LDAP query. exchange d.l.

[helpeach0ther31]

Hi,

I have a request from my boss but its a hard one. I dont know lDAP too well, but i think there is a way i can do this. Can anyone please please help me. I would greatly apriciate it.

Request
we need a list of all Exchange Distribution lists where there is one or more xyz employee(s) (someone with username@xyz.com as an e-mail address) that is a member of the list.

 

[ShackDaddy]

If this were a job given to me, I would use a query to dump all objects with email addresses to a text file and I would then just use "find" or "grep" on that file to get the information I wanted.

This would be easy on Exchange 2007 or Exchange 2010 with powershell, but not on Exchange 2003.

Here's a script I use to dump all email addresses on Exchange 2003. It dumps the addresses with good labels, so it will be easy to see the members of each distribution group.

'Set up constant for deleting values from multivalued attribute memberOf

Const ADS_PROPERTY_NOT_FOUND  = &h8000500D
Const ADS_UF_ACCOUNTDISABLE = 2                       'For UserAccountControl
Const strX400Search = "X400"
'______________________________________________________

'Set RootDSE
Set objRootDSE = GetObject("LDAP://rootDSE")
strDomain = objRootDSE.Get("defaultNamingContext")
strADPath = "LDAP://" & strDomain
'wscript.Echo strADPath
Set objDomain = GetObject(strADPath)
'wscript.echo "objDomain: " & objDomain.distinguishedName

'Setup ADODB connection
Set objConnection = CreateObject("ADODB.Connection")
objConnection.Open "Provider=ADsDSOObject;"
Set objCommand = CreateObject("ADODB.Command")
objCommand.ActiveConnection = objConnection

'Start procedure
        
strResult = strResult & VbCrLf & "Domain: " & strDomain & VbCrLf
    
'******************************************************
'Execute search command to look for Contacts
    objCommand.CommandText = _
      "<" & strADPath & ">" & ";(&(objectClass=contact)(mail=*))" & ";distinguishedName,displayName,mail,proxyAddresses;subtree"

    'Execute search to get Recordset
    Set objRecordSet = objCommand.Execute

    strResult = strResult & vbCrlf &  "##############################################################Contacts"    
    strResult = strResult & VbCrlf &  "#Total Mail Enabled Contacts Found: " & objRecordSet.RecordCount & VbCrlf
    AddressCount = 0

       While Not objRecordSet.EOF 'Iterate through the search results
 
            strUserDN = objRecordSet.Fields("distinguishedName")     'Get User's distinguished name from Recordset into a string
            
           On Error Resume Next 
            
            set objUser= GetObject("LDAP://"& Replace(strUserDN, "/", "\/") & "")         'Use string to bind to user object
           
           If err.Number = 0 Then 


                       strResult = strResult & VbCrlf &  "cn: " & objUser.cn
                       strResult = strResult & VbCrlf &  "mail: " & objUser.mail
                       arrProxyAddresses = objRecordSet.Fields("proxyAddresses")
                       If IsArray(objRecordSet.Fields("proxyAddresses")) Then
                       strResult = strResult & VbCrLf & "Proxy Addresses" 
               
                          For Each ProxyAddress in arrProxyAddresses
                          
                            'Sub: Check X400 
                             If InStr(ProxyAddress, strX400Search) <> 0 Then 
                        		'Wscript.Echo "#This was an x400"
                    		 Else
                                     strResult = strResult & VbCrlf &  proxyAddress
                              End If   'Ends loop for X400 address
                Next

            Else
                strResult = strResult & VbCrlf &  "#Object does not have proxy addresses"
            End If
                strResult = strResult &  VbCrLf

     Else
          strErrorResult = strErrorResult & "Contact ERROR: " & strUserDN & vbCrLF
     End If
     
     On Error GoTo 0
     
     objRecordSet.MoveNext
Wend

'******************************************************
'Execute search command to look for Groups
    objCommand.CommandText = _
      "<" & strADPath & ">" & ";(&(objectClass=group)(mail=*))" & ";distinguishedName,displayName,mail,proxyAddresses;subtree"

    'Execute search to get Recordset
    Set objRecordSet = objCommand.Execute

    strResult = strResult & vbCrlf &  "################################################################Groups"        
    strResult = strResult & VbCrlf &  "#Total Mail Enabled Groups Found: " & objRecordSet.RecordCount & VbCrlf
    AddressCount = 0

       While Not objRecordSet.EOF 'Iterate through the search results
 
            strUserDN = objRecordSet.Fields("distinguishedName")     'Get User's distinguished name from Recordset into a string
            
