Query Active Directory

I have this little script to extract some infos from the Avtive Directory. It comes up with an error messageon Line 9 : An Invalid dn syntax has been specified.

Please help . Thanks

'On Error Resume Next
Dim objUser

searchDN   = "DC=sptyres,DC=com, DC=AU"                            
serverName = "10.24.20.25"                              
userid     = InputBox("Enter user id","User ID")    
ldapFilter = "(sAMAccountName>=" + userid + ")"

Set objuser = GetObject("LDAP://" & serverName & "/" & searchDN & ">;" & ldapFilter)

WScript.Echo "DN: " & objUser.distinguishedName
WScript.Echo ""
WScript.Echo "GENERAL"
WScript.Echo "First name: " & objUser.givenName
WScript.Echo "Initials: " & objUser.initials
WScript.Echo "Last name: " & objUser.sn
WScript.Echo "Display name: " & objUser.displayName
WScript.Echo "Description: " & objUser.description
WScript.Echo "Office: " & objUser.physicalDeliveryOfficeName
WScript.Echo "Telephone number: " & objUser.telephoneNumber
WScript.Echo "Other Telephone numbers: " & objUser.otherTelephone
WScript.Echo "Email: " & objUser.mail
WScript.Echo "Web page: " & objUser.wWWHomePage
WScript.Echo "Other Web pages: " & objUser.url
Bianchi928Asked:
Who is Participating?

[Product update] Infrastructure Analysis Tool is now available with Business Accounts.Learn More

x
I wear a lot of hats...

"The solutions and answers provided on Experts Exchange have been extremely helpful to me over the last few years. I wear a lot of hats - Developer, Database Administrator, Help Desk, etc., so I know a lot of things but not a lot about one thing. Experts Exchange gives me answers from people who do know a lot about one thing, in a easy to use platform." -Todd S.

Ken ButtersCommented:
not sure if this is entire problem but:

ldapFilter = "(sAMAccountName>=" + userid + ")"

Concatenate strings is with "&" not "+"

So should be :
ldapFilter = "(sAMAccountName>=" & userid & ")"
0
Bianchi928Author Commented:
Nope..Still the same problem
0
Ken ButtersCommented:
Looking at this line:

Set objuser = GetObject("LDAP://" & serverName & "/" & searchDN & ">;" & ldapFilter)

Open in new window


*** Updated comment

Thinking the ">" is meant to be a comma.


Set objuser = GetObject("LDAP://" & serverName & "/" & searchDN & "," & ldapFilter)

Open in new window

0
OWASP: Forgery and Phishing

Learn the techniques to avoid forgery and phishing attacks and the types of attacks an application or network may face.

Bianchi928Author Commented:
I did the change and it comes up with the following error message.

Error 0x80005000

Regards
0
Ken ButtersCommented:
Can you post updated code?
0
Bianchi928Author Commented:
Sorry..don't wory about the 0x80005000.

It's still showing : An Invalid dn syntax has been specified.

'On Error Resume Next
Dim objUser

searchDN   = "DC=sptyres,DC=com, DC=AU"                            
serverName = "10.24.20.25"                              
userid     = InputBox("Enter user id","User ID")    
ldapFilter = "(sAMAccountName>=" & userid & ")"

Set objuser = GetObject("LDAP://" & serverName & "/" & searchDN & "," & ldapFilter)

WScript.Echo "DN: " & objUser.distinguishedName
WScript.Echo ""
WScript.Echo "GENERAL"
0
RobSampsonCommented:
Hi, your code is not performing a search.  The LDAP Filter you are trying to use is intended for use with the ADsDSOObject provider.  To use what you have with a GetObject call, you need only
Set objUser = GetObject("LDAP://CN=Your User,OU=SomeOU,DC=domain,DC=com")

To perform your search using the provider, you will need code like this:
Dim objUser

searchDN   = "DC=sptyres,DC=com,DC=AU"
serverName = "10.24.20.25"
userid     = InputBox("Enter user id","User ID")
ldapFilter = "(&(sAMAccountName=" + userid + "))"

strBase = "<LDAP://" & servername & "/" & searchDN & ">"
' Setup ADO objects.
Set adoCommand = CreateObject("ADODB.Command")
Set ADOConnection = CreateObject("ADODB.Connection")
Set rsADUsers = CreateObject("ADODB.Recordset")
ADOConnection.Provider = "ADsDSOObject"
ADOConnection.Open "Active Directory Provider"
ADOConnection.CursorLocation = 3
adoCommand.ActiveConnection = ADOConnection

