Tek-Tips is the largest IT community on the Internet today!

Members share and learn making Tek-Tips Forums the best source of peer-reviewed technical information on the Internet!

Register Log in
  • Congratulations IamaSherpa on being selected by the Tek-Tips community for having the most helpful posts in the forums last week. Way to Go!

Searching for Active User Accounts

Status
Not open for further replies.
RobC86

RobC86

MIS
Dec 7, 2007
8
GB
I'm looking for help with a script to help me display all active user accounts in Active Directory. I have been able to come across a few that show how to display disabled accounts however i want to see just the active ones.

I managed to find this script for disabled user accounts:-

Const ADS_UF_ACCOUNTDISABLE = 2

Set objConnection = CreateObject("ADODB.Connection")
objConnection.Open "Provider=ADsDSOObject;"
Set objCommand = CreateObject("ADODB.Command")
objCommand.ActiveConnection = objConnection
objCommand.CommandText = _
"<GC://dc=fabrikam,dc=com>;(objectCategory=User)" & _
";userAccountControl,distinguishedName;subtree"
Set objRecordSet = objCommand.Execute

intCounter = 0WScript.Echo VbCrLf & "A total of " & intCounter & " accounts are disabled."

objConnection.Close

Do Until objRecordset.EOF
intUAC=objRecordset.Fields("userAccountControl")
If intUAC AND ADS_UF_ACCOUNTDISABLE Then
WScript.echo objRecordset.Fields("distinguishedName") & " is disabled"
intCounter = intCounter + 1
End If
objRecordset.MoveNext
Loop

However im unsure on how to modify this to show all active accounts.
 
Sort by date Sort by votes
Something like this ?
...
If Not (intUAC AND ADS_UF_ACCOUNTDISABLE) Then
WScript.echo objRecordset.Fields("distinguishedName") & " is NOT disabled"
...

Hope This Helps, PH.
FAQ219-2884
FAQ181-2886
 
Upvote 0 Downvote
How about changing the filter portion of the query?

Replace:
(objectCategory=user)
with
(&(objectCategory=person)(objectClass=user)(!(userAccountControl:1.2.840.113556.1.4.803:=2)))

This filter selects user objects that are not disabled.

PSC

Governments and corporations need people like you and me. We are samurai. The keyboard cowboys. And all those other people out there who have no idea what's going on are the cattle. Mooo! --Mr. The Plague, from the movie "Hackers
 
Upvote 0 Downvote
Thanks guys, a combination of the two worked. The end code looks like the following:



Const ADS_UF_ACCOUNTDISABLE = 2

Set objConnection = CreateObject("ADODB.Connection")
objConnection.Open "Provider=ADsDSOObject;"
Set objCommand = CreateObject("ADODB.Command")
objCommand.ActiveConnection = objConnection
objCommand.CommandText = _
"<GC://dc=fabrikam,dc=com>;(&(objectCategory=person)(objectClass=user)(!(userAccountControl:1.2.840.113556.1.4.803:=2)))" & _
";userAccountControl,displayName;subtree"
Set objRecordSet = objCommand.Execute

intCounter = 0
Do Until objRecordset.EOF
intUAC=objRecordset.Fields("userAccountControl")
If Not (intUAC AND ADS_UF_ACCOUNTDISABLE) Then
WScript.echo objRecordset.Fields("displayName") & " is enabled"
intCounter = intCounter + 1
End If
objRecordset.MoveNext
Loop

WScript.Echo VbCrLf & "A total of " & intCounter & " accounts are enabled."

objConnection.Close



N.B.(For any future reference) Since the first code i changed the userAccountControl,distinguishedName to ---> userAccountControl,displayName. I found this displays a more friendly output for the username. Then i executed the script using the CScript command and saved it to a log file. Using "CScript ActiveUser.vbs > C:\ActiveUsers.log".
 
Upvote 0 Downvote
Status
Not open for further replies.

Similar threads

Palito1916
  • Locked
  • Question
Disable multiple computer accounts using TXT file with computer names
Replies
2
Views
254
Palito1916
Palito1916
queen_mszdia
  • Locked
  • Question
invoke runas different user from inside VbScript
Replies
0
Views
174
queen_mszdia
queen_mszdia
Don Child
  • Locked
  • Question
JScript to search for specific outlook emails, and download attachments 2
Replies
8
Views
522
Eric J
Eric J
spamjim
  • Locked
  • Question
Setting height and width for an image in an Outlook email signature
Replies
0
Views
144
spamjim
spamjim
jahelka
  • Locked
  • Question
script editing - base64 for files in folder
Replies
1
Views
169
mikrom
mikrom

Part and Inventory Search

Sponsor

Back
Top