Query Active Directory

Bianchi928
Bianchi928 used Ask the Experts™
on
I have this little script to extract some infos from the Avtive Directory. It comes up with an error messageon Line 9 : An Invalid dn syntax has been specified.

Please help . Thanks

'On Error Resume Next
Dim objUser

searchDN   = "DC=sptyres,DC=com, DC=AU"                            
serverName = "10.24.20.25"                              
userid     = InputBox("Enter user id","User ID")    
ldapFilter = "(sAMAccountName>=" + userid + ")"

Set objuser = GetObject("LDAP://" & serverName & "/" & searchDN & ">;" & ldapFilter)

WScript.Echo "DN: " & objUser.distinguishedName
WScript.Echo ""
WScript.Echo "GENERAL"
WScript.Echo "First name: " & objUser.givenName
WScript.Echo "Initials: " & objUser.initials
WScript.Echo "Last name: " & objUser.sn
WScript.Echo "Display name: " & objUser.displayName
WScript.Echo "Description: " & objUser.description
WScript.Echo "Office: " & objUser.physicalDeliveryOfficeName
WScript.Echo "Telephone number: " & objUser.telephoneNumber
WScript.Echo "Other Telephone numbers: " & objUser.otherTelephone
WScript.Echo "Email: " & objUser.mail
WScript.Echo "Web page: " & objUser.wWWHomePage
WScript.Echo "Other Web pages: " & objUser.url
Comment
Watch Question

Do more with

Expert Office
EXPERT OFFICE® is a registered trademark of EXPERTS EXCHANGE®
not sure if this is entire problem but:

ldapFilter = "(sAMAccountName>=" + userid + ")"

Concatenate strings is with "&" not "+"

So should be :
ldapFilter = "(sAMAccountName>=" & userid & ")"

Author

Commented:
Nope..Still the same problem
Looking at this line:

Set objuser = GetObject("LDAP://" & serverName & "/" & searchDN & ">;" & ldapFilter)

Open in new window


*** Updated comment

Thinking the ">" is meant to be a comma.


Set objuser = GetObject("LDAP://" & serverName & "/" & searchDN & "," & ldapFilter)

Open in new window

Learn Ruby Fundamentals

This course will introduce you to Ruby, as well as teach you about classes, methods, variables, data structures, loops, enumerable methods, and finishing touches.

Author

Commented:
I did the change and it comes up with the following error message.

Error 0x80005000

Regards
Can you post updated code?

Author

Commented:
Sorry..don't wory about the 0x80005000.

It's still showing : An Invalid dn syntax has been specified.

'On Error Resume Next
Dim objUser

searchDN   = "DC=sptyres,DC=com, DC=AU"                            
serverName = "10.24.20.25"                              
userid     = InputBox("Enter user id","User ID")    
ldapFilter = "(sAMAccountName>=" & userid & ")"

Set objuser = GetObject("LDAP://" & serverName & "/" & searchDN & "," & ldapFilter)

WScript.Echo "DN: " & objUser.distinguishedName
WScript.Echo ""
WScript.Echo "GENERAL"
Most Valuable Expert 2012
Top Expert 2014

Commented:
Hi, your code is not performing a search.  The LDAP Filter you are trying to use is intended for use with the ADsDSOObject provider.  To use what you have with a GetObject call, you need only
Set objUser = GetObject("LDAP://CN=Your User,OU=SomeOU,DC=domain,DC=com")

To perform your search using the provider, you will need code like this:
Dim objUser

searchDN   = "DC=sptyres,DC=com,DC=AU"
serverName = "10.24.20.25"
userid     = InputBox("Enter user id","User ID")
ldapFilter = "(&(sAMAccountName=" + userid + "))"

strBase = "<LDAP://" & servername & "/" & searchDN & ">"
' Setup ADO objects.
Set adoCommand = CreateObject("ADODB.Command")
Set ADOConnection = CreateObject("ADODB.Connection")
Set rsADUsers = CreateObject("ADODB.Recordset")
ADOConnection.Provider = "ADsDSOObject"
ADOConnection.Open "Active Directory Provider"
ADOConnection.CursorLocation = 3
adoCommand.ActiveConnection = ADOConnection

