Solved

Query Active Directory

Posted on 2014-03-05
17
440 Views
Last Modified: 2014-03-06
I have this little script to extract some infos from the Avtive Directory. It comes up with an error messageon Line 9 : An Invalid dn syntax has been specified.

Please help . Thanks

'On Error Resume Next
Dim objUser

searchDN   = "DC=sptyres,DC=com, DC=AU"                            
serverName = "10.24.20.25"                              
userid     = InputBox("Enter user id","User ID")    
ldapFilter = "(sAMAccountName>=" + userid + ")"

Set objuser = GetObject("LDAP://" & serverName & "/" & searchDN & ">;" & ldapFilter)

WScript.Echo "DN: " & objUser.distinguishedName
WScript.Echo ""
WScript.Echo "GENERAL"
WScript.Echo "First name: " & objUser.givenName
WScript.Echo "Initials: " & objUser.initials
WScript.Echo "Last name: " & objUser.sn
WScript.Echo "Display name: " & objUser.displayName
WScript.Echo "Description: " & objUser.description
WScript.Echo "Office: " & objUser.physicalDeliveryOfficeName
WScript.Echo "Telephone number: " & objUser.telephoneNumber
WScript.Echo "Other Telephone numbers: " & objUser.otherTelephone
WScript.Echo "Email: " & objUser.mail
WScript.Echo "Web page: " & objUser.wWWHomePage
WScript.Echo "Other Web pages: " & objUser.url
0
Comment
Question by:Bianchi928
  • 8
  • 6
  • 3
17 Comments
 
LVL 19

Expert Comment

by:Ken Butters
ID: 39907894
not sure if this is entire problem but:

ldapFilter = "(sAMAccountName>=" + userid + ")"

Concatenate strings is with "&" not "+"

So should be :
ldapFilter = "(sAMAccountName>=" & userid & ")"
0
 

Author Comment

by:Bianchi928
ID: 39907955
Nope..Still the same problem
0
 
LVL 19

Expert Comment

by:Ken Butters
ID: 39907983
Looking at this line:

Set objuser = GetObject("LDAP://" & serverName & "/" & searchDN & ">;" & ldapFilter)

Open in new window


*** Updated comment

Thinking the ">" is meant to be a comma.


Set objuser = GetObject("LDAP://" & serverName & "/" & searchDN & "," & ldapFilter)

Open in new window

0
 

Author Comment

by:Bianchi928
ID: 39908005
I did the change and it comes up with the following error message.

Error 0x80005000

Regards
0
 
LVL 19

Expert Comment

by:Ken Butters
ID: 39908009
Can you post updated code?
0
 

Author Comment

by:Bianchi928
ID: 39908021
Sorry..don't wory about the 0x80005000.

It's still showing : An Invalid dn syntax has been specified.

'On Error Resume Next
Dim objUser

searchDN   = "DC=sptyres,DC=com, DC=AU"                            
serverName = "10.24.20.25"                              
userid     = InputBox("Enter user id","User ID")    
ldapFilter = "(sAMAccountName>=" & userid & ")"

Set objuser = GetObject("LDAP://" & serverName & "/" & searchDN & "," & ldapFilter)

WScript.Echo "DN: " & objUser.distinguishedName
WScript.Echo ""
WScript.Echo "GENERAL"
0
 
LVL 65

Expert Comment

by:RobSampson
ID: 39908164
Hi, your code is not performing a search.  The LDAP Filter you are trying to use is intended for use with the ADsDSOObject provider.  To use what you have with a GetObject call, you need only
Set objUser = GetObject("LDAP://CN=Your User,OU=SomeOU,DC=domain,DC=com")

To perform your search using the provider, you will need code like this:
Dim objUser

searchDN   = "DC=sptyres,DC=com,DC=AU"
serverName = "10.24.20.25"
userid     = InputBox("Enter user id","User ID")
ldapFilter = "(&(sAMAccountName=" + userid + "))"

strBase = "<LDAP://" & servername & "/" & searchDN & ">"
' Setup ADO objects.
Set adoCommand = CreateObject("ADODB.Command")
Set ADOConnection = CreateObject("ADODB.Connection")
Set rsADUsers = CreateObject("ADODB.Recordset")
ADOConnection.Provider = "ADsDSOObject"
ADOConnection.Open "Active Directory Provider"
ADOConnection.CursorLocation = 3
adoCommand.ActiveConnection = ADOConnection

' Comma delimited list of attribute values to retrieve.
strAttributes = "distinguishedName"

' Construct the LDAP syntax query.
strQuery = strBase & ";" & strFilter & ";" & strAttributes & ";subtree"
adoCommand.CommandText = strQuery
' Define the maximum records to return
adoCommand.Properties("Page Size") = 100
adoCommand.Properties("Timeout") = 30
adoCommand.Properties("Cache Results") = False