           On Error Resume Next
            
            set objUser= GetObject("LDAP://"& Replace(strUserDN, "/", "\/") & "")         'Use string to bind to user object
            
           If err.Number = 0 Then 


                       strResult = strResult & VbCrlf &  "cn: " & objUser.cn
                       strResult = strResult & VbCrlf &  "mail: " & objUser.mail
                       arrProxyAddresses = objRecordSet.Fields("proxyAddresses")
                       If IsArray(objRecordSet.Fields("proxyAddresses")) Then
                       strResult = strResult & VbCrLf & "Proxy Addresses" 
               
                          For Each ProxyAddress in arrProxyAddresses
                          
                            'Sub: Check X400 
                             If InStr(ProxyAddress, strX400Search) <> 0 Then 
                        		'Wscript.Echo "#This was an x400"
                    		 Else
                                     strResult = strResult & VbCrlf &  proxyAddress
                              End If   'Ends loop for X400 address
                Next

            Else
                strResult = strResult & VbCrlf &  "#Object does not have proxy addresses"
            End If
                strResult = strResult &  VbCrLf

     Else
          strErrorResult = strErrorResult & "Group ERROR: " & strUserDN & vbCrLF
     End If
     
     On Error GoTo 0
     
     objRecordSet.MoveNext
Wend

'******************************************************
'Execute search command to look for Public Folders
    objCommand.CommandText = _
      "<" & strADPath & ">" & ";(&(objectClass=publicfolder)(mail=*))" & ";distinguishedName,displayName,mail,proxyAddresses;subtree"

    'Execute search to get Recordset
    Set objRecordSet = objCommand.Execute

    strResult = strResult & vbCrlf &  "#########################################################Public Folders"
    strResult = strResult & VbCrlf &  "#Total Mail Enabled Public Folders Found (Includes System Folders!): " & objRecordSet.RecordCount & VbCrlf
    AddressCount = 0

       While Not objRecordSet.EOF 'Iterate through the search results
            strUserDN = objRecordSet.Fields("distinguishedName")     'Get User's distinguished name from Recordset into a string
            
           On Error Resume Next
            
            set objUser= GetObject("LDAP://"& Replace(strUserDN, "/", "\/") & "")         'Use string to bind to user object
            
           If err.Number = 0 Then

 
                       strResult = strResult & VbCrlf &  "cn: " & objUser.cn
                       strResult = strResult & VbCrlf &  "mail: " & objUser.mail
                       arrProxyAddresses = objRecordSet.Fields("proxyAddresses")
                       If IsArray(objRecordSet.Fields("proxyAddresses")) Then
                       strResult = strResult & VbCrLf & "Proxy Addresses" 
                          
                          For Each ProxyAddress in arrProxyAddresses
                            'Sub: Check X400
                             If InStr(ProxyAddress, strX400Search) <> 0 Then 
                        		'Wscript.Echo "#This was an x400"
                    		 Else
                        		 strResult = strResult & VbCrlf &  proxyAddress
                                 AddressCount = AddressCount + 1
                              End If   'Ends loop for X400 address
                          Next
                              Else
                                  strResult = strResult & VbCrLf &  "#Object does not have proxy addresses"
                          End If
                              strResult = strResult &  VbCrLf
                
     Else
          strErrorResult = strErrorResult & "Public Folder ERROR: " & strUserDN & vbCrLF
     End If
     
     On Error GoTo 0
     
     objRecordSet.MoveNext 
Wend

'*************************************
'Execute search command to look for Users
varDisabledCounter = 0                  

'Execute search command to look for user
    objCommand.CommandText = _
      "<" & strADPath & ">" & ";(&(objectClass=user)(mail=*))" & ";distinguishedName,displayName,mail,proxyAddresses;subtree"

    'Execute search to get Recordset
    Set objRecordSet = objCommand.Execute
    
    strResult = strResult & vbCrlf &  "#################################################################Users"
    strResult = strResult & VbCrlf &  "#Total Mail Enabled Users Found: " & objRecordSet.RecordCount & VbCrlf
    AddressCount = 0


       While Not objRecordSet.EOF 'Iterate through the search results
            strUserDN = objRecordSet.Fields("distinguishedName")     'Get User's distinguished name from Recordset into a string
            
           On Error Resume Next
            
            set objUser= GetObject("LDAP://"& Replace(strUserDN, "/", "\/") & "")         'Use string to bind to user object
            
