I am trying to use a combination of dsquery piped to dsget to determine which users in a specific OU have dialin permissions set to "Allow" on the DialIn tab in AD. I have the dsquery part down, but can't find any documentation on what parameters to use for the dialin tab options. If anyone has a link to the parameters, could you please post them? Thank you in advance for any assistance.
Tek-Tips is the largest IT community on the Internet today!
Members share and learn making Tek-Tips Forums the best source of peer-reviewed technical information on the Internet!
-
Congratulations Mike Lewis on being selected by the Tek-Tips community for having the most helpful posts in the forums last week. Way to Go!
Simple DSGET question
- Thread starter clickster
- Start date
WhoKilledKenny
MIS
Here is a VBScript using an LDAP query to do what you want. If you want to enumerate a specific OU then modify the <LDAP:// path.
Copy the code in a text doc (word wrap unchecked) and name the file with a .vbs extention. Modify the LDAP path.
Copy the code in a text doc (word wrap unchecked) and name the file with a .vbs extention. Modify the LDAP path.
Code:
'* FileName: DialinUsers.vbs
'*=============================================================================
'* Script Name: DialinUsers.vbs
'* Created: 02/23/2007
'* Author: Jesse Hamrick
'* Company: XXXXXXXXXXXXXXXXX
'* Email: JHmarick@whokilledkenny.net
'* Web: [URL unfurl="true"]http://www.whokilledkenny.net[/URL]
'* Reqrmnts:
'* Keywords:
'*=============================================================================
'* Purpose: Script enumerate all accounts in AD and displays the user
'* name, account name, and contact info for users whom have
'* been granted dialup and VPN access.
'*=============================================================================
'*=============================================================================
'* DECLARE VARIABLES
'*=============================================================================
Dim objConnection
Dim objCommand
Dim objReordset
'*=============================================================================
'* Code
'*=============================================================================
Set objConnection = CreateObject("ADODB.Connection")
objConnection.Open "Provider=ADsDSOObject;"
Set objCommand = CreateObject("ADODB.Command")
objCommand.ActiveConnection = objConnection
objCommand.CommandText = _
"<LDAP://dc=domainname,dc=com>;" & _
"(&(&(objectCategory=person)(objectClass=user)(!(userAccountControl:1.2.840.113556.1.4.803:=2)(msNPAllowDialin=TRUE))));" & _
"name,sAMAccountName,telephoneNumber,physicalDeliveryOfficeName,mail;subtree"
Set objRecordSet = objCommand.Execute
On Error Resume Next
While Not objRecordset.EOF
Wscript.Echo "AD Account:" & ", " &_
objRecordset.Fields("sAMAccountName") & ", " & "Email Address:" & ", " & objRecordset.Fields("mail")
WScript.Echo VbCrLf
objRecordset.MoveNext
Wend
objConnection.Close- Status
Similar threads
- Locked
- Question