and it is getting successfully executed but i am not able to see the mailbox created. Actually i am using exchange server 2010 and server 2008r2 i am using the command CreateMailBox , but it says it does not support the property/object. So please help me writing a vbscript to create a Mailbox for exchange 2010 and server 2008 R2.
Here is my script
Dim oIADSUser
Dim oMailbox
Set oIADS = GetObject("LDAP://RootDSE")
strDefaultNC = oIADS.Get("defaultnamingcontext")
'MsgBox FindAnyMDB("CN=Configuration," & strDefaultNC)
'TODO: Use the newly created domain user account to replace the "UserName".
Set oIADSUser = GetObject("LDAP://CN=UserName,CN=Users," & strDefaultNC)
Set oMailBox = oIADSUser
oMailbox.CreateMailbox FindAnyMDB("CN=Configuration," & strDefaultNC)
oIADSUser.SetInfo
Function FindAnyMDB(strConfigurationNC)
Dim oConnection
Dim oCommand
Dim oRecordSet
Dim strQuery
' Open the Connection.
Set oConnection = CreateObject("ADODB.Connection")
set oCommand = CreateObject("ADODB.Command")
Set oRecordSet = CreateObject("ADODB.Recordset")
oConnection.Provider = "ADsDSOObject"
oConnection.Open "ADs Provider"
' Build the query to find the private MDB.
strQuery = "<LDAP://" & strConfigurationNC & ">; (objectCategory=msExchPrivateMDB);name,adspath;subtree"
oCommand.ActiveConnection = oConnection
oCommand.CommandText = strQuery
Set oRecordSet = oCommand.Execute
' If you have an MDB, return the first one.
If Not oRecordSet.EOF Then
oRecordSet.MoveFirst
FindAnyMDB = CStr(oRecordSet.Fields("ADsPath").Value)
Else
FindAnyMDB = ""
End If
'Clean up.
oRecordSet.Close
oConnection.Close
Set oRecordSet = Nothing
Set oCommand = Nothing
Set oConnection = Nothing
End Function
From everything I've seen, vbscript isn't supported with the move to PowerShell. You could use vbs to call PowerShell and run the appropriate cmdlet if you really need to use vbscript. Other than that you'll probably want to look at a different solution.
$password = Read-Host "Enter password" -AsSecureString
New-Mailbox -UserPrincipalName testuser#mlexchange.net -Alias testuser -Database "Mailbox Database 2048259302" -Name testuser –OrganizationalUnit Users -Password $password -FirstName test -LastName user -DisplayName "Test User" -ResetPasswordOnNextLogon $true
Related
I have a script that connects to AD and queries LDAP. The script works as long as you have the proper credentials and are connected to AD. This script runs with a variety of subs and I am trying to make the script more robust to be able to run in multiple environment that may not have AD.
On Error Resume Next
Dim tempResult
' Setup ADO objects.
Set adoCommand = CreateObject("ADODB.Command")
Set adoConnection = CreateObject("ADODB.Connection")
adoConnection.Provider = "ADsDSOObject"
adoConnection.CommandTimeout = 10
adoConnection.Open "Active Directory Provider"
Set adoCommand.ActiveConnection = adoConnection
' Search entire Active Directory domain.
Set objRootDSE = GetObject("LDAP://RootDSE")
strDNSDomain = objRootDSE.Get("defaultNamingContext")
strBase = "<LDAP://" & strDNSDomain & ">"
' Filter on user objects.
strFilter = ""
' Comma delimited list of attribute values to retrieve.
strAttributes = "comment,c,co,countryCode,department,description,directReports,displayName,distinguishedName,info,lastLogon,lastLogonTimestamp,mail,manager,memberOf,msExchHomeServerName,name,objectCategory,objectClass,operatingSystem,operatingSystemServicePack,operatingSystemVersion,ou,pwdLastSet,sAMAccountName,title,userAccountControl,userPrincipalName"
' Construct the LDAP syntax query.
strQuery = strBase & ";" & strFilter & ";" & strAttributes & ";subtree"
adoCommand.CommandText = strQuery
adoCommand.Properties("Cache Results") = False
' Run the query.
Set adoRecordset = adoCommand.Execute
if Err<>0 Then
'log error information
End If
Err.Clear
On Error GoTo 0
However when i have the script wrapped in the On Error Resume Next the script will hang when running on a machine that isn't connected to AD or doesn't have sufficient privileges on AD. Any ideas to be able to make this portion of the script run and continue if there is an error? Again if there is an error i don't care about getting any results i just want the script to continue on it's merry way.
