Solved

Pull the terminalservicesinitialprogram property value from AD

Posted on 2013-06-13
2
782 Views
Last Modified: 2013-06-14
Hello,

I need to pull the ctxinitialprogram or terminalservicesinitialprogram property from AD for all users in all OUs.  I have a script from Josh Muehe that goes through AD and pulls different properties for users and dumps them in a .csv.  When I try to add the above property the script doesn't fail but it just runs indefinitely and never populates the .csv beyond the title row.  I have tried modifying the script below with both the ctxinitialprogram property in the query as well at the terminalservicesinitialprogram property.  Neither work.  I have included both scripts that I am running.   The shorter one pulls the property successfully for one user.  The longer one works great until I try to pull the initial program property.

Any help would be greatly appreciated as I have exhausted what little knowledge I have of scripting and my google chi is apparently inadequate to find a solution.

'Query again so we can report other fields
strBase = "<LDAP://" & strAD1 & "/" & OUFilter & DomainContainer & ">"
strAttributes = "sAMAccountName,cn,givenName,sn,distinguishedName,objectCategory,mail,description, createtimestamp, ctxinitialprogram"
strQuery = strBase & ";" & ldapFltr & ";" & strAttributes & ";subtree"

msgbox "strquery = " & strquery

adoCommand.CommandText = strQuery
Set adoRecordset = adoCommand.Execute

' Write compiled data to the log
objLogFile.WriteLine "Display Name, Logon Name, First Name, Last Name, E-Mail, Last Logon, Category, distinguishedName, OU, Description, created timestamp, Initial Program"

While NOT adoRecordset.EOF
      strObjectCategory = Mid(adoRecordset.Fields("objectCategory").value, 4, InStr(adoRecordset.Fields("objectCategory").value,",")-4)
      
        outputarray = split(adoRecordset.Fields("distinguishedName").Value, ",")

      for each x in outputarray
            if ucase(left(x, 3)) = "OU=" then
                           strOU = (right(x, (len(x)-3)))
                           Exit For            
            end if
      next

      arrDesc = adoRecordset.Fields("description").Value
           If IsNull(arrDesc) Then
               strDesc = ""
           Else
               strDesc = arrDesc(0)
          End If
 
      objLogFile.WriteLine CHR(34) & adoRecordset.Fields("cn").Value &  CHR(34) & "," &  CHR(34) & adoRecordset.Fields("sAMAccountName").Value & CHR(34) & "," _
            & CHR(34) & adoRecordset.Fields("givenName").Value & CHR(34) & "," & CHR(34) & adoRecordset.Fields("sn").Value & CHR(34) & "," & CHR(34) & adoRecordset.Fields("mail").Value & CHR(34) & "," _
            & CHR(34) & objList.Item(adoRecordset.Fields("sAMAccountName").Value) & CHR(34) & "," & CHR(34) & strObjectCategory & CHR(34) _
            & "," & CHR(34) & adoRecordset.Fields("distinguishedName").Value & CHR(34) & "," & CHR(34) & strOU & CHR(34) & "," & CHR(34) & strDesc & CHR(34) & "," & CHR(34) & adoRecordset.Fields("createtimestamp").Value & CHR(34)
      adoRecordset.MoveNext
Wend
initprogram.vbs
Last-Login-Report.vbs
0
Comment
Question by:telcor736
2 Comments
 
LVL 16

Accepted Solution

by:
cantoris earned 500 total points
ID: 39246810
I think the issue is that the value you want is stored *within* an attribute called userParameters and so can't be got at with a simple query; only by binding to each user object in turn and using a "property method" as your shorter script does.
Look at the accepted answer here:
http://social.technet.microsoft.com/Forums/en-US/ITCG/thread/9426bb08-0a47-4a4f-94b3-7d4beb5c8deb

Under Server2008, there is the suggestion that there is a directly readable LDAP attribute called  msTSInitialProgram.  Try that in your attribute list and see if it works.
0
 

Author Comment

by:telcor736
ID: 39247604
Thanks!  With a little modification that script in the link worked great!  The mstsintialprogram property does not work, FYI.
0

Featured Post

Better Security Awareness With Threat Intelligence

See how one of the leading financial services organizations uses Recorded Future as part of a holistic threat intelligence program to promote security awareness and proactively and efficiently identify threats.

Join & Write a Comment

The password reset disk is often mentioned as the best solution to deal with the lost Windows password problem. In Windows 2008, 7, Vista and XP, a password reset disk can be easily created. But besides Windows 7/Vista/XP, Windows Server 2008 and ot…
Possible fixes for Windows 7 and Windows Server 2008 updating problem. Solutions mentioned are from Microsoft themselves. I started a case with them from our Microsoft Silver Partner option to open a case and get direct support from Microsoft. If s…
In this video, we discuss why the need for additional vertical screen space has become more important in recent years, namely, due to the transition in the marketplace of 4x3 computer screens to 16x9 and 16x10 screens (so-called widescreen format). …
With the advent of Windows 10, Microsoft is pushing a Get Windows 10 icon into the notification area (system tray) of qualifying computers. There are many reasons for wanting to remove this icon. This two-part Experts Exchange video Micro Tutorial s…

758 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

17 Experts available now in Live!

Get 1:1 Help Now