Solved

HTA Script to validate the user account in AD

Posted on 2011-02-22
9
1,328 Views
Last Modified: 2012-05-11
Hi All,

I am not much familiar with programing, but I am looking for a Script (preferabbly HTA) that will read the login ID from txt file and validate the list in AD and return the results in either CSV or Excel.

Can anyone please help me with this.

Praveen
0
Comment
Question by:praveendusi
  • 4
  • 3
9 Comments
 

Author Comment

by:praveendusi
Comment Utility
Team,

I know that this is a simple question.  But need your help.

Praveen
0
 
LVL 65

Expert Comment

by:RobSampson
Comment Utility
Why would this need to be a HTA if you're outputting the data to CSV anyway?  Would a VBS do that takes the inputfile and checks that each samAccountName is in AD?

Regards,

Rob.
0
 

Author Comment

by:praveendusi
Comment Utility
Hi Rob,

Thank you for the response.  

The reason I wanted HTA is because this would be given to my team.  Some are not very familiar with VBScript.  I can understand the VB script but cannot change it as I am still learning.... :))

HTA would be good.... If that cannot be done... VB file is OK with Input boxes.

My requirement:

1)  Script should read the txt file which contains the Login Accounts (UserID)
2)  It should output if the account exits or not.  If exists, full path of the OU.

Let me know if you need any more information.

Many Thanks
Praveen
0
Why spend so long doing email signature updates?

Do you spend loads of your time carrying out email signature updates? Not very interesting are they? Don’t let signature updates get you down. Let Exclaimer Cloud - Signatures for Office 365 make managing email signatures a breeze.

 
LVL 65

Expert Comment

by:RobSampson
Comment Utility
Hi, here's a VBScript.  See how it goes.  It's just that there's not much GUI related stuff to put in a HTA....

Regards,

Rob.
strInput = InputBox("Enter name of file that contains user IDs:", "Input File", "samaccountnames.txt")
strOutput = InputBox("Enter CSV file to save results to:", "Output File", "ValidatedUsers.csv")

Set objFSO = CreateObject("Scripting.FileSystemObject")
Const ForReading = 1
Set objInput = objFSO.OpenTextFile(strInput, ForReading, False)
Set objOutput = objFSO.CreateTextFile(strOutput, True)
objOutput.WriteLine """samAccountName"",""Exists?"",""OU Path"""

While Not objInput.AtEndOfStream
	strSamAccountName = objInput.ReadLine
	If strSamAccountName <> "" Then
		strProperties = Get_LDAP_User_Properties("user", "samaccountname", strsamAccountName, "adsPath")
		If strProperties <> "" Then
			objOutput.WriteLine """" & strSamAccountName & """,""YES"",""" & strProperties & """"
		Else
			objOutput.WriteLine """" & strSamAccountName & """,""NO"","""""
		End If
	End If
Wend
objInput.Close
objOutput.Close

MsgBox "Done. Please see " & strOutput

Function Get_LDAP_User_Properties(strObjectType, strSearchField, strObjectToGet, strCommaDelimProps)
      
      ' This is a custom function that connects to the Active Directory, and returns the specific
      ' Active Directory attribute value, of a specific Object.
      ' strObjectType: usually "User" or "Computer"
      ' strSearchField: the field by which to seach the AD by. This acts like an SQL Query's WHERE clause.
      '				It filters the results by the value of strObjectToGet
      ' strObjectToGet: the value by which the results are filtered by, according the strSearchField.
      '				For example, if you are searching based on the user account name, strSearchField
      '				would be "samAccountName", and strObjectToGet would be that speicific account name,
      '				such as "jsmith".  This equates to "WHERE 'samAccountName' = 'jsmith'"
      '	strCommaDelimProps: the field from the object to actually return.  For example, if you wanted
      '				the home folder path, as defined by the AD, for a specific user, this would be
      '				"homeDirectory".  If you want to return the ADsPath so that you can bind to that
      '				user and get your own parameters from them, then use "ADsPath" as a return string,
      '				then bind to the user: Set objUser = GetObject("LDAP://" & strReturnADsPath)
      
      ' Now we're checking if the user account passed may have a domain already specified,
      ' in which case we connect to that domain in AD, instead of the default one.
      If InStr(strObjectToGet, "\") > 0 Then
            arrGroupBits = Split(strObjectToGet, "\")
            strDC = arrGroupBits(0)
            strDNSDomain = strDC & "/" & "DC=" & Replace(Mid(strDC, InStr(strDC, ".") + 1), ".", ",DC=")
            strObjectToGet = arrGroupBits(1)
      Else
      ' Otherwise we just connect to the default domain
            Set objRootDSE = GetObject("LDAP://RootDSE")
            strDNSDomain = objRootDSE.Get("defaultNamingContext")
      End If
 
      strBase = "<LDAP://" & strDNSDomain & ">"
      ' Setup ADO objects.
      Set adoCommand = CreateObject("ADODB.Command")
      Set adoConnection = CreateObject("ADODB.Connection")
      adoConnection.Provider = "ADsDSOObject"
      adoConnection.Open "Active Directory Provider"
      adoCommand.ActiveConnection = adoConnection
 
