results") = False
' Set recordset to hold the query result
Set objRecordSet = objCommand.Execute

' If a Group was found - Retrieve the distinguishedName
Do While Not objRecordSet.EOF 
    strDN = "LDAP://" & objRecordSet.Fields("distinguishedName").Value
    
    Set objUser = GetObject(strDN)
    objUser.GetInfo
        
    strName = objUser.Get("name")
    strSAMAccountName = objGroup.Get("sAMAccountName")
       
    strDescription = objGroup.GetEx("description")
    
    WScript.Echo "name: " & strName
    WScript.Echo "sAMAccountName: " & strSAMAccountName
    WScript.StdOut.Write "Type: User"
    
    For Each strValue In strDescription
        WScript.Echo "description: " & strValue
    Next    
    
    objRecordSet.MoveNext
Loop

Open in new window

0
 
LVL 3

Author Comment

by:pma111
ID: 34942300
Hmm, it returns data, but in ADUC against accounts there is often a comment in the description field, when I search for the description in the output of this query it doesnt find it...
0
 
LVL 12

Expert Comment

by:prashanthd
ID: 34942424
Is it not returning any value for description?
0
 
LVL 3

Author Comment

by:pma111
ID: 34943030
I found an alternative that worked...
0

Featured Post

Optimizing Cloud Backup for Low Bandwidth

With cloud storage prices going down a growing number of SMBs start to use it for backup storage. Unfortunately, business data volume rarely fits the average Internet speed. This article provides an overview of main Internet speed challenges and reveals backup best practices.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

This article shows the method of using the Resultant Set of Policy Tool to locate Group Policy that applies a particular setting.
Had a business requirement to store the mobile number in an environmental variable. This is just a quick article on how this was done.
This Micro Tutorial hows how you can integrate  Mac OSX to a Windows Active Directory Domain. Apple has made it easy to allow users to bind their macs to a windows domain with relative ease. The following video show how to bind OSX Mavericks to …
There are cases when e.g. an IT administrator wants to have full access and view into selected mailboxes on Exchange server, directly from his own email account in Outlook or Outlook Web Access. This proves useful when for example administrator want…

696 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question