Solved

Query a OU and all OU's below it and get the  details

Posted on 2011-09-14
13
402 Views
Last Modified: 2012-05-12
Query a OU and all OU's below it and get the Display name,Description,Email id and forwarded user name and email id.
We have a contact set as forward thats in a different OU. So need a combined list from it
0
Comment
Question by:bsharath
13 Comments
 
LVL 13

Expert Comment

by:nfmartins
ID: 36535253
Hi There,

You can use this tool :
http://www.manageengine.com/products/free-windows-active-directory-tools/free-windows-active-directory-query-tool.html
is very easy to use and to configure.
If you prefer i can post the correct syntax for you to query from command prompt but i perfer that tool to make that kind of query ;)

NM
0
 
LVL 13

Expert Comment

by:Govvy
ID: 36536357
Use CSVDE:

csvde -f OUTPUT.CSV -d "cn=users,DC=DOMAINNAME,DC=Microsoft,DC=Com" -r "(objectClass=user)"

You can also add the -l switch and specify specific attributes such as sAMAccountName
0
 
LVL 65

Expert Comment

by:RobSampson
ID: 36540566
Hi, try this.

Regards,

Rob.
strOU = "OU=SecondOU,OU=FirstOU,DC=domain,DC=com"
strOutput = "UserForwards.csv"

' Setup FSO objects.
Set objFSO = CreateObject("Scripting.FileSystemObject")
Set objOutput = objFSO.CreateTextFile(strOutput, True)
objOutput.WriteLine """Username"",""DisplayName"",""Description"",""Email"",""Alt Username"",""Alt DisplayName"",""Alt Email"""

' Setup ADO objects.
Set adoCommand = CreateObject("ADODB.Command")
Set adoConnection = CreateObject("ADODB.Connection")
adoConnection.Provider = "ADsDSOObject"
adoConnection.Open "Active Directory Provider"
adoCommand.ActiveConnection = adoConnection
strBase = "<LDAP://" & strOU & ">"
strFilter = "(&(objectCategory=person)(objectClass=user))"
strAttributes = "adsPath"
strScope = "subtree"
strQuery = strBase & ";" & strFilter & ";" & strAttributes & ";" & strScope
adoCommand.CommandText = strQuery
adoCommand.Properties("Page Size") = 100
adoCommand.Properties("Timeout") = 30
adoCommand.Properties("Cache Results") = False

Set adoRecordset = adoCommand.Execute
Do Until adoRecordset.EOF
	Set objUser = adoRecordset.Fields("adsPath").Value
	strUsername = objUser.samAccountName
	strDisplayName = objUser.DisplayName
	strDescription = objUser.Description
	strEmail = objUser.mail
	strAltRecipient = objUser.altRecipient
	If strAltRecipient <> "" Then
		Set objForwardedUser = GetObject("LDAP://" & strAltRecipient)
		strForwardedUsername = objForwardedUser.samAccountName
		strForwardedDisplayName = objForwardedUser.displayName
		strForwardedEmail = objForwardedUser.mail
	Else
		strForwardedUsername = ""
		strForwardedDisplayName = ""
		strForwardedEmail = ""
	End If
	objOutput.WriteLine """" & strUsername & """,""" & strDisplayName & """,""" & strDescription & """,""" & strEmail & """,""" & strForwardedUsername & """,""" & strForwardedDisplayName & """,""" & strForwardedEmail & """"
	adoRecordset.MoveNext
Loop

adoRecordset.Close
adoConnection.Close
      
objOutput.Close

WScript.Echo "Finished"

Open in new window

0
How our DevOps Teams Maximize Uptime

Our Dev teams are like yours. They’re continually cranking out code for new features/bugs fixes, testing, deploying, responding to production monitoring events and more. It’s complex. So, we thought you’d like to see what’s working for us. Read the use case whitepaper.

 
LVL 11

Author Comment

by:bsharath
ID: 36540611
Thanks Rob
I get this

---------------------------
Windows Script Host
---------------------------
Script:      D:\Get details AD with forwards.vbs
Line:      25
Char:      1
Error:      Table does not exist.
Code:      80040E37
Source:       Provider

---------------------------
OK  
---------------------------
0
 
LVL 65

Expert Comment

by:RobSampson
ID: 36540617
You will need to make sure that this line is structured properly:
strOU = "OU=SecondOU,OU=FirstOU,DC=domain,DC=com"

and do not put the LDAP:// at the start.

Rob.
0
 
LVL 11

Author Comment

by:bsharath
ID: 36540633
Now get this


---------------------------
Windows Script Host
---------------------------
Script:      D:\Get details AD with forwards.vbs
Line:      27
Char:      2
Error:      Object required: '[string: "LDAP://CN=Uha Si,O"]'
Code:      800A01A8
Source:       Microsoft VBScript runtime error

---------------------------
OK  
---------------------------
0
 
LVL 65

Expert Comment

by:RobSampson
ID: 36540640
Oops, plase change
      Set objUser = adoRecordset.Fields("adsPath").Value

to
      Set objUser = GetObject(adoRecordset.Fields("adsPath").Value)

Regards,

Rob.
0
 
LVL 11

Author Comment

by:bsharath
ID: 36540735
perfect Rob
One change
Can we have 4 OU's excluded within the root we scan
0
 
LVL 65

Expert Comment

by:RobSampson
ID: 36541019
Do you want each OU, and then each sub OU excluded?

