Query AD for information

So.. been busy lately.. but here’s a new topic.. Windows 2008? R2? Kerberos? No.. it’s scripting..

I had a customer who wanted to extract information from AD by a custom application. Offcourse we could open port 389 and have them extract the info.. but perhaps it would be easier to just query the Global Catalog (if the info you want is in there)..

In this case he wanted to convert username to firstname, lastname, all those fields are in the GC.. so here’s the VBScript to prove that it works.. note that in the script we also give the username and password, this since the application is not on the AD network and the firewall between app and GC is only opened for 3268. The Adsi Flag field tells the connection how it should be created. 1 = Authenticate; It will try kerberos, NTLM, basic. 2=Encryption, can in this case not be used, since the querying machine and DC/GC are not in same domain, nor share any secret (no kerberos authentication). You can combine both by entering value 3.

Set objConnection = CreateObject("ADODB.Connection")
 objConnection.Provider = "ADsDSOObject"
 objConnection.Properties("User ID") = "domainuser"
 objConnection.Properties("Password") = "password"
 objConnection.Properties("Encrypt Password") = TRUE
 objConnection.Properties("ADSI Flag") = 1
 objConnection.Open "Active Directory Provider"
GetDuplicates("<targetuser>")
Function GetDuplicates(input)
 On Error Resume Next
 WScript.echo " Searching for: " & input
 Set objCmd = CreateObject ("ADODB.Command")
 strGCDomain = "GC://<IP of GC>/DC=CONTOSO,DC=com"
 objCmd.ActiveConnection = objConnection
 objCmd.CommandText = "<"& strGCDomain &">;(proxyAddresses=*" & input & "*)" & ";displayName,name,givenName,sn;subtree"
 objCmd.Properties ("Page Size") = 1000
 Set objDIC = CreateObject ("Scripting.Dictionary")
 Set objRS = objCmd.Execute
 objRS.MoveFirst
 While Not objRecordSet.EOF
  wscript.echo objRS.fields("GivenName") & " " & objRS.fields("sn")
  wscript.echo objRS.fields("DisplayName")
  objRs.movenext
 Wend
End function
Tagged ,