Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people, just like you, are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
Solved

How to pull who uses what login script in Active Directory

Posted on 2011-03-18
4
515 Views
Last Modified: 2012-05-11
Hi guys,

I need to create a script that allows me to see who has what login script in their profile.

I found this online. Not sure how good it works. Thoughts?

Set objRootDSE = GetObject("LDAP://RootDSE")
strConfig = objRootDSE.Get("configurationNamingContext")
strDNSDomain = objRootDSE.Get("defaultNamingContext")

'      Initiate ADO

Set objCommand = CreateObject("ADODB.Command")
Set objConnection = CreateObject("ADODB.Connection")
objConnection.Provider = "ADsDSOObject"
objConnection.Open "Active Directory Provider"
objCommand.ActiveConnection = objConnection

'      Assemble query string

strBase = ""
strFilter = "(&(objectCategory=person)(objectClass=user))"
strAttributes = "distinguishedName,Name,ScriptPath"
strQuery = strBase & ";" & strFilter & ";" & strAttributes & ";subtree"

'      set parameters

objCommand.CommandText = strQuery
objCommand.Properties("Page Size") = 100
objCommand.Properties("Timeout") = 60
objCommand.Properties("Cache Results") = False

Set objRecordSet = objCommand.Execute

Do Until objRecordSet.EOF
wscript.echo objRecordSet.Fields("Name") & vbtab & objRecordSet.Fields("scriptPath")
objRecordSet.MoveNext
Loop

Thanks

0
Comment
Question by:nexxsupport
  • 2
4 Comments
 
LVL 31

Expert Comment

by:Justin Owens
ID: 35166091
It looks like it should be fine....  Have you tried it yet?

DrUltima
0
 
LVL 7

Expert Comment

by:SjoerdvW
ID: 35166135
Created this script a while back... Export the logonscript (and some other attributes) to a csv file
'**************************************************************************
'Application settings
'**************************************************************************
Const ForReading = 1
Const ForWriting = 2
Const ADS_PROPERTY_APPEND = 3
Const Primary_EmailAddress = "SMTP:"

'**************************************************************************
'Declare variables
'**************************************************************************
Counter=0

ExportfilePath = InputBox("Path to the export file:", "Export to","export.csv") 
Set objExportFSO = CreateObject("Scripting.FileSystemObject")
Set objExportTextFile = objExportFSO.OpenTextFile(ExportfilePath, ForWriting, True)

On Error Resume Next
objExportTextFile.writeline("UserName;Full Name;First Name;Initials;Lastname;Account disabled;PrimaryEmail;LoginScript;HomeDir;ProfilePath")

'Create Objects for LDAP Queries
Set rootDSE = GetObject("LDAP://RootDSE")
DomainContainer = rootDSE.Get("defaultNamingContext")

Set objConnection = CreateObject("ADODB.Connection")
Set objCommand =   CreateObject("ADODB.Command")
objConnection.Provider = "ADsDSOObject"
objConnection.Open "Active Directory Provider"
Set objCommand.ActiveConnection = objConnection

objCommand.Properties("Page Size") = 1000

objCommand.CommandText = _
   "SELECT sAMAccountName, cn, givenName, initials, sn, distinguishedName, proxyAddresses, ScriptPath, homeDirectory, profilePath FROM 'LDAP://" & DomainContainer & "' WHERE objectCategory='user' "

Set objRecordSet = objCommand.Execute

objRecordSet.MoveFirst
Do Until objRecordSet.EOF
    distinguishedName = objRecordSet.Fields("distinguishedName")
    Set objUser       = GetObject("LDAP://" & distinguishedName)
    Set colGroups     = objUser.Groups
    LogonName         = objRecordSet.Fields("sAMAccountName").Value
    FullName	      = objRecordSet.Fields("cn").Value
    GivenName         = objRecordSet.Fields("givenName").Value
    Initials          = objRecordSet.Fields("initials").Value
    SureName          = objRecordSet.Fields("sn").Value
    Disabled          = objUser.AccountDisabled
    if Disabled then Disabled = 1 else Disabled = 0 end if  
    ProxyAddresses    = objRecordSet.Fields("proxyAddresses")
    primaryMail       = ""
    LoginScript       = objRecordSet.Fields("ScriptPath")
    homeDirectory     = objRecordSet.Fields("homeDirectory")
    profilePath       = objRecordSet.Fields("profilePath")
    