 
      ' Filter on user objects.
      'strFilter = "(&(objectCategory=person)(objectClass=user))"
      strFilter = "(&(objectClass=" & strObjectType & ")(" & strSearchField & "=" & strObjectToGet & "))"
 
      ' Comma delimited list of attribute values to retrieve.
      strAttributes = strCommaDelimProps
      arrProperties = Split(strCommaDelimProps, ",")
 
      ' Construct the LDAP syntax query.
      strQuery = strBase & ";" & strFilter & ";" & strAttributes & ";subtree"
      adoCommand.CommandText = strQuery
      ' Define the maximum records to return
      adoCommand.Properties("Page Size") = 100
      adoCommand.Properties("Timeout") = 30
      adoCommand.Properties("Cache Results") = False
 
      ' Run the query.
      Set adoRecordset = adoCommand.Execute
      ' Enumerate the resulting recordset.
      strReturnVal = ""
      Do Until adoRecordset.EOF
          ' Retrieve values and display.    
          For intCount = LBound(arrProperties) To UBound(arrProperties)
                If strReturnVal = "" Then
                      strReturnVal = adoRecordset.Fields(intCount).Value
                Else
                      strReturnVal = strReturnVal & VbCrLf & adoRecordset.Fields(intCount).Value
                End If
          Next
          ' Move to the next record in the recordset.
          adoRecordset.MoveNext
      Loop
 
      ' Clean up.
      adoRecordset.Close
      adoConnection.Close
      Get_LDAP_User_Properties = strReturnVal
	 
End Function

Open in new window

0
 

Author Comment

by:praveendusi
Comment Utility
Hi Rob,

You are simply superb.  As awalys, I have seen some of your posts... The scrpits works perfectly.

Just a last question before we close this.  If I want to add anything else apart from the 3 fields?

EX:-  I get the output as "Account Name, Exists?, OT Path".  If I want to add the 4th field say "Created date or Modified Date or Password Modification Date", will that be possible (in Future)?

Many Thanks
Praveen
0
 
LVL 65

Accepted Solution

by:
RobSampson earned 250 total points
Comment Utility
You can, as long as the property you want is just a string value.  Some AD properties are array values, and so will need the code to be modified.  For string values, add them by changing this line:

objOutput.WriteLine """samAccountName"",""Exists?"",""OU Path"""

to this

objOutput.WriteLine """samAccountName"",""Exists?"",""OU Path"",""whenCreated"""

and also this line:

            strProperties = Get_LDAP_User_Properties("user", "samaccountname", strSamAccountName, "adsPath")

to this:

            strProperties = Get_LDAP_User_Properties("user", "samaccountname", strSamAccountName, "adsPath,whenCreated")

Regards,

Rob.
strInput = InputBox("Enter name of file that contains user IDs:", "Input File", "samaccountnames.txt")
strOutput = InputBox("Enter CSV file to save results to:", "Output File", "ValidatedUsers.csv")

Set objFSO = CreateObject("Scripting.FileSystemObject")
Const ForReading = 1
Set objInput = objFSO.OpenTextFile(strInput, ForReading, False)
Set objOutput = objFSO.CreateTextFile(strOutput, True)
objOutput.WriteLine """samAccountName"",""Exists?"",""OU Path"""

While Not objInput.AtEndOfStream
	strSamAccountName = objInput.ReadLine
	If strSamAccountName <> "" Then
		strProperties = Get_LDAP_User_Properties("user", "samaccountname", strsamAccountName, "adsPath")
		If strProperties <> "" Then
			objOutput.WriteLine """" & strSamAccountName & """,""YES"",""" & Replace(strProperties, VbCrLf & """,""") & """"
		Else
			objOutput.WriteLine """" & strSamAccountName & """,""NO"","""""
		End If
	End If
Wend
objInput.Close
objOutput.Close

MsgBox "Done. Please see " & strOutput

Function Get_LDAP_User_Properties(strObjectType, strSearchField, strObjectToGet, strCommaDelimProps)
      