' Comma delimited list of attribute values to retrieve.
strAttributes = "distinguishedName"

' Construct the LDAP syntax query.
strQuery = strBase & ";" & strFilter & ";" & strAttributes & ";subtree"
adoCommand.CommandText = strQuery
' Define the maximum records to return
adoCommand.Properties("Page Size") = 100
adoCommand.Properties("Timeout") = 30
adoCommand.Properties("Cache Results") = False

' Run the query.
Set rsADUsers = adoCommand.Execute

While Not rsADUsers.EOF
	Set objuser = GetObject("LDAP://" & rsADUsers("distinguishedName"))
	
	WScript.Echo "DN: " & objUser.distinguishedName
	WScript.Echo ""
	WScript.Echo "GENERAL"
	WScript.Echo "First name: " & objUser.givenName
	WScript.Echo "Initials: " & objUser.initials
	WScript.Echo "Last name: " & objUser.sn
	WScript.Echo "Display name: " & objUser.displayName
	WScript.Echo "Description: " & objUser.description
	WScript.Echo "Office: " & objUser.physicalDeliveryOfficeName
	WScript.Echo "Telephone number: " & objUser.telephoneNumber
	WScript.Echo "Other Telephone numbers: " & objUser.otherTelephone
	WScript.Echo "Email: " & objUser.mail
	WScript.Echo "Web page: " & objUser.wWWHomePage
	WScript.Echo "Other Web pages: " & objUser.url
	
	rsADUsers.MoveNext
Wend

Open in new window


Regards,

Rob.

Author

Commented:
Hi Rob,

Thanks for helping

I've modified mine and I'm gettign an error

There is no such object on the server. I'm not too familiar with LDAP. I might have the wrong info for CN , OU

The userid is cis0794 and the domain is sptyres.com.au

I'll talk to you about using a provider later.


'On Error Resume Next
Dim objUser

'searchDN   = "DC=sptyres,DC=com, DC=AU"                            
'serverName = "10.24.20.25"                              
'userid     = InputBox("Enter user id","User ID")    
'ldapFilter = "(sAMAccountName>=" & userid & ")"

Set objUser = GetObject("LDAP://CN=cis0794,OU=users,DC=sptyres,DC=com,DC=au")

WScript.Echo "DN: " & objUser.distinguishedName
Most Valuable Expert 2012
Top Expert 2014

Commented:
If it's the default Users container, it will need to be CN=Users, instead of OU=Users,

Rob.

Author

Commented:
I'm a bit lost here. Where do I pass in the userid parameter. I only want to get the details for  a specific user
Most Valuable Expert 2012
Top Expert 2014

Commented:
OK, so from your original script, all you should need is this
Dim objUser

Set objuser = GetObject("LDAP://CN=cis0794,CN=users,DC=sptyres,DC=com,DC=au")

WScript.Echo "DN: " & objUser.distinguishedName
WScript.Echo ""
WScript.Echo "GENERAL"
WScript.Echo "First name: " & objUser.givenName
WScript.Echo "Initials: " & objUser.initials
WScript.Echo "Last name: " & objUser.sn
WScript.Echo "Display name: " & objUser.displayName
WScript.Echo "Description: " & objUser.description
WScript.Echo "Office: " & objUser.physicalDeliveryOfficeName
WScript.Echo "Telephone number: " & objUser.telephoneNumber
WScript.Echo "Other Telephone numbers: " & objUser.otherTelephone
WScript.Echo "Email: " & objUser.mail
WScript.Echo "Web page: " & objUser.wWWHomePage
WScript.Echo "Other Web pages: " & objUser.url 

Open in new window


Regards,

Rob.

Author

Commented:
OPkay..I tested tthis last script from you and I'm getting

There is no such object on the server on LIne 3
Most Valuable Expert 2012
Top Expert 2014

Commented:
OK, so we can get the distinguished name of the user by logging in as that user, then running this code:
Set objADSysInfo = CreateObject("ADSystemInfo")
Set objUser = GetObject("LDAP://" & objADSysInfo.UserName)
WScript.Echo objUser.distinguishedName

Open in new window


Then you can plug that distringuished name into the main script, and it should bind to the object.

Regards,

Rob.

