Click here to monitor SSC
SQLServerCentral is supported by Red Gate Software Ltd.
 
Log in  ::  Register  ::  Not logged in
 
 
 
        
Home       Members    Calendar    Who's On


Add to briefcase

Query AD (Active Directory) Expand / Collapse
Author
Message
Posted Wednesday, October 3, 2012 11:39 AM
SSC-Enthusiastic

SSC-EnthusiasticSSC-EnthusiasticSSC-EnthusiasticSSC-EnthusiasticSSC-EnthusiasticSSC-EnthusiasticSSC-EnthusiasticSSC-Enthusiastic

Group: General Forum Members
Last Login: 2 days ago @ 8:18 AM
Points: 152, Visits: 1,165
I know you can query AD for logins,email,location but if I want to know if the users are active or not, can I pull that as well. I'm not seeing it in the container if so.
Post #1367893
Posted Wednesday, October 3, 2012 11:55 AM


SSChampion

SSChampionSSChampionSSChampionSSChampionSSChampionSSChampionSSChampionSSChampionSSChampionSSChampion

Group: General Forum Members
Last Login: Today @ 8:47 AM
Points: 12,905, Visits: 32,168
this site has the most comprehensive list of attributes you can query that i've ever tripped over:
http://www.rlmueller.net/UserAttributes.htm

specifically, his excel spreadsheet has a ton of stuff:
http://www.rlmueller.net/References/Schema.xls

i searched for "locked" and "enabled" and "disabled", and didn't see anything that seemed to me to be specific to a user
you may have a better idea on what to search for than me.


Lowell

--There is no spoon, and there's no default ORDER BY in sql server either.
Actually, Common Sense is so rare, it should be considered a Superpower. --my son
Post #1367914
Posted Thursday, October 4, 2012 6:29 AM
SSC-Enthusiastic

SSC-EnthusiasticSSC-EnthusiasticSSC-EnthusiasticSSC-EnthusiasticSSC-EnthusiasticSSC-EnthusiasticSSC-EnthusiasticSSC-Enthusiastic

Group: General Forum Members
Last Login: 2 days ago @ 8:18 AM
Points: 152, Visits: 1,165
Thanks, that was very helpful.
Post #1368345
Posted Thursday, October 4, 2012 8:01 AM
Old Hand

Old HandOld HandOld HandOld HandOld HandOld HandOld HandOld Hand

Group: General Forum Members
Last Login: Wednesday, October 15, 2014 5:41 PM
Points: 356, Visits: 918
Any chance you can share what the attribute was called? As Lowell mentioned he didn't find anything obvious. I did a quick skim through but the list is quite long.
Post #1368427
Posted Thursday, October 4, 2012 1:59 PM
SSC-Enthusiastic

SSC-EnthusiasticSSC-EnthusiasticSSC-EnthusiasticSSC-EnthusiasticSSC-EnthusiasticSSC-EnthusiasticSSC-EnthusiasticSSC-Enthusiastic

Group: General Forum Members
Last Login: Friday, October 17, 2014 12:49 PM
Points: 150, Visits: 668
I exclude Disabled in a vb script that queries AD.

Here’s the check for a user being disabled in AD:
(userAccountControl:1.2.840.113556.1.4.803:=2)

So to exclude use (!userAccountControl:1.2.840.113556.1.4.803:=2) in the filter:

strFilter = "(&(objectCategory=person)(!userAccountControl:1.2.840.113556.1.4.803:=2)(objectClass=user)(memberOf=cn=CERUsers,ou=CER,ou=intranet applications,ou=groups,ou=khs,dc=myhouse,dc=org))"


From the VB script:
' Open the output file for write access.
Set objFile = objFSO.OpenTextFile(strFilePath, 2, True, 0)
Set objRootDSE = GetObject("LDAP://RootDSE")
strDNSDomain = objRootDSE.Get("defaultNamingContext")
Set objCommand = CreateObject("ADODB.Command")
Set objConnection = CreateObject("ADODB.Connection")
objConnection.Provider = "ADsDSOObject"
objConnection.Open "Active Directory Provider","myhouse\mylogin","mypassword"
objCommand.ActiveConnection = objConnection
strBase = "<LDAP://" & strDNSDomain & ">"
strFilter = "(&(objectCategory=person)(!userAccountControl:1.2.840.113556.1.4.803:=2)(objectClass=user)(memberOf=cn=Distribution Group Corporate Management,ou=Mail Groups,ou=groups,ou=khs,dc=myhouse,dc=org))"
strAttributes = "cn,displayName,mail,title,physicalDeliveryOfficeName"
strQuery = strBase & ";" & strFilter & ";" & strAttributes & ";subtree"
objCommand.CommandText = strQuery
objCommand.Properties("Page Size") = 100
objCommand.Properties("Timeout") = 30
objCommand.Properties("Cache Results") = False
Set objRecordSet = objCommand.Execute
Post #1368686
Posted Monday, October 8, 2012 8:14 AM
Old Hand

Old HandOld HandOld HandOld HandOld HandOld HandOld HandOld Hand

Group: General Forum Members
Last Login: Wednesday, October 15, 2014 5:41 PM
Points: 356, Visits: 918
Thank you for that Randy. It's always good to have the solution for others to find in the future.
Post #1369841
« Prev Topic | Next Topic »

Add to briefcase

Permissions Expand / Collapse