RE: Extract users from Active Directory using SSIS

SSCertifiable

Points: 5869

March 20, 2009 at 9:23 am

you can create a linked server to your domain controller.

then

declare @groups table ( grp sysname )
declare @usrs table ( usr sysname, grp sysname )
declare @actgrp sysname
declare @actntgrp sysname
declare @max-2 int
declare @i int
insert @groups SELECT *
FROM OPENQUERY( [<linked server name>],
'SELECT Name
FROM ''LDAP://<linked server name>/ DC=<subdomain>,DC=<domain>,DC=<net>''
WHERE
objectClass = ''group''
ORDER BY name
')
select @max-2 = count(*) from @groups
select @i = 0
select @actgrp = Min(grp) from @groups
while @i < @max-2 begin
select @i = @i + 1
select @actntgrp = '<domain>\' + @actgrp
insert @usrs select name, @actntgrp from OpenRowset(NetGroupGetMembers, @actntgrp)
select @actgrp = MIN(grp) from @groups where grp > @actgrp
end

will give you logins and groups.

if exists (select * from tempdb.dbo.sysobjects where name = N'##ADS' )
drop table [dbo].[##ADS]
SELECT *
INTO ##ADS
FROM OPENQUERY( <linked server name>,
'SELECT sAMAccountName, userPrincipalName, company, department, Name, givenName, SN, Mail, telephoneNumber, mobile,
l, physicalDeliveryOfficeName, postalCode, streetAddress, facsimileTelephoneNumber, msExchHideFromAddressLists, distinguishedName, info, title, st, userAccountControl
FROM ''<linked server name>/ DC=<subdomain>,DC=<domain>,DC=<net>''
WHERE sAMAccountType=805306368 AND NOT ''userAccountControl:1.2.840.113556.1.4.803:''=2
ORDER BY SN
')

will give you a lot of information about the users.

joining the results should give you everything you need

SELECT *
FROM ##ADS JOIN @usrs
ON @usrs.usr = ##ADS.sAMAccountName

regards

karl

Best regards
karl