bbbngowc Posted October 20, 2009 Share Posted October 20, 2009 (edited) Hi,I'm trying to find all the users in AD that have Dial-in Access. However I need to use the "Control Access through Remote Access Policy" option as a lookup. So something like:where obj=user and AND msNPAccessDialin = TRUE type thing. I have the follow code but it doesn't work for what I'm looking for. Can any help me with a mod please?Const ADS_SCOPE_SUBTREE = 2Dim Fso :Set Fso = CreateObject("Scripting.FileSystemObject")Set objConnection = CreateObject("ADODB.Connection")Set objCommand = CreateObject("ADODB.Command")objConnection.Provider = "ADsDSOObject"objConnection.Open "Active Directory Provider"Set objCommand.ActiveConnection = objConnectionobjCommand.Properties("Page Size") = 1000objCommand.Properties("Searchscope") = ADS_SCOPE_SUBTREE objCommand.CommandText = _ "SELECT Name FROM 'LDAP://dc=domain,dc=com' WHERE objectCategory='user' " & _ "AND msNPAccessDialin = TRUE"Set objRecordSet = objCommand.ExecuteDim Ts Set Ts = Fso.CreateTextFile("Text_Report.txt") Ts.WriteLine Now objRecordSet.MoveFirst Do Until objRecordSet.EOF Ts.WriteLine objRecordSet.Fields("Name").Value Wscript.Echo objRecordSet.Fields("Name").Value objRecordSet.MoveNext Loop Ts.Close Edited October 20, 2009 by bbbngowc Link to comment Share on other sites More sharing options...
Yzöwl Posted October 20, 2009 Share Posted October 20, 2009 If Remote Access Permission (Dial-in or VPN) Allow Access is selected then msNPAllowDialin is TRUEIf Remote Access Permission (Dial-in or VPN) Deny Access is selected then msNPAllowDialin is FALSEIf Remote Access Permission (Dial-in or VPN) Control Access through Remote Access Policy is selected then msNPAllowDialin has no value.Therefore try changing the line to say:WHERE objectCategory='user' " & _ "AND msNPAllowDialin <> '*'" Link to comment Share on other sites More sharing options...
bbbngowc Posted October 24, 2009 Author Share Posted October 24, 2009 If Remote Access Permission (Dial-in or VPN) Allow Access is selected then msNPAllowDialin is TRUEIf Remote Access Permission (Dial-in or VPN) Deny Access is selected then msNPAllowDialin is FALSEIf Remote Access Permission (Dial-in or VPN) Control Access through Remote Access Policy is selected then msNPAllowDialin has no value.Therefore try changing the line to say:WHERE objectCategory='user' " & _ "AND msNPAllowDialin <> '*'"Thanks. This worked. Link to comment Share on other sites More sharing options...
Recommended Posts
Create an account or sign in to comment
You need to be a member in order to leave a comment
Create an account
Sign up for a new account in our community. It's easy!
Register a new accountSign in
Already have an account? Sign in here.
Sign In Now