[Webinar] Streamline your web hosting managementRegister Today

x
  • Status: Solved
  • Priority: Medium
  • Security: Public
  • Views: 1384
  • Last Modified:

HTA Script to validate the user account in AD

Hi All,

I am not much familiar with programing, but I am looking for a Script (preferabbly HTA) that will read the login ID from txt file and validate the list in AD and return the results in either CSV or Excel.

Can anyone please help me with this.

Praveen
0
praveendusi
Asked:
praveendusi
  • 4
  • 3
1 Solution
 
praveendusiAuthor Commented:
Team,

I know that this is a simple question.  But need your help.

Praveen
0
 
RobSampsonCommented:
Why would this need to be a HTA if you're outputting the data to CSV anyway?  Would a VBS do that takes the inputfile and checks that each samAccountName is in AD?

Regards,

Rob.
0
 
praveendusiAuthor Commented:
Hi Rob,

Thank you for the response.  

The reason I wanted HTA is because this would be given to my team.  Some are not very familiar with VBScript.  I can understand the VB script but cannot change it as I am still learning.... :))

HTA would be good.... If that cannot be done... VB file is OK with Input boxes.

My requirement:

1)  Script should read the txt file which contains the Login Accounts (UserID)
2)  It should output if the account exits or not.  If exists, full path of the OU.

Let me know if you need any more information.

Many Thanks
Praveen
0
Never miss a deadline with monday.com

The revolutionary project management tool is here!   Plan visually with a single glance and make sure your projects get done.

 
RobSampsonCommented:
Hi, here's a VBScript.  See how it goes.  It's just that there's not much GUI related stuff to put in a HTA....

Regards,

Rob.
strInput = InputBox("Enter name of file that contains user IDs:", "Input File", "samaccountnames.txt")
strOutput = InputBox("Enter CSV file to save results to:", "Output File", "ValidatedUsers.csv")

Set objFSO = CreateObject("Scripting.FileSystemObject")
Const ForReading = 1
Set objInput = objFSO.OpenTextFile(strInput, ForReading, False)
Set objOutput = objFSO.CreateTextFile(strOutput, True)
objOutput.WriteLine """samAccountName"",""Exists?"",""OU Path"""

While Not objInput.AtEndOfStream
	strSamAccountName = objInput.ReadLine
	If strSamAccountName <> "" Then
		strProperties = Get_LDAP_User_Properties("user", "samaccountname", strsamAccountName, "adsPath")
		If strProperties <> "" Then
			objOutput.WriteLine """" & strSamAccountName & """,""YES"",""" & strProperties & """"
		Else
			objOutput.WriteLine """" & strSamAccountName & """,""NO"","""""
		End If
	End If
Wend
objInput.Close
objOutput.Close

MsgBox "Done. Please see " & strOutput

Function Get_LDAP_User_Properties(strObjectType, strSearchField, strObjectToGet, strCommaDelimProps)
      
      ' This is a custom function that connects to the Active Directory, and returns the specific
      ' Active Directory attribute value, of a specific Object.
      ' strObjectType: usually "User" or "Computer"
      ' strSearchField: the field by which to seach the AD by. This acts like an SQL Query's WHERE clause.
      '				It filters the results by the value of strObjectToGet
      ' strObjectToGet: the value by which the results are filtered by, according the strSearchField.
      '				For example, if you are searching based on the user account name, strSearchField
      '				would be "samAccountName", and strObjectToGet would be that speicific account name,
      '				such as "jsmith".  This equates to "WHERE 'samAccountName' = 'jsmith'"
      '	strCommaDelimProps: the field from the object to actually return.  For example, if you wanted
      '				the home folder path, as defined by the AD, for a specific user, this would be
      '				"homeDirectory".  If you want to return the ADsPath so that you can bind to that
      '				user and get your own parameters from them, then use "ADsPath" as a return string,
      '				then bind to the user: Set objUser = GetObject("LDAP://" & strReturnADsPath)
      
