Tek-Tips is the largest IT community on the Internet today!

Members share and learn making Tek-Tips Forums the best source of peer-reviewed technical information on the Internet!

Register Log in
  • Congratulations strongm on being selected by the Tek-Tips community for having the most helpful posts in the forums last week. Way to Go!

Search for a user name in Active Directory 2

Status
Not open for further replies.
alepore

alepore

MIS
Jun 25, 2001
27
US
I am new to scripting and would like some help please. Without getting too detailed, I would like to accomplish the following task:
1) Ask the user's logon name with MsgBox or equivalent.
2) Search the AD forrest for that logon name.
3) Edit that object by adding something static. In this example you can just add "Test" to the user's description.

Thanks in advance.
 
Sort by date Sort by votes
Is this something you want the admin to run?

Do you have all of your users in the same place within AD or does this really need to search for the user?



I hope you find this post helpful. Please let me know if it was.

Regards,

Mark
 
Upvote 0 Downvote
Sorry for not clarifying. I have several OUs based on physical site with the users in those various OUs. This is why I need to search the entire forest. Thanks again.
 
Upvote 0 Downvote
Sorry, and yes, this is only something admins will run.
 
Upvote 0 Downvote
There is probably a better way to do the search than using the array like I am, but I can't think of another way right now.



'==========================================================================
'
' NAME: searchAndmodifyUser.vbs
'
' AUTHOR: Mark D. MacLachlan , The Spider's Parlor
' URL: ' DATE : 2/27/2004
'
' COMMENT: <comment>
'
'==========================================================================
Dim ENT_OU(3)

Const LDOMAIN = "LDAP://DomainName/"
ENT_OU(0) = "OU=firstOU,DC=company,DC=com"
ENT_OU(1) = "OU=secondOU,DC=company,DC=com"
ENT_OU(2) = "OU=thirdOU,DC=company,DC=com"
UID = "Administrator"
PWD = "PasswordOfAdminID"
username = InputBox("Enter Username to Modify","Edit Account?")
set objUser = GetUser2(userName)
objUser.AccountDisabled = False
objUser.SetInfo






Public Function GetUser2(ByVal sAMAccountName)

Dim ADCon,ADCmd,ADRec,str

Set ADCon = CreateObject("ADODB.Connection")
Set ADCmd = CreateObject("ADODB.Command")

ADCon.Provider = "ADsDSOObject"
ADCon.Open "Active Directory Provider", UID, PWD

Set ADCmd.ActiveConnection = ADCon
ADCmd.Properties("Cache results") = False
ADCmd.Properties("TimeOut") = 120

For x = 0 To 2
str = "select sAMAccountName, ADsPath " & _
"from '" & LDOMAIN & ENT_OU(x) & "' " & _
"where objectCategory='person' and sAMAccountName='" & sAMAccountName & "'"
Next
ADCmd.CommandText = str

Set ADRec = ADCmd.Execute()

If ADRec.EOF Then
Set objUser = Nothing
Exit Function
End If

' Then bind to the IADs object.

Set GetUser2 = getObject(ADRec.Fields("adspath"))

End Function

I hope you find this post helpful. Please let me know if it was.

Regards,

Mark
 
Upvote 0 Downvote
OUCH!

LDAP searches are painful. You can use winnt.
use your domain and logon name. (Can even ask for these in a msgbox)

----script below---------------
'Find users in NT4 Domains
option explicit
msgbox Time
'WScript.Echo Time
Dim binFound, objUser, strDomainName, strUserName

Const USERNAME_NOT_FOUND = &h800708AD

binFound = False
' to run the script, change the domain name as needed
' and change the name to find
strDomainName = "cob"
strUserName = "kbwood"

On Error Resume Next
Set objUser = GetObject("WinNT://" & strDomainName & "/" & strUserName & ",User")
If Err.Number = 0 then
binFound = True
ElseIf Err.Number = USERNAME_NOT_FOUND then
binFound = False
Else
msgbox CStr(Hex(Err.Number)) & ": " & Err.Description
'WScript.Echo CStr(Hex(Err.Number)) & ": " & Err.Description
WScript.Quit
End IF

'wScript.Echo strUserName & ": " & binFound
msgbox strUserName & ": " & binFound
'WScript.Echo Time
msgbox Time
 
Upvote 0 Downvote
LDAP is a pain, but I don't believe you can modify user properties if getting the user ID with the WinNT provider. I could be wrong, if anybody wants to add clarification on that.

I hope you find this post helpful. Please let me know if it was.

Regards,

Mark
 
Upvote 0 Downvote
no, you can use the WinNT provider to modify user properties.

but, i think you will find the WinNT provider does NOT allow you to access all the user properties exposed in AD, rather the equivalant of what was available in NT4 domains, to do with the backward compat of AD i guess.

I would have to disagree with LDAP searches being painful.
LDAP is fast as you like and when you are doing larger manips on lots of users etc in AD, LDAP using ADO with SQL style SELECT statements is the only way to go.

that being said there are times where grabbing the a ref to the Users account using WinNT is easiest.

I guess it is a question of what best fits the task in hand. Get used to using both is my advice and see whichones works best given the current problem.

both posts are valid i would say
 
Upvote 0 Downvote
Thanks for your post MrMovie.

I hope you find this post helpful. Please let me know if it was.

Regards,

Mark
 
Upvote 0 Downvote
Status
Not open for further replies.

Similar threads

bdwilcox
  • Question
Trying to adapt VBScript to search if machine is in an AD group 6
Replies
8
Views
812
SoftwareRT
SoftwareRT
Don Child
  • Locked
  • Question
JScript to search for specific outlook emails, and download attachments 2
Replies
8
Views
456
Eric J
Eric J
Z3braa
  • Locked
  • Question
Remove specific computer name in Logon Workstation from from all users in AD, with VBScript
Replies
0
Views
123
Z3braa
Z3braa
spamjim
  • Locked
  • Question
Setting height and width for an image in an Outlook email signature
Replies
0
Views
108
spamjim
spamjim
lunter
  • Locked
  • Question
How to create vbArray+vbByte (8209) in *.vbs stript
Replies
0
Views
160
lunter
lunter

Part and Inventory Search

Sponsor

Back
Top