Solved

Retrieve GUID on all users in Active Directory

Posted on 2014-11-03
2
124 Views
Last Modified: 2015-02-19
Hello,
I currently pull a list of all the Active Directory users on the network.  
What I need now is their GUID.  
The GUID is the same for every user.  So I don't think it's correct.  

Here's the code.
Dim userEntry As DirectoryEntry
userEntry = New DirectoryEntry("LDAP://nicb.org/CN=Users")

Dim ADEntry As New System.DirectoryServices.DirectoryEntry("WinNT://xxx.org")

For Each userEntry In ADEntry.Children
    Dim thisGuid As String
    Dim oGuid As Guid

    If userEntry.SchemaClassName = "User" Then
      oGuid = userEntry.Guid
      thisGuid = oGuid.ToString
      Response.Write(userEntry.Properties("FullName").Value.ToString & " / " & userEntry.Name.ToString & " / " & thisGuid & "<br>")

    End If
Next

I'm using ASP.NET 4.0 VB web app.

JS
0
Comment
Question by:jshesek
2 Comments
 
LVL 70

Accepted Solution

by:
Chris Dent earned 500 total points
Comment Utility
Use the DirectorySearcher and request the objectGUID attribute.
Dim SearchRoot as New DirectoryEntry()
Dim Searcher As New DirectorySearcher(SearchRoot, "(&(objectClass=user)(objectCategory=person))")
' Searcher.PageSize = 1000
Searcher.PropertiesToLoad.Add("objectGUID")
Searcher.SizeLimit = 10

For Each Result As SearchResult In Searcher.FindAll()
  Dim GuidBytes() As Byte = Result.Properties("objectguid")(0)
  Dim objectGuid As New Guid(GuidBytes)
  
  Response.Write(objectGuid.ToString())
Next

Open in new window

Chris
0
 
LVL 1

Author Comment

by:jshesek
Comment Utility
Worked really well - Thanks
The code shows where you add in the different properties that you need into the Searcher.
Searcher.PropertiesToLoad.Add("objectGUID")
Searcher.PropertiesToLoad.Add("Name")  

Then you can pull the data out for use
Dim GuidBytes() As Byte = Result.Properties("objectguid")(0)
Dim thisUser As String = Result.Properties("Name")(0)
Dim objectGuid As New Guid(GuidBytes)
If (InStr(thisUser, ",") > 0) Then
      Response.Write(objectGuid.ToString() & " _  " & thisUser & "<br>")
End If

If you know of any good links, for better learning, on this, I'd appreciate it if you would share.
JS
0

Featured Post

Why You Should Analyze Threat Actor TTPs

After years of analyzing threat actor behavior, it’s become clear that at any given time there are specific tactics, techniques, and procedures (TTPs) that are particularly prevalent. By analyzing and understanding these TTPs, you can dramatically enhance your security program.

Join & Write a Comment

[b]Ok so now I will show you how to add a user name to the description at login. [/b] First connect to your DC (Domain Controller / Active Directory Server) SET PERMISSIONS FOR SCRIPT TO UPDATE COMPUTER DESCRIPTION TO USERNAME 1. Open Active …
Disabling the Directory Sync Service Account in Office 365 will stop directory synchronization from working.
This tutorial will walk an individual through the steps necessary to join and promote the first Windows Server 2012 domain controller into an Active Directory environment running on Windows Server 2008. Determine the location of the FSMO roles by lo…
This tutorial will walk an individual through the process of configuring their Windows Server 2012 domain controller to synchronize its time with a trusted, external resource. Use Google, Bing, or other preferred search engine to locate trusted NTP …

772 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

15 Experts available now in Live!

Get 1:1 Help Now