' Comma delimited list of attribute values to retrieve.
strAttributes = "distinguishedName"

' Construct the LDAP syntax query.
strQuery = strBase & ";" & strFilter & ";" & strAttributes & ";subtree"
adoCommand.CommandText = strQuery
' Define the maximum records to return
adoCommand.Properties("Page Size") = 100
adoCommand.Properties("Timeout") = 30
adoCommand.Properties("Cache Results") = False

' Run the query.
Set rsADUsers = adoCommand.Execute

While Not rsADUsers.EOF
	Set objuser = GetObject("LDAP://" & rsADUsers("distinguishedName"))
	
	WScript.Echo "DN: " & objUser.distinguishedName
	WScript.Echo ""
	WScript.Echo "GENERAL"
	WScript.Echo "First name: " & objUser.givenName
	WScript.Echo "Initials: " & objUser.initials
	WScript.Echo "Last name: " & objUser.sn
	WScript.Echo "Display name: " & objUser.displayName
	WScript.Echo "Description: " & objUser.description
	WScript.Echo "Office: " & objUser.physicalDeliveryOfficeName
	WScript.Echo "Telephone number: " & objUser.telephoneNumber
	WScript.Echo "Other Telephone numbers: " & objUser.otherTelephone
	WScript.Echo "Email: " & objUser.mail
	WScript.Echo "Web page: " & objUser.wWWHomePage
	WScript.Echo "Other Web pages: " & objUser.url
	
	rsADUsers.MoveNext
Wend

Open in new window


Regards,

Rob.
0
Bianchi928Author Commented:
Hi Rob,

Thanks for helping

I've modified mine and I'm gettign an error

There is no such object on the server. I'm not too familiar with LDAP. I might have the wrong info for CN , OU

The userid is cis0794 and the domain is sptyres.com.au

I'll talk to you about using a provider later.


'On Error Resume Next
Dim objUser

'searchDN   = "DC=sptyres,DC=com, DC=AU"                            
'serverName = "10.24.20.25"                              
'userid     = InputBox("Enter user id","User ID")    
'ldapFilter = "(sAMAccountName>=" & userid & ")"

Set objUser = GetObject("LDAP://CN=cis0794,OU=users,DC=sptyres,DC=com,DC=au")

WScript.Echo "DN: " & objUser.distinguishedName
0
RobSampsonCommented:
If it's the default Users container, it will need to be CN=Users, instead of OU=Users,

Rob.
0
Bianchi928Author Commented:
I'm a bit lost here. Where do I pass in the userid parameter. I only want to get the details for  a specific user
0
RobSampsonCommented:
OK, so from your original script, all you should need is this
Dim objUser

Set objuser = GetObject("LDAP://CN=cis0794,CN=users,DC=sptyres,DC=com,DC=au")

WScript.Echo "DN: " & objUser.distinguishedName
WScript.Echo ""
WScript.Echo "GENERAL"
WScript.Echo "First name: " & objUser.givenName
WScript.Echo "Initials: " & objUser.initials
WScript.Echo "Last name: " & objUser.sn
WScript.Echo "Display name: " & objUser.displayName
WScript.Echo "Description: " & objUser.description
WScript.Echo "Office: " & objUser.physicalDeliveryOfficeName
WScript.Echo "Telephone number: " & objUser.telephoneNumber
WScript.Echo "Other Telephone numbers: " & objUser.otherTelephone
WScript.Echo "Email: " & objUser.mail
WScript.Echo "Web page: " & objUser.wWWHomePage
WScript.Echo "Other Web pages: " & objUser.url 

Open in new window


Regards,

Rob.
0
Bianchi928Author Commented:
OPkay..I tested tthis last script from you and I'm getting

There is no such object on the server on LIne 3
0
RobSampsonCommented:
OK, so we can get the distinguished name of the user by logging in as that user, then running this code:
Set objADSysInfo = CreateObject("ADSystemInfo")
Set objUser = GetObject("LDAP://" & objADSysInfo.UserName)
WScript.Echo objUser.distinguishedName

Open in new window


Then you can plug that distringuished name into the main script, and it should bind to the object.

Regards,

Rob.
0
Bianchi928Author Commented:
Okay..we're getting there .. I have modified the script to down below and it works fine.
But If I want to prompt a user name or id , how do I go about it . Because I might have to run it for any selected user from my computer.

