Script not returning any values

[elance]

I'm not a vbscript pro, actually even sub-novice. I've tried basically piecing together snippets of code to produce the desired result. This particular code is not producing any output when it seems it should. The file gets created, and it seems as if the script is "doing something", but the file is always empty.

I am trying to search through a given set of AD groups and list users that are not a member of any of those specific groups.

Here's the code I have:

Option Explicit 
Dim adoCommand, adoConnection, strBase, strFilter, strAttributes 
Dim strQuery, adoRecordset, strName, strDN 
dim objFSO
dim objStream
Set objFSO = createobject("scripting.filesystemobject")
Set objStream = objFSO.CreateTextFile("C:\test.txt", True)

' Setup ADO objects. 
Set adoCommand = CreateObject("ADODB.Command") 
Set adoConnection = CreateObject("ADODB.Connection") 
adoConnection.Provider = "ADsDSOObject" 
adoConnection.Open "Active Directory Provider" 
adoCommand.ActiveConnection = adoConnection 

' Search only the specified OU. 
strBase = "<LDAP://ou=desiredou,dc=domain,dc=com>" 

' Filter on user objects not members of Group1 or Group2. 
strFilter = "(&(objectCategory=person)(objectClass=user)" _ 
& "(!memberOf=cn=group1,ou=desiredou,dc=domain,dc=com)" _ 
& "(!memberOf=cn=group2,ou=desiredou,dc=domain,dc=com))" 

' Comma delimited list of attribute values to retrieve. 
strAttributes = "sAMAccountName,distinguishedName" 

' Construct the LDAP syntax query. 
strQuery = strBase & ";" & strFilter & ";" & strAttributes & ";subtree" 
adoCommand.CommandText = strQuery 
adoCommand.Properties("Page Size") = 1000 
adoCommand.Properties("Timeout") = 30 
adoCommand.Properties("Cache Results") = False 

' Run the query. 
Set adoRecordset = adoCommand.Execute 

' Enumerate the resulting recordset. 
Do Until adoRecordset.EOF 

' Retrieve values and display. 
strName = adoRecordset.Fields("sAMAccountName").Value 
strDN = adoRecordset.Fields("distinguishedName").value 
objStream.Writeline strName & ", " & strDN

' Move to the next record in the recordset. 
adoRecordset.MoveNext 
Loop 

' Clean up. 
adoRecordset.Close 
adoConnection.Close

 

[tsuji]

[1] If the script shown is not its entirety, I hope there is:
[tt] objStream.close[/tt]
somewhere below not shown.

[2] First limit the scope to one level (replacing "subtree" by "onelevel") see if it returns the data in time.

[3] If it does, comment out the properties("timeout") setting to test the behaviour.

 

[elance]

Doing the above as suggested doesn't change anything. The file is still empty.

 

[tsuji]

What does it show putting this after .open?
[tt] wscript.echo objConnection.state[/tt]

 

[elance]

If you mean echoing the adoConnection state, it says "1".

 

[tsuji]

[4] .state returns 1 is fine. Try the proper set up of activeconnection.
[tt]
[red]set[/red] adoCommand.ActiveConnection = adoConnection
[/tt]
[5] Then do all the trivial debugging of reduction of the filter to see if the return of result set is normal. Maybe there is none not in both groups?

 

[elance]

Ok, will try that, but that filter set should return a fairly large number of users. I have a list of 9 groups to filter (once I get the script working). Every user should be a member of at least one of the groups. The purpose here is to find users that are not a member of any of them so we can do a quick check and then ensure they get into one of the groups.