Solved

Modify a VBScript

Posted on 2011-09-14
4
342 Views
Last Modified: 2012-05-12
I have this script below.  I have a list of user names that currently have data in the "proxyAddress" attribute (which this script currently adds data to), I need to have this script modified to clear out that attribute and add specific data in column b of a spreadsheet to the attribute named "info".  Column A will contain the username to be modified, and column be will have the data that needs to be inputted.
'On Error Resume Next
Set oFS = CreateObject("Scripting.FileSystemObject")
Set oLogFile = oFS.CreateTextFile("C:\logfilename.txt",True)
Set oContainer = GetObject("LDAP://OU=test,OU=test1,OU=Users,DC=test,DC=com")
Set oCanadaGrp = GetObject("LDAP://CN=APP_Canada_Assoc,OU=GO,OU=Applications,OU=Groups - Security,OU=Admin,DC=test,DC=com")
Set oUSAGrp = GetObject("LDAP://CN=APP_USA_Store_Assoc,OU=GO,OU=Applications,OU=Groups - Security,OU=Admin,DC=test,DC=com")
For Each object In oContainer
        Found = False
        If LCase(object.Class) = "user" Then
                If LCase(object.co) = "united states" Then 
                        For Each member In oUSAGrp.members
                                If LCase(member.ADSPath) = LCase(object.ADSPath) Then 
                                        Found = True
                                        Exit For
                                End If
                        Next
                        If Not Found Then 
                        	oUSAGrp.Add(object.ADSPath)
                        	oLogFile.WriteLine object.ADSPath
                        End If
                End If
                If LCase(object.co) = "canada" Then
                        For Each member In oCanadaGrp
                                If LCase(member.ADSPath) = LCase(object.ADSPath) Then
                                        Found = True
                                        Exit For
                                End If
                        Next
                        If Not Found Then 
                        	oCanadaGrp.Add(object.ADSPath)
                        	oLogFile.WriteLine object.ADSPath
                        End If
                End If
        End If
Next

Open in new window

0
Comment
Question by:seaninman
  • 3
4 Comments
 
LVL 65

Accepted Solution

by:
RobSampson earned 500 total points
Comment Utility
Hi, that script doesn't do anything with ProxyAddreses.....

Anyway, this script will clear the ProxyAddresses attribute if you uncomment the line for it.  It will also change the "info" attribute to the column B data.

Regards,

Rob.
strInputFile = "C:\Scripts\Users.xls"

Const ADS_PROPERTY_CLEAR = 1 
Const xlUp = -4162
Set objExcel = CreateObject("Excel.Application")
objExcel.Visible = True
Set objWB = objExcel.Workbooks.Open(strInputFile, False, False)
Set objSheet = objWB.Sheets(1)
intRow = 2
For intRow = 2 To objSheet.Cells(65536, "A").End(xlUp).Row
	strUsername = Trim(objSheet.Cells(intRow, "A").Value)
	strInfo = Trim(objSheet.Cells(intRow, "B").Value)
	If strUsername <> "" Then
		strUserADsPath = Get_LDAP_User_Properties("user", "samAccountName", strUsername, "adsPath")
		If Left(UCase(strUserADsPath), 7) = "LDAP://" Then
			'objUser.PutEX ADS_PROPERTY_CLEAR, "proxyaddresses", 0
			If strInfo = "" Then
				objUser.PutEX ADS_PROPERTY_CLEAR, "info", 0
			Else
				objUser.Info = strInfo
			End If
			objUser.SetInfo
			WScript.Echo strUserName & " has been updated"
		Else
			WScript.Echo "Unable to find account for " & strUserName
		End If
	End If
Next
objWB.Close False
objExcel.Quit

Function Get_LDAP_User_Properties(strObjectType, strSearchField, strObjectToGet, strCommaDelimProps)
      
      ' This is a custom function that connects to the Active Directory, and returns the specific
      ' Active Directory attribute value, of a specific Object.
      ' strObjectType: usually "User" or "Computer"
      ' strSearchField: the field by which to seach the AD by. This acts like an SQL Query's WHERE clause.
      '             It filters the results by the value of strObjectToGet
      ' strObjectToGet: the value by which the results are filtered by, according the strSearchField.
      '             For example, if you are searching based on the user account name, strSearchField
      '             would be "samAccountName", and strObjectToGet would be that speicific account name,
      '             such as "jsmith".  This equates to "WHERE 'samAccountName' = 'jsmith'"
      ' strCommaDelimProps: the field from the object to actually return.  For example, if you wanted
      '             the home folder path, as defined by the AD, for a specific user, this would be
      '             "homeDirectory".  If you want to return the ADsPath so that you can bind to that
      '             user and get your own parameters from them, then use "ADsPath" as a return string,
      '             then bind to the user: Set objUser = GetObject("LDAP://" & strReturnADsPath)
      
