?
Solved

How to pull who uses what login script in Active Directory

Posted on 2011-03-18
4
Medium Priority
?
520 Views
Last Modified: 2012-05-11
Hi guys,

I need to create a script that allows me to see who has what login script in their profile.

I found this online. Not sure how good it works. Thoughts?

Set objRootDSE = GetObject("LDAP://RootDSE")
strConfig = objRootDSE.Get("configurationNamingContext")
strDNSDomain = objRootDSE.Get("defaultNamingContext")

'      Initiate ADO

Set objCommand = CreateObject("ADODB.Command")
Set objConnection = CreateObject("ADODB.Connection")
objConnection.Provider = "ADsDSOObject"
objConnection.Open "Active Directory Provider"
objCommand.ActiveConnection = objConnection

'      Assemble query string

strBase = ""
strFilter = "(&(objectCategory=person)(objectClass=user))"
strAttributes = "distinguishedName,Name,ScriptPath"
strQuery = strBase & ";" & strFilter & ";" & strAttributes & ";subtree"

'      set parameters

objCommand.CommandText = strQuery
objCommand.Properties("Page Size") = 100
objCommand.Properties("Timeout") = 60
objCommand.Properties("Cache Results") = False

Set objRecordSet = objCommand.Execute

Do Until objRecordSet.EOF
wscript.echo objRecordSet.Fields("Name") & vbtab & objRecordSet.Fields("scriptPath")
objRecordSet.MoveNext
Loop

Thanks

0
Comment
Question by:nexxsupport
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
  • 2
4 Comments
 
LVL 31

Expert Comment

by:Justin Owens
ID: 35166091
It looks like it should be fine....  Have you tried it yet?

DrUltima
0
 
LVL 7

Expert Comment

by:SjoerdvW
ID: 35166135
Created this script a while back... Export the logonscript (and some other attributes) to a csv file
'**************************************************************************
'Application settings
'**************************************************************************
Const ForReading = 1
Const ForWriting = 2
Const ADS_PROPERTY_APPEND = 3
Const Primary_EmailAddress = "SMTP:"

'**************************************************************************
'Declare variables
'**************************************************************************
Counter=0

ExportfilePath = InputBox("Path to the export file:", "Export to","export.csv") 
Set objExportFSO = CreateObject("Scripting.FileSystemObject")
Set objExportTextFile = objExportFSO.OpenTextFile(ExportfilePath, ForWriting, True)

On Error Resume Next
objExportTextFile.writeline("UserName;Full Name;First Name;Initials;Lastname;Account disabled;PrimaryEmail;LoginScript;HomeDir;ProfilePath")

'Create Objects for LDAP Queries
Set rootDSE = GetObject("LDAP://RootDSE")
DomainContainer = rootDSE.Get("defaultNamingContext")

Set objConnection = CreateObject("ADODB.Connection")
Set objCommand =   CreateObject("ADODB.Command")
objConnection.Provider = "ADsDSOObject"
objConnection.Open "Active Directory Provider"
Set objCommand.ActiveConnection = objConnection

objCommand.Properties("Page Size") = 1000

objCommand.CommandText = _
   "SELECT sAMAccountName, cn, givenName, initials, sn, distinguishedName, proxyAddresses, ScriptPath, homeDirectory, profilePath FROM 'LDAP://" & DomainContainer & "' WHERE objectCategory='user' "

Set objRecordSet = objCommand.Execute

objRecordSet.MoveFirst
Do Until objRecordSet.EOF
    distinguishedName = objRecordSet.Fields("distinguishedName")
    Set objUser       = GetObject("LDAP://" & distinguishedName)
    Set colGroups     = objUser.Groups
    LogonName         = objRecordSet.Fields("sAMAccountName").Value
    FullName	      = objRecordSet.Fields("cn").Value
    GivenName         = objRecordSet.Fields("givenName").Value
    Initials          = objRecordSet.Fields("initials").Value
    SureName          = objRecordSet.Fields("sn").Value
    Disabled          = objUser.AccountDisabled
    if Disabled then Disabled = 1 else Disabled = 0 end if  
    ProxyAddresses    = objRecordSet.Fields("proxyAddresses")
    primaryMail       = ""
    LoginScript       = objRecordSet.Fields("ScriptPath")
    homeDirectory     = objRecordSet.Fields("homeDirectory")
    profilePath       = objRecordSet.Fields("profilePath")
    