I want to know is there any script to check if the machine is present in AD or not. Like say i have a machine named XYZ and I want to check if this machine is in AD or not.
Using VBScript how do I do this?
I am new to LDAP.
If your AD is a Windows Server 2008 or 2008 R2 take a look at Dsquery Computer
Use : Dsquery computer -name MyComputer
However, you can try using ADODB
Or this example : (sample from VBsedit)
' List All Computer Accounts in Active Directory
Const ADS_SCOPE_SUBTREE = 2
Set objConnection = CreateObject("ADODB.Connection")
Set objCommand = CreateObject("ADODB.Command")
objConnection.Provider = "ADsDSOObject"
objConnection.Open "Active Directory Provider"
Set objCOmmand.ActiveConnection = objConnection
objCommand.CommandText = _
"Select Name, Location from 'LDAP://DC=fabrikam,DC=com' " _
& "Where objectClass='computer'"
objCommand.Properties("Page Size") = 1000
objCommand.Properties("Searchscope") = ADS_SCOPE_SUBTREE
Set objRecordSet = objCommand.Execute
objRecordSet.MoveFirst
Do Until objRecordSet.EOF
Wscript.Echo "Computer Name: " & objRecordSet.Fields("Name").Value
Wscript.Echo "Location: " & objRecordSet.Fields("Location").Value
objRecordSet.MoveNext
Loop
You can find an example here.. You need to use the WSCript.Network
http://social.technet.microsoft.com/Forums/windowsserver/en-US/58aea18c-d5ff-48a7-bc76-5bd64183ba8c/use-vbscript-to-query-ad-for-computer-account?forum=winserverDS
I'm trying to write a script that connects to Active Directory using Administrator credentials. Then searches the entire domain for a specific username, then updates that user's properties. I've written a script that I think should work, but I'm getting "Access Denied" errors, weirdly enough.
Here's the script, which I've put into sections. Because it's supposed to run through SuperOffice, which has it's own unique environment.
Dim strUser, rootDSE, adoConnection, ldapStr, adoRecord, objUser
updateUser()
Public Sub updateUser()
ADUsername = "john.doe"
createADConnection()
If userExistsInAD(ADUsername) = False Then
Exit Sub
End if
objUser.Put "description", "testing"
objUser.SetInfo
End Sub
Public Sub createADConnection()
Set rootDSE = GetObject("LDAP://RootDSE")
Set adoConnection = CreateObject("ADODB.Connection")
adoConnection.Provider = "ADSDSOObject"
adoConnection.Properties("User ID") = "mydomain\administrator"
adoConnection.Properties("Password") = "8g773ggj024g"
adoConnection.Properties("Encrypt Password") = True
adoConnection.Properties("ADSI Flag") = ADS_SERVER_BIND Or ADS_SECURE_AUTHENTICATION
adoConnection.Open "Active Directory Provider"
End Sub
Public Function userExistsInAD(ByVal strUser)
ldapStr = "<LDAP://" & rootDSE.Get("defaultNamingContext") & ">;(&(objectCategory=Person)(objectClass=User)(samAccountName=" & strUser & "));adspath;subtree"
Set adoRecord = adoConnection.Execute(ldapStr)
If Not adoRecord.EOF Then
userExistsInAD = True
Exit Function
End if
userExistsInAD = False
End Function
Sounds to me like the account you are running SuperOffice with does not have Domain Admin credentials. Have you tried running it directly with your account?
In Active Directory, there is a tab called "Dial-In", and under that tab is a radio button control with three settings:
Allow Access
Deny Access
Control access through remote access policy
I'd like to write a VBScript to take a user name, and return the setting for that user.
(I'm actually modifying an existing VBScript, which is why I am forced to use that tool).
What is the best way to do that?
Here is the best solution I was able to come up with. It is easy to modify it to output the setting for all users.