      ' Now we're checking if the user account passed may have a domain already specified,
      ' in which case we connect to that domain in AD, instead of the default one.
      If InStr(strObjectToGet, "\") > 0 Then
            arrGroupBits = Split(strObjectToGet, "\")
            strDC = arrGroupBits(0)
            strDNSDomain = strDC & "/" & "DC=" & Replace(Mid(strDC, InStr(strDC, ".") + 1), ".", ",DC=")
            strObjectToGet = arrGroupBits(1)
      Else
      ' Otherwise we just connect to the default domain
            Set objRootDSE = GetObject("LDAP://RootDSE")
            strDNSDomain = objRootDSE.Get("defaultNamingContext")
      End If
 
      strBase = "<LDAP://" & strDNSDomain & ">"
      ' Setup ADO objects.
      Set adoCommand = CreateObject("ADODB.Command")
      Set ADOConnection = CreateObject("ADODB.Connection")
      ADOConnection.Provider = "ADsDSOObject"
      ADOConnection.Open "Active Directory Provider"
      adoCommand.ActiveConnection = ADOConnection
 
 
      ' Filter on user objects.
      'strFilter = "(&(objectCategory=person)(objectClass=user))"
      strFilter = "(&(objectClass=" & strObjectType & ")(" & strSearchField & "=" & strObjectToGet & "))"
 
      ' Comma delimited list of attribute values to retrieve.
      strAttributes = strCommaDelimProps
      arrProperties = Split(strCommaDelimProps, ",")
 
      ' Construct the LDAP syntax query.
      strQuery = strBase & ";" & strFilter & ";" & strAttributes & ";subtree"
      adoCommand.CommandText = strQuery
      ' Define the maximum records to return
      adoCommand.Properties("Page Size") = 100
      adoCommand.Properties("Timeout") = 30
      adoCommand.Properties("Cache Results") = False
 
      ' Run the query.
      Set adoRecordset = adoCommand.Execute
      ' Enumerate the resulting recordset.
      strReturnVal = ""
      Do Until adoRecordset.EOF
          ' Retrieve values and display.
          For intCount = LBound(arrProperties) To UBound(arrProperties)
                If strReturnVal = "" Then
                      strReturnVal = adoRecordset.Fields(intCount).Value
                Else
                      strReturnVal = strReturnVal & vbCrLf & adoRecordset.Fields(intCount).Value
                End If
          Next
          ' Move to the next record in the recordset.
          adoRecordset.MoveNext
      Loop
 
      ' Clean up.
      adoRecordset.Close
      ADOConnection.Close
      Get_LDAP_User_Properties = strReturnVal
 
End Function

Open in new window

0
 
LVL 65

Expert Comment

by:RobSampson
Comment Utility
Oops, under this:
            If Left(UCase(strUserADsPath), 7) = "LDAP://" Then

please add:
                  Set objUser = GetObject(strUserADsPath)


Regards,

Rob.
0
 
LVL 4

Author Closing Comment

by:seaninman
Comment Utility
Works great.  It would be nice if the script didn't prompt for you to click okay on every account modified.  Maybe an output txt file of the accounts that were successful and the ones that failed.
0
 
LVL 65

Expert Comment

by:RobSampson
Comment Utility
It wouldn't prompt you if you ran it with
cscript UpdateAccounts.vbs

and you could run
cscript UpdateAccounts.vbs > UpdateLog.txt

if you wanted to.

Do you want me to add a log?

Rob.
0

Featured Post

Top 6 Sources for Identifying Threat Actor TTPs

Understanding your enemy is essential. These six sources will help you identify the most popular threat actor tactics, techniques, and procedures (TTPs).

Join & Write a Comment

Hello again, all.  For those of you that have been following along, you'll know that this is my third article on this topic (though it is not Part III).  This article is sort of remedial, and probably the topic with which I should have started the s…
If you need to start windows update installation remotely or as a scheduled task you will find this very helpful.
This video discusses moving either the default database or any database to a new volume.
This video demonstrates how to create an example email signature rule for a department in a company using CodeTwo Exchange Rules. The signature will be inserted beneath users' latest emails in conversations and will be displayed in users' Sent Items…

772 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

10 Experts available now in Live!

Get 1:1 Help Now