[Okta Webinar] Learn how to a build a cloud-first strategyRegister Now

x
  • Status: Solved
  • Priority: Medium
  • Security: Public
  • Views: 526
  • Last Modified:

How to pull who uses what login script in Active Directory

Hi guys,

I need to create a script that allows me to see who has what login script in their profile.

I found this online. Not sure how good it works. Thoughts?

Set objRootDSE = GetObject("LDAP://RootDSE")
strConfig = objRootDSE.Get("configurationNamingContext")
strDNSDomain = objRootDSE.Get("defaultNamingContext")

'      Initiate ADO

Set objCommand = CreateObject("ADODB.Command")
Set objConnection = CreateObject("ADODB.Connection")
objConnection.Provider = "ADsDSOObject"
objConnection.Open "Active Directory Provider"
objCommand.ActiveConnection = objConnection

'      Assemble query string

strBase = ""
strFilter = "(&(objectCategory=person)(objectClass=user))"
strAttributes = "distinguishedName,Name,ScriptPath"
strQuery = strBase & ";" & strFilter & ";" & strAttributes & ";subtree"

'      set parameters

objCommand.CommandText = strQuery
objCommand.Properties("Page Size") = 100
objCommand.Properties("Timeout") = 60
objCommand.Properties("Cache Results") = False

Set objRecordSet = objCommand.Execute

Do Until objRecordSet.EOF
wscript.echo objRecordSet.Fields("Name") & vbtab & objRecordSet.Fields("scriptPath")
objRecordSet.MoveNext
Loop

Thanks

0
nexxsupport
Asked:
nexxsupport
  • 2
1 Solution
 
Justin OwensITIL Problem ManagerCommented:
It looks like it should be fine....  Have you tried it yet?

DrUltima
0
 
SjoerdvWCommented:
Created this script a while back... Export the logonscript (and some other attributes) to a csv file
'**************************************************************************
'Application settings
'**************************************************************************
Const ForReading = 1
Const ForWriting = 2
Const ADS_PROPERTY_APPEND = 3
Const Primary_EmailAddress = "SMTP:"

'**************************************************************************
'Declare variables
'**************************************************************************
Counter=0

ExportfilePath = InputBox("Path to the export file:", "Export to","export.csv") 
Set objExportFSO = CreateObject("Scripting.FileSystemObject")
Set objExportTextFile = objExportFSO.OpenTextFile(ExportfilePath, ForWriting, True)

On Error Resume Next
objExportTextFile.writeline("UserName;Full Name;First Name;Initials;Lastname;Account disabled;PrimaryEmail;LoginScript;HomeDir;ProfilePath")

'Create Objects for LDAP Queries
Set rootDSE = GetObject("LDAP://RootDSE")
DomainContainer = rootDSE.Get("defaultNamingContext")

Set objConnection = CreateObject("ADODB.Connection")
Set objCommand =   CreateObject("ADODB.Command")
objConnection.Provider = "ADsDSOObject"
objConnection.Open "Active Directory Provider"
Set objCommand.ActiveConnection = objConnection

objCommand.Properties("Page Size") = 1000

objCommand.CommandText = _
   "SELECT sAMAccountName, cn, givenName, initials, sn, distinguishedName, proxyAddresses, ScriptPath, homeDirectory, profilePath FROM 'LDAP://" & DomainContainer & "' WHERE objectCategory='user' "

Set objRecordSet = objCommand.Execute

objRecordSet.MoveFirst
Do Until objRecordSet.EOF
    distinguishedName = objRecordSet.Fields("distinguishedName")
    Set objUser       = GetObject("LDAP://" & distinguishedName)
    Set colGroups     = objUser.Groups
    LogonName         = objRecordSet.Fields("sAMAccountName").Value
    FullName	      = objRecordSet.Fields("cn").Value
    GivenName         = objRecordSet.Fields("givenName").Value
    Initials          = objRecordSet.Fields("initials").Value
    SureName          = objRecordSet.Fields("sn").Value
    Disabled          = objUser.AccountDisabled
    if Disabled then Disabled = 1 else Disabled = 0 end if  
    ProxyAddresses    = objRecordSet.Fields("proxyAddresses")
    primaryMail       = ""
    LoginScript       = objRecordSet.Fields("ScriptPath")
    homeDirectory     = objRecordSet.Fields("homeDirectory")
    profilePath       = objRecordSet.Fields("profilePath")
    
