Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people, just like you, are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
Solved

Query a OU and all OU's below it and get the  details

Posted on 2011-09-14
13
401 Views
Last Modified: 2012-05-12
Query a OU and all OU's below it and get the Display name,Description,Email id and forwarded user name and email id.
We have a contact set as forward thats in a different OU. So need a combined list from it
0
Comment
Question by:bsharath
13 Comments
 
LVL 13

Expert Comment

by:nfmartins
ID: 36535253
Hi There,

You can use this tool :
http://www.manageengine.com/products/free-windows-active-directory-tools/free-windows-active-directory-query-tool.html
is very easy to use and to configure.
If you prefer i can post the correct syntax for you to query from command prompt but i perfer that tool to make that kind of query ;)

NM
0
 
LVL 13

Expert Comment

by:Govvy
ID: 36536357
Use CSVDE:

csvde -f OUTPUT.CSV -d "cn=users,DC=DOMAINNAME,DC=Microsoft,DC=Com" -r "(objectClass=user)"

You can also add the -l switch and specify specific attributes such as sAMAccountName
0
 
LVL 65

Expert Comment

by:RobSampson
ID: 36540566
Hi, try this.

Regards,

Rob.
strOU = "OU=SecondOU,OU=FirstOU,DC=domain,DC=com"
strOutput = "UserForwards.csv"

' Setup FSO objects.
Set objFSO = CreateObject("Scripting.FileSystemObject")
Set objOutput = objFSO.CreateTextFile(strOutput, True)
objOutput.WriteLine """Username"",""DisplayName"",""Description"",""Email"",""Alt Username"",""Alt DisplayName"",""Alt Email"""

' Setup ADO objects.
Set adoCommand = CreateObject("ADODB.Command")
Set adoConnection = CreateObject("ADODB.Connection")
adoConnection.Provider = "ADsDSOObject"
adoConnection.Open "Active Directory Provider"
adoCommand.ActiveConnection = adoConnection
strBase = "<LDAP://" & strOU & ">"
strFilter = "(&(objectCategory=person)(objectClass=user))"
strAttributes = "adsPath"
strScope = "subtree"
strQuery = strBase & ";" & strFilter & ";" & strAttributes & ";" & strScope
adoCommand.CommandText = strQuery
adoCommand.Properties("Page Size") = 100
adoCommand.Properties("Timeout") = 30
adoCommand.Properties("Cache Results") = False

Set adoRecordset = adoCommand.Execute
Do Until adoRecordset.EOF
	Set objUser = adoRecordset.Fields("adsPath").Value
	strUsername = objUser.samAccountName
	strDisplayName = objUser.DisplayName
	strDescription = objUser.Description
	strEmail = objUser.mail
	strAltRecipient = objUser.altRecipient
	If strAltRecipient <> "" Then
		Set objForwardedUser = GetObject("LDAP://" & strAltRecipient)
		strForwardedUsername = objForwardedUser.samAccountName
		strForwardedDisplayName = objForwardedUser.displayName
		strForwardedEmail = objForwardedUser.mail
	Else
		strForwardedUsername = ""
		strForwardedDisplayName = ""
		strForwardedEmail = ""
	End If
	objOutput.WriteLine """" & strUsername & """,""" & strDisplayName & """,""" & strDescription & """,""" & strEmail & """,""" & strForwardedUsername & """,""" & strForwardedDisplayName & """,""" & strForwardedEmail & """"
	adoRecordset.MoveNext
Loop

adoRecordset.Close
adoConnection.Close
      
objOutput.Close

WScript.Echo "Finished"

Open in new window

0
Space-Age Communications Transitions to DevOps

ViaSat, a global provider of satellite and wireless communications, securely connects businesses, governments, and organizations to the Internet. Learn how ViaSat’s Network Solutions Engineer, drove the transition from a traditional network support to a DevOps-centric model.

 
LVL 11

Author Comment

by:bsharath
ID: 36540611
Thanks Rob
I get this

---------------------------
Windows Script Host
---------------------------
Script:      D:\Get details AD with forwards.vbs
Line:      25
Char:      1
Error:      Table does not exist.
Code:      80040E37
Source:       Provider

---------------------------
OK  
---------------------------
0
 
LVL 65

Expert Comment

by:RobSampson
ID: 36540617
You will need to make sure that this line is structured properly:
strOU = "OU=SecondOU,OU=FirstOU,DC=domain,DC=com"

and do not put the LDAP:// at the start.

Rob.
0
 
LVL 11

Author Comment

by:bsharath
ID: 36540633
Now get this


---------------------------
Windows Script Host
---------------------------
Script:      D:\Get details AD with forwards.vbs
Line:      27
Char:      2
Error:      Object required: '[string: "LDAP://CN=Uha Si,O"]'
Code:      800A01A8
Source:       Microsoft VBScript runtime error

---------------------------
OK  
---------------------------
0
 
LVL 65

Expert Comment

by:RobSampson
ID: 36540640
Oops, plase change
      Set objUser = adoRecordset.Fields("adsPath").Value

to
      Set objUser = GetObject(adoRecordset.Fields("adsPath").Value)

Regards,

Rob.
0
 
LVL 11

Author Comment

by:bsharath
ID: 36540735
perfect Rob
One change
Can we have 4 OU's excluded within the root we scan
0
 
LVL 65

Expert Comment

by:RobSampson
ID: 36541019
Do you want each OU, and then each sub OU excluded?

