[VBScript] LDAP query to pull DN

[Aen]

Writing a script that basically does this:

1. Ask user for a username

2. Ask user for employee number

3. script verifies if it is real username

- if it is, continues

- if not, it stops script

4. (step i need help with) - Query AD through LDAP and pull DN

5. Add employee number to 2 different fields in AD (employeeID, employeeNumber)

Real simple script.. but having some issues getting the DN from AD.

*DN = distinguishedName

Here is what i got:

Set objFile = CreateObject("Scripting.FileSystemObject")
Set objNetName = CreateObject("WScript.NetWork") 

DIM strEmpID
Name = GetUserName()
EmployeeID = GetEmployeeID()
UserExists = CheckUser(Name)

If UserExists = TRUE then
msgbox strEmpID
msgbox Name
Call LoadEmployeeID
Else
Msgbox "User does not exist, try again."
wscript.quit(0)
End If

'===========================
Function LoadEmployeeID()
Set objUser = GetObject

objUser.Put "employeeNumber", strEmpID
'objUser.Put "employeeID", EmployeeID
objUser.SetInfo

End Function
'===========================
Function GetEmployeeID()
EmployeeID = Inputbox ("Please enter in 5 digit employee number")
strEmpID = EmployeeID
End Function

'=======================================
Function GetUserName()

i = 0
UserName = InputBox ("Ex. Firstname.LastName ", " Please Enter User Name")

Do While Instr(UserName, ".") = 0 and i <= 5

Username = InputBox ("Ex. Firstname.LastName ", " Please Enter User Name")

i=i+1

Loop

If Instr(UserName, ".") = 0 Then
WScript.Quit(0)
Else

GetUserName = Trim(UserName)
End If
End Function
'===========================================
Function CheckUser(strUserName)

dtStart = TimeValue(Now())
Set objConnection = CreateObject("ADODB.Connection")
objConnection.Open "Provider=ADsDSOObject;"

Set objCommand = CreateObject("ADODB.Command")
objCommand.ActiveConnection = objConnection

objCommand.CommandText = _
	"<LDAP:/*removed*t>;(&(objectCategory=User)" & _
		 "(samAccountName=" & strUserName & "));samAccountName;distinguishedName;subtree"

Set objRecordSet = objCommand.Execute

If objRecordset.RecordCount = 0 Then
	'WScript.Echo "sAMAccountName: " & strUserName & " does not exist."
	CheckUser = FALSE
Else
	objRecordset.MoveFirst
	Do while Not objRecordset.EOF
 	wscript.echo objRecordset("samAccountName") & " | " & objRecordset("distinguishedName")
	objRecordset.MoveNext
	Loop
	'WScript.Echo strUserName & " exists."
	CheckUser = TRUE
End If

objConnection.Close

End Function
'====================================================

Can anyone please give some advice or code that can help?

I think if i can just pull the DN from LDAP query and put that into a variable..i can finish the rest.

[coleoptere2007]

Hi, I dont know vbscript but you can get more info with the use of a soft like LDP.exe or ldap browser.

But by experience when you make a query you must first indicate the base DN, domain and account to connect. Be carefull the base DN is different if you query a Windows AD, Netware, Lotus Domino. try first to query a windows AD and you'll see the different objects and atttributes.

Hope this will help you.

[Aen]

Hi, I dont know vbscript but you can get more info with the use of a soft like LDP.exe or ldap browser.

But by experience when you make a query you must first indicate the base DN, domain and account to connect. Be carefull the base DN is different if you query a Windows AD, Netware, Lotus Domino. try first to query a windows AD and you'll see the different objects and atttributes.

Hope this will help you.

i can find the DN by going through ADSIedit.msc. But, i am making a script that when a user will enter in a username and employee number, it will change the custom employee ID field. We dont really want to give them access to ADSIedit because it can be very dangerous. We are only using Windows AD.

[IcemanND]

does your script return anything? will it return info if you query for only one item, instead of both samAccountName and distinguishedName?

[Aen]

does your script return anything? will it return info if you query for only one item, instead of both samAccountName and distinguishedName?

I was going to create a new function and stop the query on both of those..i was just fooling around.

Really just need to figure out how to pull that. I am surprised no one else has really done that before..i couldnt find any code snippets.

[sbuehler]

Did you ever find out how to pull the dn?

I'm trying with VBA, I'm getting all the fields I want but dn comes back blank.

[realslimshrimpy]

Did you ever find out how to pull the dn?

I'm trying with VBA, I'm getting all the fields I want but dn comes back blank.

you can check this code out...maybe it can help

option explicit
dim objRootDSE, strDNSDomain, user, username, strAD, description

Set objRootDSE = GetObject("LDAP://RootDSE")
strDNSDomain = objRootDSE.Get("DefaultNamingContext")


username = inputbox ("Please Enter user name")


strAD = "LDAP://cn=" & username & ",cn=users, " & strDNSDomain



set user = getobject(strAD)

description = inputbox ("please enter the description you want to change")


user.put "description", description
user.setinfo

wscript.echo "All Done"

[realslimshrimpy]

Did you ever find out how to pull the dn?

I'm trying with VBA, I'm getting all the fields I want but dn comes back blank.

you can check this code out...maybe it can help

option explicit
dim objRootDSE, strDNSDomain, user, username, strAD, description

Set objRootDSE = GetObject("LDAP://RootDSE")
strDNSDomain = objRootDSE.Get("DefaultNamingContext")


username = inputbox ("Please Enter user name")


strAD = "LDAP://cn=" & username & ",cn=users, " & strDNSDomain



set user = getobject(strAD)

description = inputbox ("please enter the description you want to change")


user.put "description", description
user.setinfo

wscript.echo "All Done"

or

option explicit
dim cmd, cn, rs, objRoot, objFSO, objCSV, q

const FileName ="domaincomputers.csv"
set cmd = createobject("ADODB.Command")
set cn = createobject("ADODB.Connection")
set rs = createobject("ADODB.Recordset")

cn.open "Provider=ADsDSOObject;"
cmd.activeconnection = cn

set objRoot = getobject("LDAP://RootDSE")

cmd.commandtext = "<LDAP://" & objRoot.get("defaultNamingContext") & ">;(objectCategory=Computer);" & _
		  "name,operatingsystem,operatingsystemservicepack, operatingsystemversion, dnsHostName;subtree"
'**** Bypass 1000 record limitation ****
cmd.properties("page size")=1000

set rs = cmd.execute
set objFSO = createobject("Scripting.FileSystemObject")
set objCSV = objFSO.createtextfile(FileName)

q = """"

while rs.eof <> true and rs.bof <> true
	objcsv.writeline(q & rs("name") & q & "," &  q & rs("operatingsystem") & q & _
		"," & q & rs("operatingsystemservicepack") & _
		q & "," & q & rs("operatingsystemversion") & _ 
		q & "," & q & rs("dnsHostName") & _
		q & "," & q & Date() & q)
	rs.movenext
wend

objCSV.Close
cn.close

wscript.echo "Finished"