Main
Function Main
'Usage: cscript /nologo lookup.vbs mydomain username
Wscript.Echo CanDialIn(Wscript.Arguments(0), Wscript.Arguments(1))
Main = 0
End Function
Function CanDialIn(domainname, username)
'Take a user name and query whether they have permission to Dial in or not
'http://www.microsoft.com/technet/scriptcenter/resources/qanda/aug05/hey0825.mspx
Const ADS_SCOPE_SUBTREE = 2
Dim objConnection
Dim objCommand
Dim objRecordSet
Set objConnection = CreateObject("ADODB.Connection")
Set objCommand = CreateObject("ADODB.Command")
objConnection.Provider = "ADsDSOObject"
objConnection.Open "Active Directory Provider"
Set objCommand.ActiveConnection = objConnection
objCommand.Properties("Page Size") = 1000
objCommand.Properties("Searchscope") = ADS_SCOPE_SUBTREE
'Three possible values for msNPAllowDialin:
'TRUE = "Allow Access"
'FALSE = "Deny Access"
'EMPTY = "Control access through remote access policy"
objCommand.CommandText = _
"SELECT msNPAllowDialin FROM 'LDAP://dc=" & domainname & ",dc=com' WHERE objectCategory='user' AND sAMAccountName = '" & username & "'"
On Error Resume Next
Set objRecordSet = objCommand.Execute
if objRecordSet.EOF then
CanDialIn = "Could not find user " & username
else
if objRecordSet.Fields("msNPAllowDialin").Value = True then
CanDialIn = "Allow"
else
if objRecordSet.Fields("msNPAllowDialin").Value = False then
CanDialIn = "Deny"
else
CanDialIn = "Control"
end if
end if
end if
End Function
I have code that works correctly to connect to an Active Directory server:
Dim oDSObj: Set oDSObj = GetObject("LDAP:")
Dim oAuth: Set oAuth = oDSObj.OpenDSObject("LDAP://ldap.domain.com", "DOMAIN\username", "password", 1)
However, I can't seem to figure out the syntax to make this work against an OpenLDAP Server:
Dim oDSObj: Set oDSObj = GetObject("LDAP:")
Dim oAuth: Set oAuth = oDSObj.OpenDSObject("LDAP://ldap.domain.com/ou=Users", "username", "password", 1)
To be honest, I'm a bit of a n00b when it comes to LDAP, so I don't understand what dc vs cn vs ou means (I know they stand for org unit, common name etc) but I don't get when you need to tack that on to queries.
Once I connect to the Active Directory server, the following code queries it:
dc = ""
Set oConn = Server.CreateObject("ADODB.Connection")
oConn.Provider = "ADSDSOObject"
oConn.Open "Ads Provider", "DOMAIN\username", "password" '
Dim rs: Set rs = oConn.Execute("<LDAP://ldap.domain.com" & dc & ">;(& (objectCategory=person)(objectClass=user)(sAMAccountName=" & GetLDAPUserName(sPerson) & "));name,mail,telephoneNumber;subtree")
But I realize that sAMAccountName is an AD specific thing, so the openLDAP code will need a different syntax.
The user is 'ldapuser' with a password of 'password', stored here:
ou=Users,dc=domain,dc=com
What is the code to connect to that LDAP server and query for account info?
I finally figured it out:
sUser = "myusername"
sDN = "cn=" & sUser & ",ou=people,dc=company,dc=com"
sRoot = "LDAP://ldapservername.com/dc=company,dc=com"
Dim oDS: Set oDS = GetObject("LDAP:")
Dim oAuth: Set oAuth = oDS.OpenDSObject(sRoot, sDN, "password", &H0200)
Dim oConn: Set oConn = CreateObject("ADODB.Connection")
oConn.Provider = "ADSDSOObject"
oConn.Open "Ads Provider", sDN, "password"
Dim rs
Set rs = oConn.Execute("<" & sRoot & ">;(uid=" & sUser & ");cn,mail,telephoneNumber;subtree")
wscript.echo rs("cn").value
wscript.echo rs("mail").value
wscript.echo rs("telephoneNumber").value
Thanx a lot for your code Michael. I've modified it to simply authenticate users (user-password) using the central OpenLDAP server. Here is the code that worked for me (MSAccess 2003):
sUser = "TheUserName"
sDN = "uid=" & sUser & ",o=users,dc=MyDomain,dc=it"
sRoot = "LDAP://MyLDAPServer/o=users,dc=MyDomain,dc=it"
Dim oDS: Set oDS = GetObject("LDAP:")
On Error GoTo AuthError
Dim oAuth: Set oAuth = oDS.OpenDSObject(sRoot, sDN, "ThePassword", &H200)
On Error GoTo 0
MsgBox "Login Successful"
Exit Sub
AuthError:
If Err.Number = -2147023570 Then
MsgBox "Wrong Username or password !!!"
End If
On Error GoTo 0