    If IsArray(ProxyAddresses) Then
      For Each ProxyAddress in ProxyAddresses
      On Error Resume Next
       If (ProxyAddress<>"") Then
         If CBool(InStr(ProxyAddress, Primary_EmailAddress)) Then 
          primaryMail = Mid(proxyAddress,6)
         End If
       End If
      Next
    End If

    objExportTextFile.writeLine(LogonName & ";" & FullName & ";" & GivenName & ";" & Initials & ";" & SureName & ";" & Disabled & ";" & primaryMail & ";" & LoginScript & ";" & homeDirectory & ";" & profilePath)

    Counter=Counter+1
    objRecordSet.MoveNext
Loop

WScript.Echo "Exported " & Counter & " users"

Open in new window

0
 
nexxsupportAuthor Commented:
Thanks, Im trying to edit it so it can be OU specific and only with firstname and surname.

When i edit it all I get is
,,,,,,,"first name of user", loginscritp.

Any idea?
0
 
SjoerdvWCommented:
This script should export you're whole AD with the distinguishedName, logonnname and script of all users. You can resolve the OU by the users distinguished name.

If you would only query a specific OU you should change the rules
Set rootDSE = GetObject("LDAP://RootDSE")
DomainContainer = rootDSE.Get("defaultNamingContext")

with something like:
DomainContainer = "OU=Users,OU=Test,DC=Domain,DC=Local"

'**************************************************************************
'Application settings
'**************************************************************************
Const ForReading = 1
Const ForWriting = 2
Const ADS_PROPERTY_APPEND = 3
Const Primary_EmailAddress = "SMTP:"

'**************************************************************************
'Declare variables
'**************************************************************************
Counter=0

ExportfilePath = InputBox("Path to the export file:", "Export to","export.csv") 
Set objExportFSO = CreateObject("Scripting.FileSystemObject")
Set objExportTextFile = objExportFSO.OpenTextFile(ExportfilePath, ForWriting, True)

On Error Resume Next
objExportTextFile.writeline("distinguishedName;UserName;LoginScript")

'Create Objects for LDAP Queries
Set rootDSE = GetObject("LDAP://RootDSE")
DomainContainer = rootDSE.Get("defaultNamingContext")

Set objConnection = CreateObject("ADODB.Connection")
Set objCommand =   CreateObject("ADODB.Command")
objConnection.Provider = "ADsDSOObject"
objConnection.Open "Active Directory Provider"
Set objCommand.ActiveConnection = objConnection

objCommand.Properties("Page Size") = 1000

objCommand.CommandText = "SELECT distinguishedName, sAMAccountName, ScriptPath FROM 'LDAP://" & DomainContainer & "' WHERE objectCategory='user' "

Set objRecordSet = objCommand.Execute

objRecordSet.MoveFirst
Do Until objRecordSet.EOF
    distinguishedName = objRecordSet.Fields("distinguishedName")
    Set objUser       = GetObject("LDAP://" & distinguishedName)
    LogonName         = objRecordSet.Fields("sAMAccountName").Value
    LoginScript       = objRecordSet.Fields("ScriptPath")
    objExportTextFile.writeLine(distinguishedName & ";" & LogonName & ";" & LoginScript)
    Counter=Counter+1
    objRecordSet.MoveNext
Loop

WScript.Echo "Exported " & Counter & " users"

Open in new window

0

Featured Post

Keep up with what's happening at Experts Exchange!

Sign up to receive Decoded, a new monthly digest with product updates, feature release info, continuing education opportunities, and more.

  • 2
Tackle projects and never again get stuck behind a technical roadblock.
Join Now