Searching Active Directory (VBScript)
If, like me, you have been left irritated by the search function in Active Directory Users and Computers simply not telling you WHERE a particular user or computer actually is, simply use this bit of code. It allows you to search through AD for users or computers and returns a list of what it finds and the FULL canonical name so you can actually find the damned thing.
You could of course expand this script to perform user modifications such as resetting passwords, without the need to use the AD MMC console.
Click the link to see the script.
|
1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55 56 57 58 59 60 61 62 63 64 65 66 67 68 69 70 71 72 73 74 |
'========================================================================== ' ' NAME: search_ad.vbs ' ' AUTHOR: Lewis Roberts ' ' COMMENT: Returns the full canonical name of an LDAP source if found in ' the Active Directory. You can search for anything that would ' be found in Active Directory. ' '========================================================================== On Error Resume Next ADSRoot = "DC=domain,DC=co,DC=uk" Const ADS_SCOPE_SUBTREE = 2 Set objConnection = CreateObject("ADODB.Connection") Set objCommand = CreateObject("ADODB.Command") objConnection.Provider = "ADsDSOObject" objConnection.Open "Active Directory Provider" Set objCommand.ActiveConnection = objConnection objCommand.Properties("Page Size") = 1000 objCommand.Properties("Searchscope") = ADS_SCOPE_SUBTREE objCommand.CommandText = _ "SELECT * FROM 'LDAP://" & ADSRoot & "' WHERE objectCategory='user' OR objectCategory='computer'" srchTrm = LCase(InputBox("Please enter your search term.", "Active Directory Search")) i = 0 If Len(srchTrm) < 4 or Instr(srchTrm, "=") Then WScript.Echo "Please enter a search term in excess of 3 characters. Don't use ""=""" WScript.Quit End If Set objRecordSet = objCommand.Execute objRecordSet.MoveFirst Do Until objRecordSet.EOF strADPath = LCase(objRecordSet.Fields("adsPath").Value) If InStr(strADPath, srchTrm) Then Set objUser = GetObject(objRecordSet.Fields("adsPath").Value) Select Case objUser.Class Case "user" strMsg = "Type: Person" & VbCrLf strMsg = strMsg & "Name: " & objUser.DisplayName & VbCrLf strMsg = strMsg & "Email: " & objUser.mail & VbCrLf strMsg = strMsg & "Telephone: " & objUser.telephoneNumber & VbCrLf strMsg = strMsg & "Department: " & objUser.department & VbCrLf strMsg = strMsg & "Title: " & objUser.title & VbCrLf Case "computer" strMsg = "Type: Computer" & VbCrLf strMsg = strMsg & "Name: " & objUser.Get("name") & VbCrLf strMsg = strMsg & "OS: " & objUser.operatingSystem & VbCrLf Case Else strMsg = "Unidentified" & VbCrLf End Select 'strMsg = strMsg & "LDAP: " & objUser.adsPath & VbCrLf objUser.GetInfoEx Array("canonicalName"), 0 strMsg = strMsg & "AD Path: " & objUser.canonicalName WScript.Echo strMsg & VbCrLf i = i + 1 End If objRecordSet.MoveNext Loop If Not i > 0 Then WScript.Echo "No results found." End If |
Line 35 should say
less than or equal to 3but because of the way the code commenter works I’ve had to alter it.Sorry about this folks!