Author

Commented:
Okay..we're getting there .. I have modified the script to down below and it works fine.
But If I want to prompt a user name or id , how do I go about it . Because I might have to run it for any selected user from my computer.

Set objADSysInfo = CreateObject("ADSystemInfo")
Set objUser = GetObject("LDAP://" & objADSysInfo.UserName)
WScript.Echo objUser.distinguishedName

Dim objUser

Set objuser = GetObject("LDAP://CN=Christian Requin,OU=user,OU=Windows 7,DC=sptyres,DC=com,DC=au")

WScript.Echo "DN: " & objUser.distinguishedName
WScript.Echo ""
WScript.Echo "GENERAL"
WScript.Echo "First name: " & objUser.givenName
WScript.Echo "Initials: " & objUser.initials
WScript.Echo "Last name: " & objUser.sn
WScript.Echo "Display name: " & objUser.displayName
WScript.Echo "Description: " & objUser.description
WScript.Echo "Office: " & objUser.physicalDeliveryOfficeName
WScript.Echo "Telephone number: " & objUser.telephoneNumber
WScript.Echo "Other Telephone numbers: " & objUser.otherTelephone
WScript.Echo "Email: " & objUser.mail
WScript.Echo "Web page: " & objUser.wWWHomePage
WScript.Echo "Other Web pages: " & objUser.url
Most Valuable Expert 2012
Top Expert 2014
Commented:
OK great, so now you can see how the distinguished name needs to be passed.  However, for searching, you need to use the provider I spoke of earlier, so this code should do that for you.

Dim objUser

searchDN   = "DC=sptyres,DC=com,DC=au"
userid     = InputBox("Enter user id","User ID")
ldapFilter = "(&(sAMAccountName=" & userid & "))"

strBase = "<LDAP://" & searchDN & ">"
' Setup ADO objects.
Set adoCommand = CreateObject("ADODB.Command")
Set ADOConnection = CreateObject("ADODB.Connection")
Set rsADUsers = CreateObject("ADODB.Recordset")
ADOConnection.Provider = "ADsDSOObject"
ADOConnection.Open "Active Directory Provider"
ADOConnection.CursorLocation = 3
adoCommand.ActiveConnection = ADOConnection

' Comma delimited list of attribute values to retrieve.
strAttributes = "distinguishedName"

' Construct the LDAP syntax query.
strQuery = strBase & ";" & ldapFilter & ";" & strAttributes & ";subtree"
WScript.Echo strQuery
adoCommand.CommandText = strQuery
' Define the maximum records to return
adoCommand.Properties("Page Size") = 100
adoCommand.Properties("Timeout") = 30
adoCommand.Properties("Cache Results") = False

' Run the query.
Set rsADUsers = adoCommand.Execute

While Not rsADUsers.EOF
	Set objuser = GetObject("LDAP://" & rsADUsers("distinguishedName"))
	
	WScript.Echo "DN: " & objUser.distinguishedName
	WScript.Echo ""
	WScript.Echo "GENERAL"
	WScript.Echo "First name: " & objUser.givenName
	WScript.Echo "Initials: " & objUser.initials
	WScript.Echo "Last name: " & objUser.sn
	WScript.Echo "Display name: " & objUser.displayName
	WScript.Echo "Description: " & objUser.description
	WScript.Echo "Office: " & objUser.physicalDeliveryOfficeName
	WScript.Echo "Telephone number: " & objUser.telephoneNumber
	WScript.Echo "Other Telephone numbers: " & objUser.otherTelephone
	WScript.Echo "Email: " & objUser.mail
	WScript.Echo "Web page: " & objUser.wWWHomePage
	WScript.Echo "Other Web pages: " & objUser.url
	
	rsADUsers.MoveNext
Wend

Open in new window


Note that I have removed the server specification, so we're using a serverless bind.

Regards,

Rob.

Author

Commented:
Perfect Rob. It all makes sense now. Thanks a lot
Most Valuable Expert 2012
Top Expert 2014

Commented:
No problem. Thanks for the grade.

Do more with

Expert Office
Submit tech questions to Ask the Experts™ at any time to receive solutions, advice, and new ideas from leading industry professionals.

Start 7-Day Free Trial