    If IsArray(ProxyAddresses) Then
      For Each ProxyAddress in ProxyAddresses
      On Error Resume Next
       If (ProxyAddress<>"") Then
         If CBool(InStr(ProxyAddress, Primary_EmailAddress)) Then 
          primaryMail = Mid(proxyAddress,6)
         End If
       End If
      Next
    End If

    objExportTextFile.writeLine(LogonName & ";" & FullName & ";" & GivenName & ";" & Initials & ";" & SureName & ";" & Disabled & ";" & primaryMail & ";" & LoginScript & ";" & homeDirectory & ";" & profilePath)

    Counter=Counter+1
    objRecordSet.MoveNext
Loop

WScript.Echo "Exported " & Counter & " users"

Open in new window

0
 

Author Comment

by:nexxsupport
ID: 35166909
Thanks, Im trying to edit it so it can be OU specific and only with firstname and surname.

When i edit it all I get is
,,,,,,,"first name of user", loginscritp.

Any idea?
0
 
LVL 7

Accepted Solution

by:
SjoerdvW earned 2000 total points
ID: 35179908
This script should export you're whole AD with the distinguishedName, logonnname and script of all users. You can resolve the OU by the users distinguished name.

If you would only query a specific OU you should change the rules
Set rootDSE = GetObject("LDAP://RootDSE")
DomainContainer = rootDSE.Get("defaultNamingContext")

with something like:
DomainContainer = "OU=Users,OU=Test,DC=Domain,DC=Local"

'**************************************************************************
'Application settings
'**************************************************************************
Const ForReading = 1
Const ForWriting = 2
Const ADS_PROPERTY_APPEND = 3
Const Primary_EmailAddress = "SMTP:"

'**************************************************************************
'Declare variables
'**************************************************************************
Counter=0

ExportfilePath = InputBox("Path to the export file:", "Export to","export.csv") 
Set objExportFSO = CreateObject("Scripting.FileSystemObject")
Set objExportTextFile = objExportFSO.OpenTextFile(ExportfilePath, ForWriting, True)

On Error Resume Next
objExportTextFile.writeline("distinguishedName;UserName;LoginScript")

'Create Objects for LDAP Queries
Set rootDSE = GetObject("LDAP://RootDSE")
DomainContainer = rootDSE.Get("defaultNamingContext")

Set objConnection = CreateObject("ADODB.Connection")
Set objCommand =   CreateObject("ADODB.Command")
objConnection.Provider = "ADsDSOObject"
objConnection.Open "Active Directory Provider"
Set objCommand.ActiveConnection = objConnection

objCommand.Properties("Page Size") = 1000

objCommand.CommandText = "SELECT distinguishedName, sAMAccountName, ScriptPath FROM 'LDAP://" & DomainContainer & "' WHERE objectCategory='user' "

Set objRecordSet = objCommand.Execute

objRecordSet.MoveFirst
Do Until objRecordSet.EOF
    distinguishedName = objRecordSet.Fields("distinguishedName")
    Set objUser       = GetObject("LDAP://" & distinguishedName)
    LogonName         = objRecordSet.Fields("sAMAccountName").Value
    LoginScript       = objRecordSet.Fields("ScriptPath")
    objExportTextFile.writeLine(distinguishedName & ";" & LogonName & ";" & LoginScript)
    Counter=Counter+1
    objRecordSet.MoveNext
Loop

WScript.Echo "Exported " & Counter & " users"

Open in new window

0

Featured Post

The Eight Noble Truths of Backup and Recovery

How can IT departments tackle the challenges of a Big Data world? This white paper provides a roadmap to success and helps companies ensure that all their data is safe and secure, no matter if it resides on-premise with physical or virtual machines or in the cloud.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Possible fixes for Windows 7 and Windows Server 2008 updating problem. Solutions mentioned are from Microsoft themselves. I started a case with them from our Microsoft Silver Partner option to open a case and get direct support from Microsoft. If s…
Resolving an irritating Remote Desktop connection that stops your saved credentials from being used.
This tutorial will walk an individual through locating and launching the BEUtility application and how to execute it on the appropriate database. Log onto the server running the Backup Exec database. In a larger environment, this would generally be …
This tutorial will show how to configure a single USB drive with a separate folder for each day of the week. This will allow each of the backups to be kept separate preventing the previous day’s backup from being overwritten. The USB drive must be s…
Suggested Courses
Course of the Month12 days, 7 hours left to enroll

777 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question