' Run the query.
Set rsADUsers = adoCommand.Execute

While Not rsADUsers.EOF
	Set objuser = GetObject("LDAP://" & rsADUsers("distinguishedName"))
	
	WScript.Echo "DN: " & objUser.distinguishedName
	WScript.Echo ""
	WScript.Echo "GENERAL"
	WScript.Echo "First name: " & objUser.givenName
	WScript.Echo "Initials: " & objUser.initials
	WScript.Echo "Last name: " & objUser.sn
	WScript.Echo "Display name: " & objUser.displayName
	WScript.Echo "Description: " & objUser.description
	WScript.Echo "Office: " & objUser.physicalDeliveryOfficeName
	WScript.Echo "Telephone number: " & objUser.telephoneNumber
	WScript.Echo "Other Telephone numbers: " & objUser.otherTelephone
	WScript.Echo "Email: " & objUser.mail
	WScript.Echo "Web page: " & objUser.wWWHomePage
	WScript.Echo "Other Web pages: " & objUser.url
	
	rsADUsers.MoveNext
Wend

Open in new window


Regards,

Rob.
0
 

Author Comment

by:Bianchi928
ID: 39908199
Hi Rob,

Thanks for helping

I've modified mine and I'm gettign an error

There is no such object on the server. I'm not too familiar with LDAP. I might have the wrong info for CN , OU

The userid is cis0794 and the domain is sptyres.com.au

I'll talk to you about using a provider later.


'On Error Resume Next
Dim objUser

'searchDN   = "DC=sptyres,DC=com, DC=AU"                            
'serverName = "10.24.20.25"                              
'userid     = InputBox("Enter user id","User ID")    
'ldapFilter = "(sAMAccountName>=" & userid & ")"

Set objUser = GetObject("LDAP://CN=cis0794,OU=users,DC=sptyres,DC=com,DC=au")

WScript.Echo "DN: " & objUser.distinguishedName
0
How to run any project with ease

Manage projects of all sizes how you want. Great for personal to-do lists, project milestones, team priorities and launch plans.
- Combine task lists, docs, spreadsheets, and chat in one
- View and edit from mobile/offline
- Cut down on emails

 
LVL 65

Expert Comment

by:RobSampson
ID: 39908233
If it's the default Users container, it will need to be CN=Users, instead of OU=Users,

Rob.
0
 

Author Comment

by:Bianchi928
ID: 39908242
I'm a bit lost here. Where do I pass in the userid parameter. I only want to get the details for  a specific user
0
 
LVL 65

Expert Comment

by:RobSampson
ID: 39908253
OK, so from your original script, all you should need is this
Dim objUser

Set objuser = GetObject("LDAP://CN=cis0794,CN=users,DC=sptyres,DC=com,DC=au")

WScript.Echo "DN: " & objUser.distinguishedName
WScript.Echo ""
WScript.Echo "GENERAL"
WScript.Echo "First name: " & objUser.givenName
WScript.Echo "Initials: " & objUser.initials
WScript.Echo "Last name: " & objUser.sn
WScript.Echo "Display name: " & objUser.displayName
WScript.Echo "Description: " & objUser.description
WScript.Echo "Office: " & objUser.physicalDeliveryOfficeName
WScript.Echo "Telephone number: " & objUser.telephoneNumber
WScript.Echo "Other Telephone numbers: " & objUser.otherTelephone
WScript.Echo "Email: " & objUser.mail
WScript.Echo "Web page: " & objUser.wWWHomePage
WScript.Echo "Other Web pages: " & objUser.url 

Open in new window


Regards,

Rob.
0
 

Author Comment

by:Bianchi928
ID: 39908263
OPkay..I tested tthis last script from you and I'm getting

There is no such object on the server on LIne 3
0
 
LVL 65

Expert Comment

by:RobSampson
ID: 39908347
OK, so we can get the distinguished name of the user by logging in as that user, then running this code:
Set objADSysInfo = CreateObject("ADSystemInfo")
Set objUser = GetObject("LDAP://" & objADSysInfo.UserName)
WScript.Echo objUser.distinguishedName

Open in new window


Then you can plug that distringuished name into the main script, and it should bind to the object.

Regards,

Rob.
0
 

Author Comment

by:Bianchi928
ID: 39908376
Okay..we're getting there .. I have modified the script to down below and it works fine.
But If I want to prompt a user name or id , how do I go about it . Because I might have to run it for any selected user from my computer.

