Active Directory VBScript Get Users shared mailbox list - vbscript

I have found a few scripts online but all are so confusing and about 10 pages long LOL...
what im after is to enter a userid and search AD and the result im after is something like:
Name: Pavle Stoj
Email: pavle.stoj#...
Shared Mailboxes Pavle has access too:
mailbox 1
mailbox 2
mailbox 3
I can get Name and Email etc but when I get to the shared mailbox access I dont know commands to run to get them ?
Example of what I have so far which works fine for me..
' Check Exchange attributes for a 'user'
'
'
' -------------------------------------------------
' -------------------------------------------------
' Search box for userid
' ----------------------
strUsername = Inputbox ("UserID ?")
' -------------------------------------------------
' -------------------------------------------------
' Connect to AD and use the userid entered
' -------------------------------------------------
Set objRootDSE = GetObject("LDAP://RootDSE")
strDomain = objRootDSE.Get("DefaultNamingContext")
Set objConnection = CreateObject("ADODB.Connection")
objConnection.Provider = "ADsDSOObject"
objConnection.Open "Active Directory Provider"
Set objCommand = CreateObject("ADODB.Command")
Set objCommand.ActiveConnection = objConnection
objCommand.Properties("Searchscope") = 2
objCommand.CommandText = "SELECT distinguishedName FROM 'LDAP://" & strDomain & "' WHERE objectCategory='User' AND samAccountName = '" & strUsername & "'"
Set objRecordSet = objCommand.Execute
' -------------------------------------------------
' Quick Check the user exists in AD
' ----------------------------------
If Not objRecordSet.EOF Then
strDistOU = objRecordSet.Fields("distinguishedName").Value
Else
MsgBox("No Results for: " & strUsername)
Wscript.Quit
End If
' -------------------------------------------------
Set objUser = GetObject("LDAP://" & strDistOU)
strName = objUser.FullName
MsgBox strName

Worked it out...
delegateList = objUser.Get("publicDelegatesBL")
For Each Desc In delegateList
Set objMailbox = GetObject("LDAP://" & desc)
WScript.Echo " " & objMailbox.DisplayName
Next

Related

Through LDAP unable to read members of the domain admin group from Windows Server 2012

Trying to read domain admin group members through VBScript, but unable to read. Throwing error on user server.
object not a collection
But it's working in my local test Windows Server 2012.
User Running it from member server. User is having domain admin rights.
How to check LDAP issue in server or is their anything else?
Option Explicit
'Get all member of a group INCLUDING members from ALL NESTED groups.
'Simply call the script with the samAccountName of the group.
'If the group name contains spaces it should be ENCLOSED IN QUOTES,
'IE scriptName.vbs "DOMAIN ADMINS"
Dim objGroup
'verify a group name was passed
If WScript.Arguments.Count <> 1 Then
WScript.Echo "NO GROUP PASSED"
WScript.Echo "Usage: scriptName <groupSamAccountName>"
WScript.Quit
End If
'bind to the gorup
Set objGroup = getGroup(WScript.Arguments(0))
'enumerate the groups members
enumMembers objGroup, ""
Function getGroup(strGroupName)
Dim objConn, objRecSet, strQueryString, objRootDSE, strQueryFrom
Const adsOpenStatic = 3
Set objRootDSE = GetObject("LDAP://RootDSE")
strQueryFrom = "LDAP://" & objRootDSE.Get("defaultNamingContext")
Set objConn = WScript.CreateObject("ADODB.Connection")
objConn.Provider = "ADsDSOObject"
objConn.Open
strQueryString = "SELECT AdsPath FROM '" & strQueryFrom & "' " & _
"WHERE samAccountName = '" & strGroupName & "'"
Set objRecSet = WScript.CreateObject("ADODB.Recordset")
objRecSet.Open strQueryString, objConn, adsOpenStatic
If objRecSet.RecordCount = 1 Then
Set getGroup = GetObject(objRecSet("AdsPath"))
Else
WScript.Echo UCase(strGroupName) & " was not found in the domain.(" & objRootDSE.Get("defaultNamingContext") & ")"
WScript.Quit
End If
End Function
Sub enumMembers(ByRef objGroup, strInheritedFrom)
Dim objMember
For Each objMember In objGroup.Members '<---throwing error by saying "object not a collection"
If LCase(objMember.class) = "group" Then
WScript.Echo objMember.SamAccountName
End If
Next
End Sub