      ' This is a custom function that connects to the Active Directory, and returns the specific
      ' Active Directory attribute value, of a specific Object.
      ' strObjectType: usually "User" or "Computer"
      ' strSearchField: the field by which to seach the AD by. This acts like an SQL Query's WHERE clause.
      '				It filters the results by the value of strObjectToGet
      ' strObjectToGet: the value by which the results are filtered by, according the strSearchField.
      '				For example, if you are searching based on the user account name, strSearchField
      '				would be "samAccountName", and strObjectToGet would be that speicific account name,
      '				such as "jsmith".  This equates to "WHERE 'samAccountName' = 'jsmith'"
      '	strCommaDelimProps: the field from the object to actually return.  For example, if you wanted
      '				the home folder path, as defined by the AD, for a specific user, this would be
      '				"homeDirectory".  If you want to return the ADsPath so that you can bind to that
      '				user and get your own parameters from them, then use "ADsPath" as a return string,
      '				then bind to the user: Set objUser = GetObject("LDAP://" & strReturnADsPath)
      
      ' Now we're checking if the user account passed may have a domain already specified,
      ' in which case we connect to that domain in AD, instead of the default one.
      If InStr(strObjectToGet, "\") > 0 Then
            arrGroupBits = Split(strObjectToGet, "\")
            strDC = arrGroupBits(0)
            strDNSDomain = strDC & "/" & "DC=" & Replace(Mid(strDC, InStr(strDC, ".") + 1), ".", ",DC=")
            strObjectToGet = arrGroupBits(1)
      Else
      ' Otherwise we just connect to the default domain
            Set objRootDSE = GetObject("LDAP://RootDSE")
            strDNSDomain = objRootDSE.Get("defaultNamingContext")
      End If
 
      strBase = "<LDAP://" & strDNSDomain & ">"
      ' Setup ADO objects.
      Set adoCommand = CreateObject("ADODB.Command")
      Set adoConnection = CreateObject("ADODB.Connection")
      adoConnection.Provider = "ADsDSOObject"
      adoConnection.Open "Active Directory Provider"
      adoCommand.ActiveConnection = adoConnection
 
 
      ' Filter on user objects.
      'strFilter = "(&(objectCategory=person)(objectClass=user))"
      strFilter = "(&(objectClass=" & strObjectType & ")(" & strSearchField & "=" & strObjectToGet & "))"
 
      ' Comma delimited list of attribute values to retrieve.
      strAttributes = strCommaDelimProps
      arrProperties = Split(strCommaDelimProps, ",")
 
      ' Construct the LDAP syntax query.
      strQuery = strBase & ";" & strFilter & ";" & strAttributes & ";subtree"
      adoCommand.CommandText = strQuery
      ' Define the maximum records to return
      adoCommand.Properties("Page Size") = 100
      adoCommand.Properties("Timeout") = 30
      adoCommand.Properties("Cache Results") = False
 
      ' Run the query.
      Set adoRecordset = adoCommand.Execute
      ' Enumerate the resulting recordset.
      strReturnVal = ""
      Do Until adoRecordset.EOF
          ' Retrieve values and display.    
          For intCount = LBound(arrProperties) To UBound(arrProperties)
                If strReturnVal = "" Then
                      strReturnVal = adoRecordset.Fields(intCount).Value
                Else
                      strReturnVal = strReturnVal & VbCrLf & adoRecordset.Fields(intCount).Value
                End If
          Next
          ' Move to the next record in the recordset.
          adoRecordset.MoveNext
      Loop
 
      ' Clean up.
      adoRecordset.Close
      adoConnection.Close
      Get_LDAP_User_Properties = strReturnVal
	 
End Function

Open in new window

0
 

Author Closing Comment

by:praveendusi
Comment Utility
Hi Rob,

Thank you for explaining so as to which part of the script needs to be changed for my future reference.

I appreciate your help and this script has certainly helped me.

I have posted a new question.  Can you please review and see if a solution is possible:

http://www.experts-exchange.com/Software/Server_Software/File_Servers/Active_Directory/Q_26851975.html

I have few more requirements which I will review and post it here.

Many Thanks
Praveen
0

Featured Post

How your wiki can always stay up-to-date

Quip doubles as a “living” wiki and a project management tool that evolves with your organization. As you finish projects in Quip, the work remains, easily accessible to all team members, new and old.
- Increase transparency
- Onboard new hires faster
- Access from mobile/offline

Join & Write a Comment

Know what services you can and cannot, should and should not combine on your server.
This code takes an Excel list of URL’s and adds a header titled “URL List”. It then searches through all URL’s in column “A”, looking for duplicates. When a duplicate is found, it is moved to the top of the list. The duplicate URL’s are then highlig…
The viewer will learn how to create a basic form using some HTML5 and PHP for later processing. Set up your basic HTML file. Open your form tag and set the method and action attributes.: (CODE) Set up your first few inputs one for the name and …
In this seventh video of the Xpdf series, we discuss and demonstrate the PDFfonts utility, which lists all the fonts used in a PDF file. It does this via a command line interface, making it suitable for use in programs, scripts, batch files — any pl…

743 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

17 Experts available now in Live!

Get 1:1 Help Now