-
Notifications
You must be signed in to change notification settings - Fork 1
/
Copy pathADUserAccountInfo.vbs
105 lines (79 loc) · 3.24 KB
/
ADUserAccountInfo.vbs
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
on error resume next
'* Open a text file for recording AD Account Details
set fs=CreateObject("Scripting.FileSystemObject")
set u=fs.OpenTextFile("C:\ADScripts\ADLogs\ADAccounts.csv",2,true)
' Create a heading row in the csv file
u.writeline "Display Name" & " , " & "SAM Accountname" & " , " & _
"Description" & " , " & "Account Creation" & " , " & " Expiration Date" & " , " & "Account Status" & " , " &_
"Employee Number" & " , " & "Home Directory" & " , " & _
"Home Drive" & " , " & "Mail" & " , " & "Telephone" & " , " & "Group Information"
set usr=GetObject("LDAP://cn=users,dc=na, dc=corp,dc=Clorox, dc=com")
For each member in usr
displayname = " "
samaccountname = " "
Description = " "
Account Creation = " "
Account ExpireDate = " "
EmployeeNumber = " "
homeDirectory = " "
homeDrive = " "
mail = " "
telephoneNumber = " "
status = " "
strGroups=" "
displayname = member.get("displayname")
samaccountname = member.get("samaccountname")
Description=member.Get("description")
Creation = member.Get("whenCreated")
'Account Expiration Status
er = member.get("accountExpirationdate")
If Err.Number = -2147467259 OR er = #1/1/1970# Then
ExpireDate = "Not set"
Else
ExpireDate = member.AccountExpirationDate
End If
'Retrieve account status
intUAC = member.Get("userAccountControl")
If intUAC AND ADS_UF_ACCOUNTDISABLE Then
status = "Disabled"
Else
status = "Active"
End If
EmployeeNumber = member.Get("employeeNumber")
homeDirectory= member.Get("homeDirectory")
homeDrive= member.Get("homeDrive")
mail=member.Get("mail")
telephoneNumber = member.Get("telephoneNumber")
' This code displays the group membership of a user.
' It avoids infinite loops due to circular group nesting by
' keeping track of the groups that have already been seen.
' ------ SCRIPT CONFIGURATION ------
strUserDN = member. distinguishedname
' ------ END CONFIGURATION ---------
set objUser = GetObject("LDAP://" & strUserDN)
strSpaces = ""
set dicSeenGroup = CreateObject("Scripting.Dictionary")
DisplayGroups "LDAP://" & strUserDN, strSpaces, dicSeenGroup
u.writeline displayname & " , " & samaccountname & " , " & _
Description & " , " & Creation & " , " & ExpireDate & " , " & status & " , " &_
EmployeeNumber & " , " & homeDirectory & " , " & _
homeDrive & " , " & mail & " , " & telephoneNumber & " , " & strGroups
Next
u.close
Wscript.Echo "Script Done..."
Function DisplayGroups ( strObjectADsPath, strSpaces, dicSeenGroup)
set objObject = GetObject(strObjectADsPath)
strGroups = strGroups & strSpaces & objObject.Name & ";"
on error resume next ' Doing this to avoid an error when memberOf is empty
if IsArray( objObject.Get("memberOf") ) then
colGroups = objObject.Get("memberOf")
else
colGroups = Array( objObject.Get("memberOf") )
end if
for each strGroupDN In colGroups
if Not dicSeenGroup.Exists(strGroupDN) then
dicSeenGroup.Add strGroupDN, 1
DisplayGroups "LDAP://" & strGroupDN, strSpaces & " ", dicSeenGroup
end if
next
End Function