Tek-Tips is the largest IT community on the Internet today!

Members share and learn making Tek-Tips Forums the best source of peer-reviewed technical information on the Internet!

  • Congratulations strongm on being selected by the Tek-Tips community for having the most helpful posts in the forums last week. Way to Go!

Get information on all user accounts 1

Status
Not open for further replies.

Shift838

IS-IT--Management
Jan 27, 2003
987
US
I am wondering if there is a way to query Active Directory for all users accounts to find out which ones have the "Allow Login through Terminal Services" option enabled.
 
Of course, vbscript....

Code:
'==========================================================================
'
' NAME: ListTSAllowed.vbs
'
' AUTHOR: Mark D. MacLachlan , The Spider's Parlor
' URL: [URL unfurl="true"]http://www.thespidersparlor.com[/URL]
' DATE  : 6/8/2007
' COPYRIGHT (c) 2007 All Rights Reserved
'
' COMMENT: 
'
'    THIS CODE AND INFORMATION IS PROVIDED "AS IS" WITHOUT WARRANTY OF
'    ANY KIND, EITHER EXPRESSED OR IMPLIED, INCLUDING BUT NOT LIMITED To
'    THE IMPLIED WARRANTIES OF MERCHANTABILITY AND/OR FITNESS FOR A
'    PARTICULAR PURPOSE.
'
'    IN NO EVENT SHALL THE SPIDER'S PARLOR AND/OR ITS RESPECTIVE SUPPLIERS 
'    BE LIABLE FOR ANY SPECIAL, INDIRECT OR CONSEQUENTIAL DAMAGES OR ANY
'    DAMAGES WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS,
'    WHETHER IN AN ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS
'    ACTION, ARISING OUT OF OR IN CONNECTION WITH THE USE OR PERFORMANCE
'    OF THIS CODE OR INFORMATION.
'
'==========================================================================
On Error Resume Next
Dim oQuery ' holds query to execute
Dim objConnection ' makes connection to active directory
Dim objCommand ' the command executes the query
Dim objRecordSet ' holds the data returned from the query
Dim oRootDSE
Dim oShell
Set oShell = CreateObject("Wscript.Shell")

forceUseCScript

Sub forceUseCScript()
   If Not WScript.FullName = WScript.Path & "\cscript.exe" Then
      oShell.Popup "Launched using wscript. Relaunching...",3,"WSCRIPT"
      oShell.Run "cmd.exe /k " & WScript.Path & "\cscript.exe //NOLOGO " & Chr(34) & WScript.scriptFullName & Chr(34),1,False
      WScript.Quit 0
   End If
End Sub 

Set oRootDSE = GetObject("LDAP://rootDSE")
oDomain = oRootDSE.get("defaultNamingContext") 
oQuery = "<LDAP://" & oDomain & ">;(objectCategory=User);name,distinguishedName;subtree"
Set objConnection = CreateObject("ADODB.Connection")
objConnection.Open "Provider=ADsDSOObject;"

Set objCommand = CreateObject("ADODB.Command")
objCommand.ActiveConnection = objConnection

objCommand.CommandText = oQuery
  
Set objRecordSet = objCommand.Execute

While Not objRecordSet.EOF
    userDN = objRecordSet.Fields("distinguishedName")
    Set objUser = GetObject("LDAP://" & userDN)
    padding = Space(35 - Len(objRecordSet.Fields("name")))
    objUser.GetInfo    
    If objUser.AllowLogon = 1 Then
		WScript.Echo "User:" & objRecordSet.Fields("name") & padding & "Allow Logon Via Terminal Services: Yes"
	Else
		WScript.Echo "User:" & objRecordSet.Fields("name") & padding & "Allow Logon Via Terminal Services: No"
	End If

    objRecordSet.MoveNext
Wend

objConnection.Close

I hope you find this post helpful.

Regards,

Mark

Check out my scripting solutions at
Work SMARTER not HARDER. The Spider's Parlor's Admin Script Pack is a collection of Administrative scripts designed to make IT Administration easier! Save time, get more work done, get the Admin Script Pack.
 
this works to a point. We have various users within various differnet OU's within our domain. This only pulled 236 users, and I know we have well more than that with terminal services enabled..
 
Since the query is using subtree it should be reporting all users under the root domain.

How many users in total do you have? Windows 2000 has a page limit of 1000 objects and Windows 2003 has a default of 1500. So you may need to insert a page limit to the query so it can go beyond those limits.

Insert the following line:
objCommand.Properties("Page Size") = 100

After the line:
objCommand.ActiveConnection = objConnection



I hope you find this post helpful.

Regards,

Mark

Check out my scripting solutions at
Work SMARTER not HARDER. The Spider's Parlor's Admin Script Pack is a collection of Administrative scripts designed to make IT Administration easier! Save time, get more work done, get the Admin Script Pack.
 
we have over 5000 users. will this page size be adequate?
 
Yes, that says read 100 records at a time until it reaches the end.

I hope you find this post helpful.

