Solved

Pull the terminalservicesinitialprogram property value from AD

Posted on 2013-06-13
2
803 Views
Last Modified: 2013-06-14
Hello,

I need to pull the ctxinitialprogram or terminalservicesinitialprogram property from AD for all users in all OUs.  I have a script from Josh Muehe that goes through AD and pulls different properties for users and dumps them in a .csv.  When I try to add the above property the script doesn't fail but it just runs indefinitely and never populates the .csv beyond the title row.  I have tried modifying the script below with both the ctxinitialprogram property in the query as well at the terminalservicesinitialprogram property.  Neither work.  I have included both scripts that I am running.   The shorter one pulls the property successfully for one user.  The longer one works great until I try to pull the initial program property.

Any help would be greatly appreciated as I have exhausted what little knowledge I have of scripting and my google chi is apparently inadequate to find a solution.

'Query again so we can report other fields
strBase = "<LDAP://" & strAD1 & "/" & OUFilter & DomainContainer & ">"
strAttributes = "sAMAccountName,cn,givenName,sn,distinguishedName,objectCategory,mail,description, createtimestamp, ctxinitialprogram"
strQuery = strBase & ";" & ldapFltr & ";" & strAttributes & ";subtree"

msgbox "strquery = " & strquery

adoCommand.CommandText = strQuery
Set adoRecordset = adoCommand.Execute

' Write compiled data to the log
objLogFile.WriteLine "Display Name, Logon Name, First Name, Last Name, E-Mail, Last Logon, Category, distinguishedName, OU, Description, created timestamp, Initial Program"

While NOT adoRecordset.EOF
      strObjectCategory = Mid(adoRecordset.Fields("objectCategory").value, 4, InStr(adoRecordset.Fields("objectCategory").value,",")-4)
      
        outputarray = split(adoRecordset.Fields("distinguishedName").Value, ",")

      for each x in outputarray
            if ucase(left(x, 3)) = "OU=" then
                           strOU = (right(x, (len(x)-3)))
                           Exit For            
            end if
      next

      arrDesc = adoRecordset.Fields("description").Value
           If IsNull(arrDesc) Then
               strDesc = ""
           Else
               strDesc = arrDesc(0)
          End If
 
      objLogFile.WriteLine CHR(34) & adoRecordset.Fields("cn").Value &  CHR(34) & "," &  CHR(34) & adoRecordset.Fields("sAMAccountName").Value & CHR(34) & "," _
            & CHR(34) & adoRecordset.Fields("givenName").Value & CHR(34) & "," & CHR(34) & adoRecordset.Fields("sn").Value & CHR(34) & "," & CHR(34) & adoRecordset.Fields("mail").Value & CHR(34) & "," _
            & CHR(34) & objList.Item(adoRecordset.Fields("sAMAccountName").Value) & CHR(34) & "," & CHR(34) & strObjectCategory & CHR(34) _
            & "," & CHR(34) & adoRecordset.Fields("distinguishedName").Value & CHR(34) & "," & CHR(34) & strOU & CHR(34) & "," & CHR(34) & strDesc & CHR(34) & "," & CHR(34) & adoRecordset.Fields("createtimestamp").Value & CHR(34)
      adoRecordset.MoveNext
Wend
initprogram.vbs
Last-Login-Report.vbs
0
Comment
Question by:telcor736
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
2 Comments
 
LVL 16

Accepted Solution

by:
cantoris earned 500 total points
ID: 39246810
I think the issue is that the value you want is stored *within* an attribute called userParameters and so can't be got at with a simple query; only by binding to each user object in turn and using a "property method" as your shorter script does.
Look at the accepted answer here:
http://social.technet.microsoft.com/Forums/en-US/ITCG/thread/9426bb08-0a47-4a4f-94b3-7d4beb5c8deb

Under Server2008, there is the suggestion that there is a directly readable LDAP attribute called  msTSInitialProgram.  Try that in your attribute list and see if it works.
0
 

Author Comment

by:telcor736
ID: 39247604
Thanks!  With a little modification that script in the link worked great!  The mstsintialprogram property does not work, FYI.
0

Featured Post

Is Your AD Toolbox Looking More Like a Toybox?

Managing Active Directory can get complicated.  Often, the native tools for managing AD are just not up to the task.  The largest Active Directory installations in the world have relied on one tool to manage their day-to-day administration tasks: Hyena. Start your trial today.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Suggested Solutions

Scenario:  You do full backups to a internal hard drive in either product (SBS or Server 2008).  All goes well for a very long time.  One day, backups begin to fail with a message that the disk is full.  Your disk contains many, many more backups th…
Ever notice how you can't use a new drive in Windows without having Windows assigning a Disk Signature?  Ever have a signature collision problem (especially with Virtual Machines?)  This article is intended to help you understand what's going on and…
This tutorial will give a short introduction and overview of Backup Exec 2012 and how to navigate and perform basic functions. Click on the Backup Exec button in the upper left corner. From here, are global settings for the application such as conne…
This tutorial will walk an individual through locating and launching the BEUtility application to properly change the service account username and\or password in situation where it may be necessary or where the password has been inadvertently change…

737 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question