For example, if you scan
domain.com/FirstOU/SecondOU

and then exclude
domain.com/FirstOU/SecondOU/ThirdOU

do you also want it to exclude
domain.com/FirstOU/SecondOU/ThirdOU/FourthOU

as well, or ONLY ThirdOU?

Rob.
0
 
LVL 11

Author Comment

by:bsharath
ID: 36541045
I scan OURoot
Exclude 3 OU's that i mention exactly
Not the Ou;s that are within the excluded OU

Say i have

>OU1
>>OU2
>>OU3

If i exclude OU1 then OU2 and OU3 has to be scanned
If excluded OU3 then OU1 and OU2 should be scanned
0
 
LVL 65

Accepted Solution

by:
RobSampson earned 500 total points
ID: 36541094
OK, so exact matches only. Try this.

Regards,

Rob.
Set objExcludes = CreateObject("Scripting.Dictionary")

strOU = "OU=SecondOU,OU=FirstOU,DC=domain,DC=com"

objExcludes.Add LCase("OU=3,OU=2,OU=1,DC=domain,DC=com"), 0
objExcludes.Add LCase("OU=4,OU=1,DC=domain,DC=com"), 0
objExcludes.Add LCase("OU=5,OU=2,OU=1,DC=domain,DC=com"), 0
objExcludes.Add LCase("OU=6,OU=2,OU=1,DC=domain,DC=com"), 0

strOutput = "UserForwards.csv"

' Setup FSO objects.
Set objFSO = CreateObject("Scripting.FileSystemObject")
Set objOutput = objFSO.CreateTextFile(strOutput, True)
objOutput.WriteLine """Username"",""DisplayName"",""Description"",""Email"",""Alt Username"",""Alt DisplayName"",""Alt Email"""

' Setup ADO objects.
Set adoCommand = CreateObject("ADODB.Command")
Set adoConnection = CreateObject("ADODB.Connection")
adoConnection.Provider = "ADsDSOObject"
adoConnection.Open "Active Directory Provider"
adoCommand.ActiveConnection = adoConnection
strBase = "<LDAP://" & strOU & ">"
strFilter = "(&(objectCategory=person)(objectClass=user))"
strAttributes = "adsPath"
strScope = "subtree"
strQuery = strBase & ";" & strFilter & ";" & strAttributes & ";" & strScope
adoCommand.CommandText = strQuery
adoCommand.Properties("Page Size") = 100
adoCommand.Properties("Timeout") = 30
adoCommand.Properties("Cache Results") = False

Set adoRecordset = adoCommand.Execute
Do Until adoRecordset.EOF
	Set objUser = GetObject(adoRecordset.Fields("adsPath").Value)
	If objExcludes.Exists(LCase(Mid(objUser.Parent, 8))) = False Then
		strUsername = objUser.samAccountName
		strDisplayName = objUser.DisplayName
		strDescription = objUser.Description
		strEmail = objUser.mail
		strAltRecipient = objUser.altRecipient
		If strAltRecipient <> "" Then
			Set objForwardedUser = GetObject("LDAP://" & strAltRecipient)
			strForwardedUsername = objForwardedUser.samAccountName
			strForwardedDisplayName = objForwardedUser.displayName
			strForwardedEmail = objForwardedUser.mail
		Else
			strForwardedUsername = ""
			strForwardedDisplayName = ""
			strForwardedEmail = ""
		End If
		objOutput.WriteLine """" & strUsername & """,""" & strDisplayName & """,""" & strDescription & """,""" & strEmail & """,""" & strForwardedUsername & """,""" & strForwardedDisplayName & """,""" & strForwardedEmail & """"
	End If
	adoRecordset.MoveNext
Loop

adoRecordset.Close
adoConnection.Close
      
objOutput.Close

WScript.Echo "Finished"

Open in new window

0
 
LVL 11

Author Comment

by:bsharath
ID: 36547068
0
 
LVL 11

Author Comment

by:bsharath
ID: 36558119
0

Featured Post

Guide to Performance: Optimization & Monitoring

Nowadays, monitoring is a mixture of tools, systems, and codes—making it a very complex process. And with this complexity, comes variables for failure. Get DZone’s new Guide to Performance to learn how to proactively find these variables and solve them before a disruption occurs.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

How to remove superseded packages in windows w60 or w61 installation media (.wim) or online system to prevent unnecessary space. w60 means Windows Vista or Windows Server 2008. w61 means Windows 7 or Windows Server 2008 R2. There are various …
Go is an acronym of golang, is a programming language developed Google in 2007. Go is a new language that is mostly in the C family, with significant input from Pascal/Modula/Oberon family. Hence Go arisen as low-level language with fast compilation…
Viewers will learn how to properly install Eclipse with the necessary JDK, and will take a look at an introductory Java program. Download Eclipse installation zip file: Extract files from zip file: Download and install JDK 8: Open Eclipse and …
In this fifth video of the Xpdf series, we discuss and demonstrate the PDFdetach utility, which is able to list and, more importantly, extract attachments that are embedded in PDF files. It does this via a command line interface, making it suitable …

726 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question