Set objADSysInfo = CreateObject("ADSystemInfo")
Set objUser = GetObject("LDAP://" & objADSysInfo.UserName)
WScript.Echo objUser.distinguishedName

Dim objUser

Set objuser = GetObject("LDAP://CN=Christian Requin,OU=user,OU=Windows 7,DC=sptyres,DC=com,DC=au")

WScript.Echo "DN: " & objUser.distinguishedName
WScript.Echo ""
WScript.Echo "GENERAL"
WScript.Echo "First name: " & objUser.givenName
WScript.Echo "Initials: " & objUser.initials
WScript.Echo "Last name: " & objUser.sn
WScript.Echo "Display name: " & objUser.displayName
WScript.Echo "Description: " & objUser.description
WScript.Echo "Office: " & objUser.physicalDeliveryOfficeName
WScript.Echo "Telephone number: " & objUser.telephoneNumber
WScript.Echo "Other Telephone numbers: " & objUser.otherTelephone
WScript.Echo "Email: " & objUser.mail
WScript.Echo "Web page: " & objUser.wWWHomePage
WScript.Echo "Other Web pages: " & objUser.url
0
RobSampsonCommented:
OK great, so now you can see how the distinguished name needs to be passed.  However, for searching, you need to use the provider I spoke of earlier, so this code should do that for you.

Dim objUser

searchDN   = "DC=sptyres,DC=com,DC=au"
userid     = InputBox("Enter user id","User ID")
ldapFilter = "(&(sAMAccountName=" & userid & "))"

strBase = "<LDAP://" & searchDN & ">"
' Setup ADO objects.
Set adoCommand = CreateObject("ADODB.Command")
Set ADOConnection = CreateObject("ADODB.Connection")
Set rsADUsers = CreateObject("ADODB.Recordset")
ADOConnection.Provider = "ADsDSOObject"
ADOConnection.Open "Active Directory Provider"
ADOConnection.CursorLocation = 3
adoCommand.ActiveConnection = ADOConnection

' Comma delimited list of attribute values to retrieve.
strAttributes = "distinguishedName"

' Construct the LDAP syntax query.
strQuery = strBase & ";" & ldapFilter & ";" & strAttributes & ";subtree"
WScript.Echo strQuery
adoCommand.CommandText = strQuery
' Define the maximum records to return
adoCommand.Properties("Page Size") = 100
adoCommand.Properties("Timeout") = 30
adoCommand.Properties("Cache Results") = False

' Run the query.
Set rsADUsers = adoCommand.Execute

While Not rsADUsers.EOF
	Set objuser = GetObject("LDAP://" & rsADUsers("distinguishedName"))
	
	WScript.Echo "DN: " & objUser.distinguishedName
	WScript.Echo ""
	WScript.Echo "GENERAL"
	WScript.Echo "First name: " & objUser.givenName
	WScript.Echo "Initials: " & objUser.initials
	WScript.Echo "Last name: " & objUser.sn
	WScript.Echo "Display name: " & objUser.displayName
	WScript.Echo "Description: " & objUser.description
	WScript.Echo "Office: " & objUser.physicalDeliveryOfficeName
	WScript.Echo "Telephone number: " & objUser.telephoneNumber
	WScript.Echo "Other Telephone numbers: " & objUser.otherTelephone
	WScript.Echo "Email: " & objUser.mail
	WScript.Echo "Web page: " & objUser.wWWHomePage
	WScript.Echo "Other Web pages: " & objUser.url
	
	rsADUsers.MoveNext
Wend

Open in new window


Note that I have removed the server specification, so we're using a serverless bind.

Regards,

Rob.
0

Experts Exchange Solution brought to you by

Your issues matter to us.

Facing a tech roadblock? Get the help and guidance you need from experienced professionals who care. Ask your question anytime, anywhere, with no hassle.

Start your 7-day free trial
Bianchi928Author Commented:
Perfect Rob. It all makes sense now. Thanks a lot
0
RobSampsonCommented:
No problem. Thanks for the grade.
0
It's more than this solution.Get answers and train to solve all your tech problems - anytime, anywhere.Try it for free Edge Out The Competitionfor your dream job with proven skills and certifications.Get started today Stand Outas the employee with proven skills.Start learning today for free Move Your Career Forwardwith certification training in the latest technologies.Start your trial today
VB Script

From novice to tech pro — start learning today.