logo标签列表

使用VBScript查询Active Directory

asp-classicvbscriptactive-directory
6

我想使用VBScript(经典ASP)查询Active Directory。 我该如何实现?

http://www.activexperts.com/activmonitor/windowsmanagement/adminscripts/usersgroups/users/ - Shoban
3个回答
7
要查看OU的所有成员,请尝试以下操作...
Set objOU = GetObject("LDAP://OU=YourOU,DC=YourDomain,DC=com")
For each objMember in ObjOU  ' get all the members'

    ' do something'

Next

如果要进行自定义DN搜索,请尝试以下方法...

set conn = createobject("ADODB.Connection")
Set iAdRootDSE = GetObject("LDAP://RootDSE")
strDefaultNamingContext = iAdRootDSE.Get("defaultNamingContext")
Conn.Provider = "ADsDSOObject"
Conn.Open "ADs Provider"

strQueryDL = "<LDAP://" & strDefaultNamingContext & ">;(&(objectCategory=person)(objectClass=user));distinguishedName,adspath;subtree"
set objCmd = createobject("ADODB.Command")
objCmd.ActiveConnection = Conn
objCmd.Properties("SearchScope") = 2 ' we want to search everything
objCmd.Properties("Page Size") = 500 ' and we want our records in lots of 500 

objCmd.CommandText = strQueryDL
Set objRs = objCmd.Execute

While Not objRS.eof

    ' do something with objRS.Fields("distinguishedName")'
    objRS.MoveNext
Wend
Ken,如果我想要根据你的第一个示例,获取特定FirstName和LastName值的"sAMAccountName"值,那么我应该这样做:如果ObjOU.FirstName = "Alan"并且ObjOU.LastName = "Smith",那么 sVariable = ObjOU.sAMAccountName这样正确吗? - Frank
更好的方法是在查询中实际使用您要查找的特定名字/姓氏...strQueryDL = "<LDAP://" & strDefaultNamingContext & ">;(&(objectCategory=person)(objectClass=user)(firstName="Alan")(lastName="Smith");distinguishedName,adspath;subtree" ... ' 使用objRS.Fields("sAMAccountName")进行某些操作' - KennetRunner
1

我必须通过oldskool用户名查询WinAD,这个.vbs脚本打印用户帐户。

  • 通过sAMAccountname查找,使用*通配符
  • 从每个用户对象中打印少量属性
  • 使用AccountType过滤器,它是迭代AD用户对象的最优化方式

测试脚本首先通过完全限定的字符串获取用户对象,这只是一个示例。第二部分通过smith*过滤器进行实际查询。

WinADSearch.vbs

' c:> cscript -nologo script.vbs
' c:> wscript script.vbs
' http://msdn.microsoft.com/en-us/library/d6dw7aeh%28v=vs.85%29.aspx

' WindowsAD queries
' http://www.kouti.com/tables/userattributes.htm

Option Explicit
'On Error Resume Next

Dim StdOut: Set StdOut = WScript.StdOut

Dim objUser
Set objUser = GetObject("LDAP://CN=Firstname Lastname,OU=Internal Users,OU=MyCompany,OU=Boston,OU=Root,DC=REGION1,DC=COM")
println(objUser.givenName & " " & objUser.middleName & " " & objUser.lastName) 
println("name=" & objUser.name)
println("displayName=" & objUser.displayName)
println("userPrincipalName=" & objUser.userPrincipalName)
println("sAMAccountName=" & objUser.sAMAccountName)
println("distinguishedName=" & objUser.distinguishedName)


println("")
Dim conn, strQueryDL, strAttrs, objCmd, objRs, idx

set conn = createobject("ADODB.Connection")
conn.Provider = "ADsDSOObject"
conn.Open "ADs Provider"

strAttrs = "sAMAccountName,displayName,distinguishedName" ' get attributes

'strQueryDL = "<LDAP://dc=REGION1,dc=COM>;(& (objectCategory=person) );" & strAttrs & ";SubTree"
'strQueryDL = "<LDAP://dc=REGION1,dc=COM>;(& (objectCategory=person)(objectClass=user) );" & strAttrs & ";SubTree"    
'strQueryDL = "<LDAP://dc=REGION1,dc=COM>;(& (objectCategory=person)(objectClass=user)(sAMAccountName=smith*) );" & strAttrs & ";SubTree"

strQueryDL = "<LDAP://dc=REGION1,dc=COM>;(& (samAccountType=805306368)(sAMAccountName=smith*) );" & strAttrs & ";SubTree"

set objCmd = createobject("ADODB.Command")
objCmd.ActiveConnection = Conn
objCmd.Properties("SearchScope") = 2 ' search everything
objCmd.Properties("Page Size") = 100 ' bulk operation

objCmd.CommandText = strQueryDL
println(objCmd.CommandText)
Set objRs = objCmd.Execute
idx=0
do while Not objRS.eof
  idx=idx+1
  println( objRs.Fields("sAMAccountName") & " / " & objRs.Fields("displayName") & " / " & objRs.Fields("distinguishedName") )
  if (idx>5) then exit do
  objRS.MoveNext
loop
objRs.Close
Conn.close
set objRs = Nothing
set conn = Nothing
println("end")


'********************************************************************
Sub println(ByVal str) 
    If (StdOut Is Nothing) Then Exit Sub
    StdOut.WriteLine str
End Sub
0
网页内容由stack overflow 提供, 点击上面的
可以查看英文原文,
原文链接