?
Solved

Query a OU and all OU's below it and get the  details

Posted on 2011-09-14
13
Medium Priority
?
404 Views
Last Modified: 2012-05-12
Query a OU and all OU's below it and get the Display name,Description,Email id and forwarded user name and email id.
We have a contact set as forward thats in a different OU. So need a combined list from it
0
Comment
Question by:bsharath
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
13 Comments
 
LVL 13

Expert Comment

by:nfmartins
ID: 36535253
Hi There,

You can use this tool :
http://www.manageengine.com/products/free-windows-active-directory-tools/free-windows-active-directory-query-tool.html
is very easy to use and to configure.
If you prefer i can post the correct syntax for you to query from command prompt but i perfer that tool to make that kind of query ;)

NM
0
 
LVL 13

Expert Comment

by:Govvy
ID: 36536357
Use CSVDE:

csvde -f OUTPUT.CSV -d "cn=users,DC=DOMAINNAME,DC=Microsoft,DC=Com" -r "(objectClass=user)"

You can also add the -l switch and specify specific attributes such as sAMAccountName
0
 
LVL 65

Expert Comment

by:RobSampson
ID: 36540566
Hi, try this.

Regards,

Rob.
strOU = "OU=SecondOU,OU=FirstOU,DC=domain,DC=com"
strOutput = "UserForwards.csv"

' Setup FSO objects.
Set objFSO = CreateObject("Scripting.FileSystemObject")
Set objOutput = objFSO.CreateTextFile(strOutput, True)
objOutput.WriteLine """Username"",""DisplayName"",""Description"",""Email"",""Alt Username"",""Alt DisplayName"",""Alt Email"""

' Setup ADO objects.
Set adoCommand = CreateObject("ADODB.Command")
Set adoConnection = CreateObject("ADODB.Connection")
adoConnection.Provider = "ADsDSOObject"
adoConnection.Open "Active Directory Provider"
adoCommand.ActiveConnection = adoConnection
strBase = "<LDAP://" & strOU & ">"
strFilter = "(&(objectCategory=person)(objectClass=user))"
strAttributes = "adsPath"
strScope = "subtree"
strQuery = strBase & ";" & strFilter & ";" & strAttributes & ";" & strScope
adoCommand.CommandText = strQuery
adoCommand.Properties("Page Size") = 100
adoCommand.Properties("Timeout") = 30
adoCommand.Properties("Cache Results") = False

Set adoRecordset = adoCommand.Execute
Do Until adoRecordset.EOF
	Set objUser = adoRecordset.Fields("adsPath").Value
	strUsername = objUser.samAccountName
	strDisplayName = objUser.DisplayName
	strDescription = objUser.Description
	strEmail = objUser.mail
	strAltRecipient = objUser.altRecipient
	If strAltRecipient <> "" Then
		Set objForwardedUser = GetObject("LDAP://" & strAltRecipient)
		strForwardedUsername = objForwardedUser.samAccountName
		strForwardedDisplayName = objForwardedUser.displayName
		strForwardedEmail = objForwardedUser.mail
	Else
		strForwardedUsername = ""
		strForwardedDisplayName = ""
		strForwardedEmail = ""
	End If
	objOutput.WriteLine """" & strUsername & """,""" & strDisplayName & """,""" & strDescription & """,""" & strEmail & """,""" & strForwardedUsername & """,""" & strForwardedDisplayName & """,""" & strForwardedEmail & """"
	adoRecordset.MoveNext
Loop

adoRecordset.Close
adoConnection.Close
      
objOutput.Close

WScript.Echo "Finished"

Open in new window

0
Optimize your web performance

What's in the eBook?
- Full list of reasons for poor performance
- Ultimate measures to speed things up
- Primary web monitoring types
- KPIs you should be monitoring in order to increase your ROI

 
LVL 11

Author Comment

by:bsharath
ID: 36540611
Thanks Rob
I get this

---------------------------
Windows Script Host
---------------------------
Script:      D:\Get details AD with forwards.vbs
Line:      25
Char:      1
Error:      Table does not exist.
Code:      80040E37
Source:       Provider

---------------------------
OK  
---------------------------
0
 
LVL 65

Expert Comment

by:RobSampson
ID: 36540617
You will need to make sure that this line is structured properly:
strOU = "OU=SecondOU,OU=FirstOU,DC=domain,DC=com"

and do not put the LDAP:// at the start.

Rob.
0
 
LVL 11

Author Comment

by:bsharath
ID: 36540633
Now get this


---------------------------
Windows Script Host
---------------------------
Script:      D:\Get details AD with forwards.vbs
Line:      27
Char:      2
Error:      Object required: '[string: "LDAP://CN=Uha Si,O"]'
Code:      800A01A8
Source:       Microsoft VBScript runtime error

---------------------------
OK  
---------------------------
0
 
LVL 65

Expert Comment

by:RobSampson
ID: 36540640
Oops, plase change
      Set objUser = adoRecordset.Fields("adsPath").Value

to
      Set objUser = GetObject(adoRecordset.Fields("adsPath").Value)

Regards,

Rob.
0
 
LVL 11

Author Comment

by:bsharath
ID: 36540735
perfect Rob
One change
Can we have 4 OU's excluded within the root we scan
0
 
LVL 65

Expert Comment

by:RobSampson
ID: 36541019
Do you want each OU, and then each sub OU excluded?