Regards,

Mark

Check out my scripting solutions at
Work SMARTER not HARDER. The Spider's Parlor's Admin Script Pack is a collection of Administrative scripts designed to make IT Administration easier! Save time, get more work done, get the Admin Script Pack.
 
Mark... you need to get MVP status, if not from Microsoft, from Tek-Tips.. I swear.. Even if I dont benefit from this particular post, thanks for all your relevant responses.
 
Thnaks Cstorms. Appreciate the sentiment.

I hope you find this post helpful.

Regards,

Mark

Check out my scripting solutions at
Work SMARTER not HARDER. The Spider's Parlor's Admin Script Pack is a collection of Administrative scripts designed to make IT Administration easier! Save time, get more work done, get the Admin Script Pack.
 
I ended up modfying it just a bit to port it to a text file so I can import it easily into an excel spreadsheet. but all in all your code is great. THANKS..

here is what I did :

'==========================================================================
'
' NAME: ListTSAllowed.vbs
'
' AUTHOR: Mark D. MacLachlan , The Spider's Parlor
' URL: ' DATE : 6/8/2007
' COPYRIGHT (c) 2007 All Rights Reserved
'
' COMMENT:
'
' THIS CODE AND INFORMATION IS PROVIDED "AS IS" WITHOUT WARRANTY OF
' ANY KIND, EITHER EXPRESSED OR IMPLIED, INCLUDING BUT NOT LIMITED To
' THE IMPLIED WARRANTIES OF MERCHANTABILITY AND/OR FITNESS FOR A
' PARTICULAR PURPOSE.
'
' IN NO EVENT SHALL THE SPIDER'S PARLOR AND/OR ITS RESPECTIVE SUPPLIERS
' BE LIABLE FOR ANY SPECIAL, INDIRECT OR CONSEQUENTIAL DAMAGES OR ANY
' DAMAGES WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS,
' WHETHER IN AN ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS
' ACTION, ARISING OUT OF OR IN CONNECTION WITH THE USE OR PERFORMANCE
' OF THIS CODE OR INFORMATION.
'
'==========================================================================
On Error Resume Next
Dim oQuery ' holds query to execute
Dim objConnection ' makes connection to active directory
Dim objCommand ' the command executes the query
Dim objRecordSet ' holds the data returned from the query
Dim oRootDSE
Dim oShell
Set oShell = CreateObject("Wscript.Shell")

forceUseCScript

Sub forceUseCScript()
If Not WScript.FullName = WScript.Path & "\cscript.exe" Then
oShell.Popup "Launched using wscript. Relaunching...",3,"WSCRIPT"
oShell.Run "cmd.exe /k " & WScript.Path & "\cscript.exe //NOLOGO " & Chr(34) & WScript.scriptFullName & Chr(34),1,False
WScript.Quit 0
End If
End Sub

Set oRootDSE = GetObject("LDAP://rootDSE")
oDomain = oRootDSE.get("defaultNamingContext")
oQuery = "<LDAP://" & oDomain & ">;(objectCategory=User);name,distinguishedName;subtree"
Set objConnection = CreateObject("ADODB.Connection")
objConnection.Open "Provider=ADsDSOObject;"

Set objCommand = CreateObject("ADODB.Command")
objCommand.ActiveConnection = objConnection

objCommand.Properties("Page Size") = 100

objCommand.CommandText = oQuery

Set objRecordSet = objCommand.Execute

WScript.Echo "Scanning Active Directory...Please Wait..."

While Not objRecordSet.EOF
userDN = objRecordSet.Fields("distinguishedName")
Set objUser = GetObject("LDAP://" & userDN)
padding = Space(35 - Len(objRecordSet.Fields("name")))
objUser.GetInfo
If objUser.AllowLogon = 1 Then
On Error Resume Next

Dim fsoObject, open_File, target_File
Set fsoObject = WScript.CreateObject("Scripting.FileSystemObject")

target_File = "C:\localdocs\scripts\TSE_DUMP.txt"
Open_My_File()

open_File.WriteLine objRecordSet.Fields("name") & ";" & "Allow Logon Via Terminal Services: Yes"
Else
open_File.WriteLine objRecordSet.Fields("name") & ";" & "Allow Logon Via Terminal Services: No"
End If

objRecordSet.MoveNext
Wend

objConnection.Close

WScript.Echo
WScript.Echo "Dump Completed! - Dumpfile Location: " & target_file
WScript.Echo
WScript.Echo "For Easy viewing, import into excel with the ';' as a seperator."

Function Open_My_File()

If (fsoObject.FileExists(target_File)) Then
Set open_File = fsoObject.OpenTextFile(target_File, 8)
Else
Set open_File = fsoObject.OpenTextFile(target_File, 2, "True")
End If

End Function
' ***************************************************************

' ***************************************************************
' ### This function closes a file ###

Function Close_My_File()

open_File.Close()

End Function
 
Status
Not open for further replies.

Part and Inventory Search

Sponsor

Back
Top