      ' Now we're checking if the user account passed may have a domain already specified,
      ' in which case we connect to that domain in AD, instead of the default one.
      If InStr(strObjectToGet, "\") > 0 Then
            arrGroupBits = Split(strObjectToGet, "\")
            strDC = arrGroupBits(0)
            strDNSDomain = strDC & "/" & "DC=" & Replace(Mid(strDC, InStr(strDC, ".") + 1), ".", ",DC=")
            strObjectToGet = arrGroupBits(1)
      Else
      ' Otherwise we just connect to the default domain
            Set objRootDSE = GetObject("LDAP://RootDSE")
            strDNSDomain = objRootDSE.Get("defaultNamingContext")
      End If
 
      strBase = "<LDAP://" & strDNSDomain & ">"
      ' Setup ADO objects.
      Set adoCommand = CreateObject("ADODB.Command")
      Set adoConnection = CreateObject("ADODB.Connection")
      adoConnection.Provider = "ADsDSOObject"
      adoConnection.Open "Active Directory Provider"
      adoCommand.ActiveConnection = adoConnection
 
 
      ' Filter on user objects.
      'strFilter = "(&(objectCategory=person)(objectClass=user))"
      strFilter = "(&(objectClass=" & strObjectType & ")(" & strSearchField & "=" & strObjectToGet & "))"
 
      ' Comma delimited list of attribute values to retrieve.
      strAttributes = strCommaDelimProps
      arrProperties = Split(strCommaDelimProps, ",")
 
      ' Construct the LDAP syntax query.
      strQuery = strBase & ";" & strFilter & ";" & strAttributes & ";subtree"
      adoCommand.CommandText = strQuery
      ' Define the maximum records to return
      adoCommand.Properties("Page Size") = 100
      adoCommand.Properties("Timeout") = 30
      adoCommand.Properties("Cache Results") = False
 
      ' Run the query.
      Set adoRecordset = adoCommand.Execute
      ' Enumerate the resulting recordset.
      strReturnVal = ""
      Do Until adoRecordset.EOF
          ' Retrieve values and display.    
          For intCount = LBound(arrProperties) To UBound(arrProperties)
                If strReturnVal = "" Then
                      strReturnVal = adoRecordset.Fields(intCount).Value
                Else
                      strReturnVal = strReturnVal & VbCrLf & adoRecordset.Fields(intCount).Value
                End If
          Next
          ' Move to the next record in the recordset.
          adoRecordset.MoveNext
      Loop
 
      ' Clean up.
      adoRecordset.Close
      adoConnection.Close
      Get_LDAP_User_Properties = strReturnVal
	 
End Function

Open in new window

0
 
praveendusiAuthor Commented:
Hi Rob,

You are simply superb.  As awalys, I have seen some of your posts... The scrpits works perfectly.

Just a last question before we close this.  If I want to add anything else apart from the 3 fields?

EX:-  I get the output as "Account Name, Exists?, OT Path".  If I want to add the 4th field say "Created date or Modified Date or Password Modification Date", will that be possible (in Future)?

Many Thanks
Praveen
0
 
RobSampsonCommented:
You can, as long as the property you want is just a string value.  Some AD properties are array values, and so will need the code to be modified.  For string values, add them by changing this line:

objOutput.WriteLine """samAccountName"",""Exists?"",""OU Path"""

to this

objOutput.WriteLine """samAccountName"",""Exists?"",""OU Path"",""whenCreated"""

and also this line:

            strProperties = Get_LDAP_User_Properties("user", "samaccountname", strSamAccountName, "adsPath")

to this:

            strProperties = Get_LDAP_User_Properties("user", "samaccountname", strSamAccountName, "adsPath,whenCreated")

Regards,

Rob.
strInput = InputBox("Enter name of file that contains user IDs:", "Input File", "samaccountnames.txt")
strOutput = InputBox("Enter CSV file to save results to:", "Output File", "ValidatedUsers.csv")

Set objFSO = CreateObject("Scripting.FileSystemObject")
Const ForReading = 1
Set objInput = objFSO.OpenTextFile(strInput, ForReading, False)
Set objOutput = objFSO.CreateTextFile(strOutput, True)
objOutput.WriteLine """samAccountName"",""Exists?"",""OU Path"""

While Not objInput.AtEndOfStream
	strSamAccountName = objInput.ReadLine
	If strSamAccountName <> "" Then
		strProperties = Get_LDAP_User_Properties("user", "samaccountname", strsamAccountName, "adsPath")
		If strProperties <> "" Then
			objOutput.WriteLine """" & strSamAccountName & """,""YES"",""" & Replace(strProperties, VbCrLf & """,""") & """"
		Else
			objOutput.WriteLine """" & strSamAccountName & """,""NO"","""""
		End If
	End If
Wend
objInput.Close
objOutput.Close

MsgBox "Done. Please see " & strOutput

Function Get_LDAP_User_Properties(strObjectType, strSearchField, strObjectToGet, strCommaDelimProps)
      