For example, if you scan
domain.com/FirstOU/SecondOU

and then exclude
domain.com/FirstOU/SecondOU/ThirdOU

do you also want it to exclude
domain.com/FirstOU/SecondOU/ThirdOU/FourthOU

as well, or ONLY ThirdOU?

Rob.
0
 
LVL 11

Author Comment

by:bsharath
ID: 36541045
I scan OURoot
Exclude 3 OU's that i mention exactly
Not the Ou;s that are within the excluded OU

Say i have

>OU1
>>OU2
>>OU3

If i exclude OU1 then OU2 and OU3 has to be scanned
If excluded OU3 then OU1 and OU2 should be scanned
0
 
LVL 65

Accepted Solution

by:
RobSampson earned 2000 total points
ID: 36541094
OK, so exact matches only. Try this.

Regards,

Rob.
Set objExcludes = CreateObject("Scripting.Dictionary")

strOU = "OU=SecondOU,OU=FirstOU,DC=domain,DC=com"

objExcludes.Add LCase("OU=3,OU=2,OU=1,DC=domain,DC=com"), 0
objExcludes.Add LCase("OU=4,OU=1,DC=domain,DC=com"), 0
objExcludes.Add LCase("OU=5,OU=2,OU=1,DC=domain,DC=com"), 0
objExcludes.Add LCase("OU=6,OU=2,OU=1,DC=domain,DC=com"), 0

strOutput = "UserForwards.csv"

' Setup FSO objects.
Set objFSO = CreateObject("Scripting.FileSystemObject")
Set objOutput = objFSO.CreateTextFile(strOutput, True)
objOutput.WriteLine """Username"",""DisplayName"",""Description"",""Email"",""Alt Username"",""Alt DisplayName"",""Alt Email"""

' Setup ADO objects.
Set adoCommand = CreateObject("ADODB.Command")
Set adoConnection = CreateObject("ADODB.Connection")
adoConnection.Provider = "ADsDSOObject"
adoConnection.Open "Active Directory Provider"
adoCommand.ActiveConnection = adoConnection
strBase = "<LDAP://" & strOU & ">"
strFilter = "(&(objectCategory=person)(objectClass=user))"
strAttributes = "adsPath"
strScope = "subtree"
strQuery = strBase & ";" & strFilter & ";" & strAttributes & ";" & strScope
adoCommand.CommandText = strQuery
adoCommand.Properties("Page Size") = 100
adoCommand.Properties("Timeout") = 30
adoCommand.Properties("Cache Results") = False

Set adoRecordset = adoCommand.Execute
Do Until adoRecordset.EOF
	Set objUser = GetObject(adoRecordset.Fields("adsPath").Value)
	If objExcludes.Exists(LCase(Mid(objUser.Parent, 8))) = False Then
		strUsername = objUser.samAccountName
		strDisplayName = objUser.DisplayName
		strDescription = objUser.Description
		strEmail = objUser.mail
		strAltRecipient = objUser.altRecipient
		If strAltRecipient <> "" Then
			Set objForwardedUser = GetObject("LDAP://" & strAltRecipient)
			strForwardedUsername = objForwardedUser.samAccountName
			strForwardedDisplayName = objForwardedUser.displayName
			strForwardedEmail = objForwardedUser.mail
		Else
			strForwardedUsername = ""
			strForwardedDisplayName = ""
			strForwardedEmail = ""
		End If
		objOutput.WriteLine """" & strUsername & """,""" & strDisplayName & """,""" & strDescription & """,""" & strEmail & """,""" & strForwardedUsername & """,""" & strForwardedDisplayName & """,""" & strForwardedEmail & """"
	End If
	adoRecordset.MoveNext
Loop

adoRecordset.Close
adoConnection.Close
      
objOutput.Close

WScript.Echo "Finished"

Open in new window

0
 
LVL 11

Author Comment

by:bsharath
ID: 36547068
0
 
LVL 11

Author Comment

by:bsharath
ID: 36558119
0

Featured Post

How To Reduce Deployment Times With Pre-Baked AMIs

Even if we can't include all the files in the base image, we can sometimes include some of the larger files that we would otherwise have to download, and we can also sometimes remove the most time-consuming steps. This can help a lot with reducing deployment times.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

The purpose of this article is to demonstrate how we can use conditional statements using Python.
If you need to start windows update installation remotely or as a scheduled task you will find this very helpful.
Video by: Mark
This lesson goes over how to construct ordered and unordered lists and how to create hyperlinks.
In a recent question (https://www.experts-exchange.com/questions/29004105/Run-AutoHotkey-script-directly-from-Notepad.html) here at Experts Exchange, a member asked how to run an AutoHotkey script (.AHK) directly from Notepad++ (aka NPP). This video…
Suggested Courses

777 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question