           If err.Number = 0 Then
            

            If objUser.AccountDisabled = TRUE Then                    'If User account disabled, then skip proxy address enum
               varDisabledCounter = varDisabledCounter + 1
               strResult2 = strResult2 & VbCrLf & varDisabledCounter & " " & objUser.displayName & VbCrLf
               
               strResult2 = strResult2 & "cn: " & objUser.cn
                       strResult2 = strResult2 & VbCrlf &  "mail: " & objUser.mail
                       arrProxyAddresses = objRecordSet.Fields("proxyAddresses")
                       If IsArray(objRecordSet.Fields("proxyAddresses")) Then
                       strResult2 = strResult2 & VbCrLf & "Proxy Addresses" 
                       
               
                          For Each ProxyAddress in arrProxyAddresses
                            'Sub: Check X400
                             If InStr(ProxyAddress, strX400Search) <> 0 Then 
                        		'Wscript.Echo "#This was an x400"
                    		 Else
                        		 strResult2 = strResult2 & VbCrlf &  proxyAddress
                                 AddressCount = AddressCount + 1
                              End If   'Ends loop for X400 address
                          Next
                              Else
                                  strResult2 = strResult2 & VbCrLf &  "#Object does not have proxy addresses"
                          End If
                              strResult2 = strResult2 &  VbCrLf
               
            Else
 
                        strResult = strResult & VbCrlf &  "cn: " & objUser.cn
                       strResult = strResult & VbCrlf &  "mail: " & objUser.mail
                       arrProxyAddresses = objRecordSet.Fields("proxyAddresses")
                       If IsArray(objRecordSet.Fields("proxyAddresses")) Then
                       strResult = strResult & VbCrLf & "Proxy Addresses" 
                          
                          For Each ProxyAddress in arrProxyAddresses
                            'Sub: Check X400
                             If InStr(ProxyAddress, strX400Search) <> 0 Then 
                        		'Wscript.Echo "#This was an x400"
                    		 Else
                        		 strResult = strResult & VbCrlf &  proxyAddress
                                 AddressCount = AddressCount + 1
                              End If   'Ends loop for X400 address
                          Next
                              Else
                                  strResult = strResult & VbCrLf &  "#Object does not have proxy addresses"
                          End If
                              strResult = strResult &  VbCrLf
                
          End If   'End check for disabled user 
     Else
          strErrorResult = strErrorResult & "User ERROR: " & strUserDN & vbCrLF
     End If
     
     On Error GoTo 0
     
     objRecordSet.MoveNext 
Wend

              
strResult = "SMTP Email Addresses for Contacts, Groups, Public Folders, & Users" & VbCrLf & "----------------------------------------------------------------------" & VbCrLf & strResult
strResult = strResult & VbCrLf & "########################################################Disabled Users" & VbCrLf & strResult2

If Len(strErrorResult) > 0 Then
'     WScript.Echo strErrorResult 
     strResult = strResult & vbCrLF & vbCrLF & "################################################################ERRORS" & vbCrLF
     strResult = strResult & "#The following object(s) had errors and could not be read:" & vbCrLF
     strResult = strResult & strErrorResult
End If


'Output to a text file
Set objFileSystem = CreateObject("Scripting.FileSystemObject")
Set objOutputFile = objFileSystem.CreateTextFile("C:\EmailAddresses.txt")
objOutputFile.Write strResult

Save it as a .vbs file and then run it like this:

cscript getaddresses.vbs

Dave Shackelford MVP
ThirdTier.net
TrainSignal.com

 

[helpeach0ther31]

Thank you for your help. What fields do i need to change so it corresponds to the specific search options? or email address?

 

[ShackDaddy]

Just run the script just like it is and look through the resulting text file.

Dave Shackelford MVP
ThirdTier.net
TrainSignal.com

 

[helpeach0ther31]

We have multiple domains and email addresses and i was asked to get only memebers that have xyz.com and are part of a D.L.

Example: Only D.L. that contain one or more users with xyz.com

Would this still work?

 

[helpeach0ther31]

This what i m asked to do.

D.L. abc
mike
tony

D.L. rrr
John
tom

 

[ShackDaddy]

The results of the script above separates each type of mail object into different sections, so there is a section that is just distribution groups. Copy that section out of the results and paste it in a new text file. Then start hacking the file to remove the groups that don't have your target users in them. It won't take as long as you've already taken looking for a concise script for this.

Dave Shackelford MVP
ThirdTier.net
TrainSignal.com