    If IsArray(ProxyAddresses) Then
      For Each ProxyAddress in ProxyAddresses
      On Error Resume Next
       If (ProxyAddress<>"") Then
         If CBool(InStr(ProxyAddress, Primary_EmailAddress)) Then 
          primaryMail = Mid(proxyAddress,6)
         End If
       End If
      Next
    End If

    objExportTextFile.writeLine(LogonName & ";" & FullName & ";" & GivenName & ";" & Initials & ";" & SureName & ";" & Disabled & ";" & primaryMail & ";" & LoginScript & ";" & homeDirectory & ";" & profilePath)

    Counter=Counter+1
    objRecordSet.MoveNext
Loop

WScript.Echo "Exported " & Counter & " users"

Open in new window

0
 

Author Comment

by:nexxsupport
ID: 35166909
Thanks, Im trying to edit it so it can be OU specific and only with firstname and surname.

When i edit it all I get is
,,,,,,,"first name of user", loginscritp.

Any idea?
0
 
LVL 7

Accepted Solution

by:
SjoerdvW earned 500 total points
ID: 35179908
This script should export you're whole AD with the distinguishedName, logonnname and script of all users. You can resolve the OU by the users distinguished name.

If you would only query a specific OU you should change the rules
Set rootDSE = GetObject("LDAP://RootDSE")
DomainContainer = rootDSE.Get("defaultNamingContext")

with something like:
DomainContainer = "OU=Users,OU=Test,DC=Domain,DC=Local"

'**************************************************************************
'Application settings
'**************************************************************************
Const ForReading = 1
Const ForWriting = 2
Const ADS_PROPERTY_APPEND = 3
Const Primary_EmailAddress = "SMTP:"

'**************************************************************************
'Declare variables
'**************************************************************************
Counter=0

ExportfilePath = InputBox("Path to the export file:", "Export to","export.csv") 
Set objExportFSO = CreateObject("Scripting.FileSystemObject")
Set objExportTextFile = objExportFSO.OpenTextFile(ExportfilePath, ForWriting, True)

On Error Resume Next
objExportTextFile.writeline("distinguishedName;UserName;LoginScript")

'Create Objects for LDAP Queries
Set rootDSE = GetObject("LDAP://RootDSE")
DomainContainer = rootDSE.Get("defaultNamingContext")

Set objConnection = CreateObject("ADODB.Connection")
Set objCommand =   CreateObject("ADODB.Command")
objConnection.Provider = "ADsDSOObject"
objConnection.Open "Active Directory Provider"
Set objCommand.ActiveConnection = objConnection

objCommand.Properties("Page Size") = 1000

objCommand.CommandText = "SELECT distinguishedName, sAMAccountName, ScriptPath FROM 'LDAP://" & DomainContainer & "' WHERE objectCategory='user' "

Set objRecordSet = objCommand.Execute

objRecordSet.MoveFirst
Do Until objRecordSet.EOF
    distinguishedName = objRecordSet.Fields("distinguishedName")
    Set objUser       = GetObject("LDAP://" & distinguishedName)
    LogonName         = objRecordSet.Fields("sAMAccountName").Value
    LoginScript       = objRecordSet.Fields("ScriptPath")
    objExportTextFile.writeLine(distinguishedName & ";" & LogonName & ";" & LoginScript)
    Counter=Counter+1
    objRecordSet.MoveNext
Loop

WScript.Echo "Exported " & Counter & " users"

Open in new window

0

Featured Post

Free Tool: Path Explorer

An intuitive utility to help find the CSS path to UI elements on a webpage. These paths are used frequently in a variety of front-end development and QA automation tasks.

One of a set of tools we're offering as a way of saying thank you for being a part of the community.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Learn about cloud computing and its benefits for small business owners.
You might have come across a situation when you have Exchange 2013 server in two different sites (Production and DR). After adding the Database copy in ECP console it displays Database copy status unknown for the DR exchange server. Issue is strange…
This tutorial will walk an individual through configuring a drive on a Windows Server 2008 to perform shadow copies in order to quickly recover deleted files and folders. Click on Start and then select Computer to view the available drives on the se…
This Micro Tutorial hows how you can integrate  Mac OSX to a Windows Active Directory Domain. Apple has made it easy to allow users to bind their macs to a windows domain with relative ease. The following video show how to bind OSX Mavericks to …

856 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question