Solved

Query Active Director based on prompted username

Posted on 2013-11-13
8
257 Views
Last Modified: 2013-11-15
I need to query some Active Directory information based on a username being entered.

I used this which works great for the currently logged in user:

Set ADSysInfo = CreateObject("ADSystemInfo")
Set CurrentUser = GetObject("LDAP://" & ADSysInfo.UserName)

Open in new window


I tried this but it came back with "no such object".  Not sure what I'm supposed to be passing in place userInitials.

userInitials = InputBox("Enter User's Initials")
Set CurrentUser = GetObject("LDAP://CN=" & userInitials & ",OU=Current Users,DC=domain,DC=com")

Open in new window


How do I substitute ADSysInfo.UserName for the prompted userInitials?
0
Comment
Question by:mcnuttlaw
  • 4
  • 4
8 Comments
 
LVL 9

Expert Comment

by:WebDevEM
ID: 39645133
Hi,

I don't have an LDAP server I can test this against at the moment, but I found a list of the properties that may help you (here)  If I'm reading that right, you'd want to use "initials" instead of "CN" (which is their full name)
userInitials = InputBox("Enter User's Initials")
Set CurrentUser = GetObject("LDAP://initials=" & userInitials & ",OU=Current Users,DC=domain,DC=com")

Open in new window

Hope this helps!

WebDevEM
0
 
LVL 2

Author Comment

by:mcnuttlaw
ID: 39645209
Thanks but it did not work.

I also tried uid.
0
 
LVL 9

Expert Comment

by:WebDevEM
ID: 39645256
Are you replacing your own directory information in the rest of the GetObject line, or leaving the example ",OU=Current Users,DC=domain,DC=com" in there?  If you leave that example text in, your query will look for somebody matching the given initials only if they are in a group named "Current Users" within "domain.com"

You could probably get away with leaving that section out - I have some old code I use which queries an LDAP server as if it was a SQL database, and my query to retrieve all users is
SELECT ipphone, homephone, mobile, name, mail, telephonenumber, givenName, sn, userAccountControl, extensionattribute1,extensionattribute2 FROM 'LDAP://" & LDAPServer & "' WHERE objectClass='*' AND ObjectCategory='user' ORDER BY sn

Open in new window

so in your case this might work:
userInitials = InputBox("Enter User's Initials")
Set CurrentUser = GetObject("LDAP://initials=" & userInitials)

Open in new window

0
 
LVL 2

Author Comment

by:mcnuttlaw
ID: 39645408
Your second suggestion did not work.  Returned "an operations error occurred".

However, your old code looks interesting.  I'll give that a try.
0
How your wiki can always stay up-to-date

Quip doubles as a “living” wiki and a project management tool that evolves with your organization. As you finish projects in Quip, the work remains, easily accessible to all team members, new and old.
- Increase transparency
- Onboard new hires faster
- Access from mobile/offline

 
LVL 9

Accepted Solution

by:
WebDevEM earned 500 total points
ID: 39645441
Here's a more complete version of that code - what I pasted above was just the SELECT string.
LDAPServer="ServerNameDomainController"
SQLStmt = "SELECT ipphone, homephone, mobile, name, mail, telephonenumber, givenName, sn, userAccountControl, extensionattribute1,extensionattribute2 FROM 'LDAP://" & LDAPServer & "' WHERE objectClass='*' AND ObjectCategory='user' ORDER BY sn"

		Set Conn = CreateObject("ADODB.Connection")
		Conn.Provider = "ADSDSOObject"
		Conn.Properties("User ID") = "userid"
		Conn.Properties("Password") = "password"
		Conn.Properties("Encrypt Password") = True


		Conn.Open "ADs Provider"

		Set rs = Conn.Execute(SQLStmt)

Open in new window

Then you loop through the rs and display the fields like this:
Do While Not rs.EOF Or rs.BOF
  Response.Write("Phone - " & rs("telephonenumber") & "<BR>")
  rs.MoveNext
Loop

Open in new window

0
 
LVL 2

Author Comment

by:mcnuttlaw
ID: 39647936
I'm getting an error:

Object required: Response
0
 
LVL 9

Expert Comment

by:WebDevEM
ID: 39647991
Oh, that code was originally in a web page not a standalone VBS file.  What to do instead depends on how you want your output.  If you want it to display on the screen, you can use
WScript.echo(rs("telephonenumber"))

Open in new window

What is it you're trying to do with the results?
0
 
LVL 2

Author Comment

by:mcnuttlaw
ID: 39651231
I'm experimenting with different methods (including yours) of getting info from AD for a project.

I was able to accomplish the task by using my original method via a login script.
0

Featured Post

Why You Should Analyze Threat Actor TTPs

After years of analyzing threat actor behavior, it’s become clear that at any given time there are specific tactics, techniques, and procedures (TTPs) that are particularly prevalent. By analyzing and understanding these TTPs, you can dramatically enhance your security program.

Join & Write a Comment

Script to copy or move mouse-selected collection of files plus targets referenced by shortcuts (.lnk) The purpose of this article is to help illuminate the real challenges and options available (where they may exist) for utilizing simple scriptin…
This script will sweep a range of IP addresses (class c only, 255.255.255.0) and report to a log the version of office installed. What it does: 1.)      Creates log file in the directory the script is run from (if it doesn't already exist) 2.)      Sweep…
This video discusses moving either the default database or any database to a new volume.
This demo shows you how to set up the containerized NetScaler CPX with NetScaler Management and Analytics System in a non-routable Mesos/Marathon environment for use with Micro-Services applications.

757 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

23 Experts available now in Live!

Get 1:1 Help Now