Set objADSysInfo = CreateObject("ADSystemInfo")
Set objUser = GetObject("LDAP://" & objADSysInfo.UserName)
WScript.Echo objUser.distinguishedName

Dim objUser

Set objuser = GetObject("LDAP://CN=Christian Requin,OU=user,OU=Windows 7,DC=sptyres,DC=com,DC=au")

WScript.Echo "DN: " & objUser.distinguishedName
WScript.Echo ""
WScript.Echo "GENERAL"
WScript.Echo "First name: " & objUser.givenName
WScript.Echo "Initials: " & objUser.initials
WScript.Echo "Last name: " & objUser.sn
WScript.Echo "Display name: " & objUser.displayName
WScript.Echo "Description: " & objUser.description
WScript.Echo "Office: " & objUser.physicalDeliveryOfficeName
WScript.Echo "Telephone number: " & objUser.telephoneNumber
WScript.Echo "Other Telephone numbers: " & objUser.otherTelephone
WScript.Echo "Email: " & objUser.mail
WScript.Echo "Web page: " & objUser.wWWHomePage
WScript.Echo "Other Web pages: " & objUser.url
0
 
LVL 65

Accepted Solution

by:
RobSampson earned 200 total points
ID: 39908408
OK great, so now you can see how the distinguished name needs to be passed.  However, for searching, you need to use the provider I spoke of earlier, so this code should do that for you.

Dim objUser

searchDN   = "DC=sptyres,DC=com,DC=au"
userid     = InputBox("Enter user id","User ID")
ldapFilter = "(&(sAMAccountName=" & userid & "))"

strBase = "<LDAP://" & searchDN & ">"
' Setup ADO objects.
Set adoCommand = CreateObject("ADODB.Command")
Set ADOConnection = CreateObject("ADODB.Connection")
Set rsADUsers = CreateObject("ADODB.Recordset")
ADOConnection.Provider = "ADsDSOObject"
ADOConnection.Open "Active Directory Provider"
ADOConnection.CursorLocation = 3
adoCommand.ActiveConnection = ADOConnection

' Comma delimited list of attribute values to retrieve.
strAttributes = "distinguishedName"

' Construct the LDAP syntax query.
strQuery = strBase & ";" & ldapFilter & ";" & strAttributes & ";subtree"
WScript.Echo strQuery
adoCommand.CommandText = strQuery
' Define the maximum records to return
adoCommand.Properties("Page Size") = 100
adoCommand.Properties("Timeout") = 30
adoCommand.Properties("Cache Results") = False

' Run the query.
Set rsADUsers = adoCommand.Execute

While Not rsADUsers.EOF
	Set objuser = GetObject("LDAP://" & rsADUsers("distinguishedName"))
	
	WScript.Echo "DN: " & objUser.distinguishedName
	WScript.Echo ""
	WScript.Echo "GENERAL"
	WScript.Echo "First name: " & objUser.givenName
	WScript.Echo "Initials: " & objUser.initials
	WScript.Echo "Last name: " & objUser.sn
	WScript.Echo "Display name: " & objUser.displayName
	WScript.Echo "Description: " & objUser.description
	WScript.Echo "Office: " & objUser.physicalDeliveryOfficeName
	WScript.Echo "Telephone number: " & objUser.telephoneNumber
	WScript.Echo "Other Telephone numbers: " & objUser.otherTelephone
	WScript.Echo "Email: " & objUser.mail
	WScript.Echo "Web page: " & objUser.wWWHomePage
	WScript.Echo "Other Web pages: " & objUser.url
	
	rsADUsers.MoveNext
Wend

Open in new window


Note that I have removed the server specification, so we're using a serverless bind.

Regards,

Rob.
0
 

Author Closing Comment

by:Bianchi928
ID: 39908886
Perfect Rob. It all makes sense now. Thanks a lot
0
 
LVL 65

Expert Comment

by:RobSampson
ID: 39909027
No problem. Thanks for the grade.
0

Featured Post

Enabling OSINT in Activity Based Intelligence

Activity based intelligence (ABI) requires access to all available sources of data. Recorded Future allows analysts to observe structured data on the open, deep, and dark web.

Join & Write a Comment

Well hello again!  Glad to see you've made it this far without giving up.  In this, the fourth installment of my popular series, I'm going to cover functions and subroutines, what they are, and why they are useful.  Just in case you stumbled onto th…
This script will sweep a range of IP addresses (class c only, 255.255.255.0) and report to a log the version of office installed. What it does: 1.)      Creates log file in the directory the script is run from (if it doesn't already exist) 2.)      Sweep…
It is a freely distributed piece of software for such tasks as photo retouching, image composition and image authoring. It works on many operating systems, in many languages.
Here's a very brief overview of the methods PRTG Network Monitor (https://www.paessler.com/prtg) offers for monitoring bandwidth, to help you decide which methods you´d like to investigate in more detail.  The methods are covered in more detail in o…

762 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

22 Experts available now in Live!

Get 1:1 Help Now