For example, if you scan
domain.com/FirstOU/SecondOU

and then exclude
domain.com/FirstOU/SecondOU/ThirdOU

do you also want it to exclude
domain.com/FirstOU/SecondOU/ThirdOU/FourthOU

as well, or ONLY ThirdOU?

Rob.
0
 
LVL 11

Author Comment

by:bsharath
ID: 36541045
I scan OURoot
Exclude 3 OU's that i mention exactly
Not the Ou;s that are within the excluded OU

Say i have

>OU1
>>OU2
>>OU3

If i exclude OU1 then OU2 and OU3 has to be scanned
If excluded OU3 then OU1 and OU2 should be scanned
0
 
LVL 65

Accepted Solution

by:
RobSampson earned 500 total points
ID: 36541094
OK, so exact matches only. Try this.

Regards,

Rob.
Set objExcludes = CreateObject("Scripting.Dictionary")

strOU = "OU=SecondOU,OU=FirstOU,DC=domain,DC=com"

objExcludes.Add LCase("OU=3,OU=2,OU=1,DC=domain,DC=com"), 0
objExcludes.Add LCase("OU=4,OU=1,DC=domain,DC=com"), 0
objExcludes.Add LCase("OU=5,OU=2,OU=1,DC=domain,DC=com"), 0
objExcludes.Add LCase("OU=6,OU=2,OU=1,DC=domain,DC=com"), 0

strOutput = "UserForwards.csv"

' Setup FSO objects.
Set objFSO = CreateObject("Scripting.FileSystemObject")
Set objOutput = objFSO.CreateTextFile(strOutput, True)
objOutput.WriteLine """Username"",""DisplayName"",""Description"",""Email"",""Alt Username"",""Alt DisplayName"",""Alt Email"""

' Setup ADO objects.
Set adoCommand = CreateObject("ADODB.Command")
Set adoConnection = CreateObject("ADODB.Connection")
adoConnection.Provider = "ADsDSOObject"
adoConnection.Open "Active Directory Provider"
adoCommand.ActiveConnection = adoConnection
strBase = "<LDAP://" & strOU & ">"
strFilter = "(&(objectCategory=person)(objectClass=user))"
strAttributes = "adsPath"
strScope = "subtree"
strQuery = strBase & ";" & strFilter & ";" & strAttributes & ";" & strScope
adoCommand.CommandText = strQuery
adoCommand.Properties("Page Size") = 100
adoCommand.Properties("Timeout") = 30
adoCommand.Properties("Cache Results") = False

Set adoRecordset = adoCommand.Execute
Do Until adoRecordset.EOF
	Set objUser = GetObject(adoRecordset.Fields("adsPath").Value)
	If objExcludes.Exists(LCase(Mid(objUser.Parent, 8))) = False Then
		strUsername = objUser.samAccountName
		strDisplayName = objUser.DisplayName
		strDescription = objUser.Description
		strEmail = objUser.mail
		strAltRecipient = objUser.altRecipient
		If strAltRecipient <> "" Then
			Set objForwardedUser = GetObject("LDAP://" & strAltRecipient)
			strForwardedUsername = objForwardedUser.samAccountName
			strForwardedDisplayName = objForwardedUser.displayName
			strForwardedEmail = objForwardedUser.mail
		Else
			strForwardedUsername = ""
			strForwardedDisplayName = ""
			strForwardedEmail = ""
		End If
		objOutput.WriteLine """" & strUsername & """,""" & strDisplayName & """,""" & strDescription & """,""" & strEmail & """,""" & strForwardedUsername & """,""" & strForwardedDisplayName & """,""" & strForwardedEmail & """"
	End If
	adoRecordset.MoveNext
Loop

adoRecordset.Close
adoConnection.Close
      
objOutput.Close

WScript.Echo "Finished"

Open in new window

0
 
LVL 11

Author Comment

by:bsharath
ID: 36547068
0
 
LVL 11

Author Comment

by:bsharath
ID: 36558119
0

Featured Post

Free Tool: ZipGrep

ZipGrep is a utility that can list and search zip (.war, .ear, .jar, etc) archives for text patterns, without the need to extract the archive's contents.

One of a set of tools we're offering as a way to say thank you for being a part of the community.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Batch, VBS, and scripts in general are incredibly useful for repetitive tasks.  Some tasks can take a while to complete and it can be annoying to check back only to discover that your script finished 5 minutes ago.  Some scripts may complete nearly …
Active Directory replication delay is the cause to many problems.  Here is a super easy script to force Active Directory replication to all sites with by using an elevated PowerShell command prompt, and a tool to verify your changes.
The viewer will be introduced to the technique of using vectors in C++. The video will cover how to define a vector, store values in the vector and retrieve data from the values stored in the vector.
The viewer will learn the basics of jQuery, including how to invoke it on a web page. Reference your jQuery libraries: (CODE) Include your new external js/jQuery file: (CODE) Write your first lines of code to setup your site for jQuery.: (CODE)

807 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question