Pulling Fields from LDAP

[Guest]

Below is code that I have to loop through my Active Directory and pull out fields. I would like to pull what I believe is the NT telephone number (General Tab on AD). I know this is an ADSI pull, but am I on the right track? I have pieced this code from snippets around the net

Also, is there a good documentation reference, that I can purchase? I already use ADSI CDO from WROX. I think it has a lot of things missing.

Thanks, John

Set objDomain = GetObject("WinNT://xxxxxxx.ins"
objDomain.Filter = Array("User"
For Each objUser In objDomai
Wscript.Echo(lcase(objUser.Name) & " " & strInfo
CheckForUser(lcase(objUser.Name)
Nex

Sub CheckForUser(strUserName

dim Con
set Conn = CreateObject("ADODB.Connection"

Dim objConnection, objCommand, objRecordSe
Dim objRootDSE, objIte
Dim strAMAccountNam
Dim strInfo, strSplit, strAllowIn, strReport

Set objConnection = CreateObject("ADODB.Connection"
objConnection.Open "Provider=ADsDSOObject;
Set objCommand = CreateObject("ADODB.Command"
objCommand.ActiveConnection = objConnectio
objCommand.CommandText = "<LDAP://dc=xxxxxxx,dc=ins>;(&(objectCategory=User) (email=*)(samAccountName=" &strUserName& "));sAMAccountName,distinguishedName;subtree

Set objRecordSet = objCommand.Execut
Set objRootDSE = GetObject("LDAP://rootDSE")

strDN = objRecordSet.Fields("distinguishedName"

intFirstPos = InStr(1, strDN, "/")
intSecondPos = InStr(1, strDN, "!"
intThirdPos = InStr(1, strDN, "IUSER"

if intFirstPos = 0 and intSecondPos = 0 and intThirdPos = 0 the
' wscript.Echo("DN:" & objRecordSet.Fields("distinguishedName"))
Set objItem = GetObject("LDAP://" & objRecordSet.Fields("distinguishedName")

If objRecordset.RecordCount <> 0 The
strsAMAccountName = objItem.Get("sAMAccountName"
strName = objItem.displayNam

strInfo = "
strInfo = objItem.Inf

strTelephone = objItem.Telephon

strReports = "
if len(strInfo) > 0 the
strSplit = split(strInfo,"/"
strAllowIn = trim(strSplit(0)
if Ubound(strSplit)>0 the
strReports = trim(strSplit(1))
strReports = Replace(strReports, "'", "''"
end i
end if

wscript.Echo("Adding " &lcase(strsAMAccountName) & " " & strName & " " & objItem.email

End I
End I
End Sub

 

[Marin Marinov]

<snip>
Hi John,
You don't really need to write the LDAP queries yourself and manually
establish the connections - you can access all attributes as properties
of the user class. Check out this script that retrieves all the user's
telephones:

http://www.microsoft.com/technet/community/scriptcenter/user/scrug38.msp
x

Maybe you have already visited TechNet Script Center where you can find
tons of sample scripts, but just in case you didn't here is the link:
http://www.microsoft.com/technet/community/scriptcenter/user/default.msp
x

You can also take a look at ADSI Scriptomatic at:
http://www.microsoft.com/technet/community/scriptcenter/tools/admatic.ms
px

HTH
--
Cheers,
Marin Marinov
MCT, MCSE 2003/2000/NT4.0,
MCSE:Security 2003/2000, MCP+I
-
This posting is provided "AS IS" with no warranties, and confers no
rights.

 

[Marc Scheuner]

I would like to pull what I believe is the NT telephone number (General Tab on AD). I know this is an ADSI pull, but am I on the right track?

You could do it this way, yes - but if you want to phone number,
you'll have to specify it in the .CommandText !

Sub CheckForUser(strUserName)
objCommand.CommandText = "<LDAP://dc=xxxxxxx,dc=ins>;(&(objectCategory=User) (email=*)(samAccountName=" &strUserName& "));sAMAccountName,distinguishedName;subtree"

If you want the "phone", you have to add it to the list of attributes
to retrieve:

objCommand.CommandText = "<LDAP://dc=xxxxxxx,dc=ins>;(&(objectCategory=User) (email=*)(samAccountName=" &strUserName& "));sAMAccountName,distinguishedName,phone;subtree"

Then, once you have the user, you will need to access the phone
attribute like any other attribute you've been selecting:

If objRecordset.RecordCount <> 0 Then
strsAMAccountName = objItem.Get("sAMAccountName")
strTelephone = objItem.Get("phone")

Does this work?? (I'm not very fluent in VBScript.......)

Also, is there a good documentation reference, that I can purchase?

What are you looking for?? A general AD programming guide? A AD
scripting guide?

Here are some recommendations:

Robbie Allen - Active Directory Cookbook
http://www.amazon.com/exec/obidos/ASIN/0596004648/qid=1086242916
Contains a lot of "how to" scripts and information - very highly
recommended

Inside Active Directory: A System Administrator's Guide
by Sakari Kouti, Mika Seitsonen
http://www.amazon.com/exec/obidos/tg/detail/-/0201616211
General purpose book on AD, with quite some technical insight

Active Directory Programming
by Gil Kirkpatrick (Author)
http://www.amazon.com/exec/obidos/tg/detail/-/0672315874
Very detailed, real programming, excellent tutorial book

Windows NT/2000 ADSI Scripting for System Administration
by Thomas Eck (Author)
http://www.amazon.com/exec/obidos/tg/detail/-/1578702194
Scripting / sys-admin oriented book, excellent stuff in there, too

HTH
Marc
================================================================
Marc Scheuner May The Source Be With You!
Bern, Switzerland m.scheuner(at)inova.ch

 

[Guest]

This question maye slightly off topic but I didn't find another location to post. I'm trying to identify all users that belong to security group A. If yes, then move user to a specific OU. Could someone please help. I'd like to do this using ADSI.