      ' This is a custom function that connects to the Active Directory, and returns the specific
      ' Active Directory attribute value, of a specific Object.
      ' strObjectType: usually "User" or "Computer"
      ' strSearchField: the field by which to seach the AD by. This acts like an SQL Query's WHERE clause.
      '				It filters the results by the value of strObjectToGet
      ' strObjectToGet: the value by which the results are filtered by, according the strSearchField.
      '				For example, if you are searching based on the user account name, strSearchField
      '				would be "samAccountName", and strObjectToGet would be that speicific account name,
      '				such as "jsmith".  This equates to "WHERE 'samAccountName' = 'jsmith'"
      '	strCommaDelimProps: the field from the object to actually return.  For example, if you wanted
      '				the home folder path, as defined by the AD, for a specific user, this would be
      '				"homeDirectory".  If you want to return the ADsPath so that you can bind to that
      '				user and get your own parameters from them, then use "ADsPath" as a return string,
      '				then bind to the user: Set objUser = GetObject("LDAP://" & strReturnADsPath)
      
      ' Now we're checking if the user account passed may have a domain already specified,
      ' in which case we connect to that domain in AD, instead of the default one.
      If InStr(strObjectToGet, "\") > 0 Then
            arrGroupBits = Split(strObjectToGet, "\")
            strDC = arrGroupBits(0)
            strDNSDomain = strDC & "/" & "DC=" & Replace(Mid(strDC, InStr(strDC, ".") + 1), ".", ",DC=")
            strObjectToGet = arrGroupBits(1)
      Else
      ' Otherwise we just connect to the default domain
            Set objRootDSE = GetObject("LDAP://RootDSE")
            strDNSDomain = objRootDSE.Get("defaultNamingContext")
      End If
 
      strBase = "<LDAP://" & strDNSDomain & ">"
      ' Setup ADO objects.
      Set adoCommand = CreateObject("ADODB.Command")
      Set adoConnection = CreateObject("ADODB.Connection")
      adoConnection.Provider = "ADsDSOObject"
      adoConnection.Open "Active Directory Provider"
      adoCommand.ActiveConnection = adoConnection
 
 
      ' Filter on user objects.
      'strFilter = "(&(objectCategory=person)(objectClass=user))"
      strFilter = "(&(objectClass=" & strObjectType & ")(" & strSearchField & "=" & strObjectToGet & "))"
 
      ' Comma delimited list of attribute values to retrieve.
      strAttributes = strCommaDelimProps
      arrProperties = Split(strCommaDelimProps, ",")
 
      ' Construct the LDAP syntax query.
      strQuery = strBase & ";" & strFilter & ";" & strAttributes & ";subtree"
      adoCommand.CommandText = strQuery
      ' Define the maximum records to return
      adoCommand.Properties("Page Size") = 100
      adoCommand.Properties("Timeout") = 30
      adoCommand.Properties("Cache Results") = False
 
      ' Run the query.
      Set adoRecordset = adoCommand.Execute
      ' Enumerate the resulting recordset.
      strReturnVal = ""
      Do Until adoRecordset.EOF
          ' Retrieve values and display.    
          For intCount = LBound(arrProperties) To UBound(arrProperties)
                If strReturnVal = "" Then
                      strReturnVal = adoRecordset.Fields(intCount).Value
                Else
                      strReturnVal = strReturnVal & VbCrLf & adoRecordset.Fields(intCount).Value
                End If
          Next
          ' Move to the next record in the recordset.
          adoRecordset.MoveNext
      Loop
 
      ' Clean up.
      adoRecordset.Close
      adoConnection.Close
      Get_LDAP_User_Properties = strReturnVal
	 
End Function

Open in new window

0
 
praveendusiAuthor Commented:
Hi Rob,

Thank you for explaining so as to which part of the script needs to be changed for my future reference.

I appreciate your help and this script has certainly helped me.

I have posted a new question.  Can you please review and see if a solution is possible:

http://www.experts-exchange.com/Software/Server_Software/File_Servers/Active_Directory/Q_26851975.html 

I have few more requirements which I will review and post it here.

Many Thanks
Praveen
0

Featured Post

Free tool for managing users' photos in Office 365

Easily upload multiple users’ photos to Office 365. Manage them with an intuitive GUI and use handy built-in cropping and resizing options. Link photos with users based on Azure AD attributes. Free tool!

  • 4
  • 3
Tackle projects and never again get stuck behind a technical roadblock.
Join Now