Solved

How to Programmatically get the @domain.com of an internal domain through a VB Script

Posted on 2011-09-16
4
358 Views
Last Modified: 2012-05-12
I'm building a script I want to be able to execute on clients to create an OU in a domain, and create an account in that ou in the domain. This is not a problem.

The challenge is I'm trying to set the UPN property of these accounts. I can easily do this if I know the domain I'm working with, but I don't want to hardcode that into the script. I want the script to be able to figure out what the domain is and put into the proper formate for the attribute ,

The relevant portions of my script
The AD Bind
Set objRootLDAP = GetObject("LDAP://rootDSE")

and the setting the account property
objUser.Put "userPrincipalName", strUser & "@" & objRootLDAP.Get("defaultNamingContext")
objUser.SetInfo

Assuming strUser is a varible which contacts the username to go into the UPN this unfortunately sets the UPN to something along the lines username@DC=domain,DC=com

What I need is username@domain.com

I thought maybe I could use WshNetwork and echo the Domain but this only returns Domain, and not Domain.com

Any thoughts?
0
Comment
Question by:Ignition_Helpdesk
  • 2
4 Comments
 
LVL 9

Expert Comment

by:Lester_Clayton
ID: 36551860
You need to be a bit careful here - a UPN can be different from the actual domain name. For example, if you're hosting a lot of clients in one Active Directory, you could set their UPN names to be their e-mail addresses - and ask them to log in with their e-mail address.  It is also possible for accounts to not have a UPN at all.  Getting the UPN from Active Directory is relatively easy - using this code:

Option Explicit

Dim objADSystemInfo, objUser
Dim upn

Set objADSystemInfo = CreateObject("ADSystemInfo") 

Set objUser = GetObject("LDAP://" & objADSystemInfo.UserName)

upn = objUser.userprincipalname

WScript.echo upn

Open in new window


Something that might be a bit safer - is to get the environment variable USERDNSDOMAIN - it will show the user's domain in the format you'd like.  Something like this would be nice:

Option Explicit

Dim objShell, objUserEnv
Dim Domain

Set objShell = CreateObject( "WScript.Shell" )
Set objUserEnv = objShell.Environment( "PROCESS" )

Domain = objUserEnv("USERDNSDOMAIN")

WScript.Echo Domain

Open in new window


Have fun!
0
 
LVL 59

Expert Comment

by:Chris Bottomley
ID: 36551888
See the what I think is a similar question here http://www.experts-exchange.com/Microsoft/Development/MS_Access/Q_25949165.html

Basically passing the exchange username to the getsmtpaddress function and it will return the full smtp address that you can then process.

Chris
0
 
LVL 4

Accepted Solution

by:
Ignition_Helpdesk earned 0 total points
ID: 36711623
I did some more searching around and found a MS article on how to return the default upn suffix for a domain. script snippet below

Set objRootLDAP = GetObject("LDAP://rootDSE")
strNamingContext = objRootLDAP.Get("defaultNamingContext")
Set oDomain = GetObject("LDAP://" + strNamingContext)
oDomain.GetInfoEx Array ("canonicalName"),0
strCanonical = oDomain.Get("canonicalName")
strDefaultUPNSuffix = Left(strCanonical, Len(strCanonical) - 1) 'clip off "/"
0
 
LVL 4

Author Closing Comment

by:Ignition_Helpdesk
ID: 36898952
some of the answers provided would have worked, but not quite the way I wanted to get the information.
0

Featured Post

Netscaler Common Configuration How To guides

If you use NetScaler you will want to see these guides. The NetScaler How To Guides show administrators how to get NetScaler up and configured by providing instructions for common scenarios and some not so common ones.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

This article runs through the process of deploying a single EXE application selectively to a group of user.
This article outlines the process to identify and resolve account lockout in an Active Directory environment.
This tutorial will walk an individual through the process of transferring the five major, necessary Active Directory Roles, commonly referred to as the FSMO roles to another domain controller. Log onto the new domain controller with a user account t…
Microsoft Active Directory, the widely used IT infrastructure, is known for its high risk of credential theft. The best way to test your Active Directory’s vulnerabilities to pass-the-ticket, pass-the-hash, privilege escalation, and malware attacks …

808 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question