If, like me, you have been left irritated by the search function in Active Directory Users and Computers simply not telling you WHERE a particular user or computer actually is, simply use this bit of code. It allows you to search through AD for users or computers and returns a list of what it finds and the FULL canonical name so you can actually find the damned thing.
You could of course expand this script to perform user modifications such as resetting passwords, without the need to use the AD MMC console.
Click the link to see the script.
'==========================================================================
'
' NAME: search_ad.vbs
'
' AUTHOR: Lewis Roberts
' DATE : 30/09/2005
'
' COMMENT: Returns the full canonical name of an LDAP source if found in
' the Active Directory. You can search for anything that would
' be found in Active Directory.
'
'==========================================================================
On Error Resume Next
ADSRoot = "DC=domain,DC=co,DC=uk"
Const ADS_SCOPE_SUBTREE = 2
Set objConnection = CreateObject("ADODB.Connection")
Set objCommand = CreateObject("ADODB.Command")
objConnection.Provider = "ADsDSOObject"
objConnection.Open "Active Directory Provider"
Set objCommand.ActiveConnection = objConnection
objCommand.Properties("Page Size") = 1000
objCommand.Properties("Searchscope") = ADS_SCOPE_SUBTREE
objCommand.CommandText = _
"SELECT * FROM 'LDAP://" & ADSRoot & "' WHERE objectCategory='user' OR objectCategory='computer'"
srchTrm = LCase(InputBox("Please enter your search term.", "Active Directory Search"))
i = 0
If Len(srchTrm) < 4 or Instr(srchTrm, "=") Then
WScript.Echo "Please enter a search term in excess of 3 characters and don't use ""="""
WScript.Quit
End If
Set objRecordSet = objCommand.Execute
objRecordSet.MoveFirst
Do Until objRecordSet.EOF
strADPath = LCase(objRecordSet.Fields("adsPath").Value)
If InStr(strADPath, srchTrm) Then
Set objUser = GetObject(objRecordSet.Fields("adsPath").Value)
Select Case objUser.Class
Case "user"
strMsg = "Type: Person" & VbCrLf
strMsg = strMsg & "Name: " & objUser.DisplayName & VbCrLf
strMsg = strMsg & "Email: " & objUser.mail & VbCrLf
strMsg = strMsg & "Telephone: " & objUser.telephoneNumber & VbCrLf
Case "computer"
strMsg = "Type: Computer" & VbCrLf
strMsg = strMsg & "Name: " & objUser.Get("name") & VbCrLf
strMsg = strMsg & "OS: " & objUser.operatingSystem & VbCrLf
Case Else
strMsg = "Unidentified" & VbCrLf
End Select
strMsg = strMsg & "LDAP: " & objUser.adsPath
WScript.Echo strMsg & VbCrLf
i = i + 1
End If
objRecordSet.MoveNext
Loop
If Not i > 0 Then
WScript.Echo "No results found."
End If
Line 35 should say
less than or equal to 3but because of the way the code commenter works I’ve had to alter it.Sorry about this folks!