Password reminder prompt - combine vb and hta

I am trying to workout how I can combine these two scripts. I want to pass the value from the vbs script of the password remaining days to the hta file. I wouldnt mind a nicer web page interface as opposed to a message box if the users password has less than 7 days.
Any ideas?
https://www.reddit.com/r/usefulscripts/comments/4dc7pk/htavbscript_password_expiration_notification/
And this
'==========================================
' Check for password expiring notification
'==========================================
' First, get the domain policy.
'==========================================
Dim oDomain
Dim oUser
Dim maxPwdAge
Dim numDays
Dim warningDays
warningDays = 7
Set LoginInfo = CreateObject("ADSystemInfo")
Set objUser = GetObject("LDAP://" & LoginInfo.UserName & "")
strDomainDN = UCase(LoginInfo.DomainDNSName)
strUserDN = LoginInfo.UserName
'========================================
' Check if password is non-expiring.
'========================================
Const ADS_UF_DONT_EXPIRE_PASSWD = &h10000
intUserAccountControl = objUser.Get("userAccountControl")
If intUserAccountControl And ADS_UF_DONT_EXPIRE_PASSWD Then
'WScript.Echo "The password does not expire."
Else
Set oDomain = GetObject("LDAP://" & strDomainDN)
Set maxPwdAge = oDomain.Get("maxPwdAge")
'========================================
' Calculate the number of days that are
' held in this value.
'========================================
numDays = CCur((maxPwdAge.HighPart * 2 ^ 32) + _
maxPwdAge.LowPart) / CCur(-864000000000)
'WScript.Echo "Maximum Password Age: " & numDays
'========================================
' Determine the last time that the user
' changed his or her password.
'========================================
Set oUser = GetObject("LDAP://" & strUserDN)
'========================================
' Add the number of days to the last time
' the password was set.
'========================================
whenPasswordExpires = DateAdd("d", numDays, oUser.PasswordLastChanged)
fromDate = Date
daysLeft = DateDiff("d",fromDate,whenPasswordExpires)
'WScript.Echo "Password Last Changed: " & oUser.PasswordLastChanged
if (daysLeft < warningDays) and (daysLeft > -1) then
Msgbox "Your network password expires in " & daysLeft & " day(s)" & " at " & whenPasswordExpires & chr(13) & chr(13) & "Once logged in, press CTRL-ALT-DEL and" & chr(13) & "select the 'Change a password' option", 0, "PASSWORD EXPIRATION WARNING!"
End if
End if
'========================================
' Clean up.
'========================================
Set oUser = Nothing
Set maxPwdAge = Nothing
Set oDomain = Nothing

VBScript \ Active Directory Searched by displayname and received 2 of the same

I have my script to search by displayname and return the userid, which works fine.
but when I encounter a displayname that has 2 entries in AD i.e.
pavle stojanovic - he is from company 1
pavle stojanovic - he is from company 2
the userid doesnt get displayed because the script doesnt know what to do ?
how do i over come this ? if I get a return of 2 or more I'd like to say in the output hey i found the same name twice etc.. here are the userids and companies for both.
If you want to see the script its below...
strFile = objFSO.GetParentFolderName(Wscript.ScriptFullName) & "\users.xls"
Set objWorkbook = objExcel.Workbooks.Open(strFile)
objWorkbook.Activate
objExcel.Visible = False
intRow = 2 ' starts reading file at line 2
' this part runs a loop through the excel file reading each userid and getting data requested.
' ---------------------------------------------------------------------------------------------
Do Until objExcel.Cells(intRow,1).Value = ""
ExcelRow = objExcel.Cells(intRow, 1)
Call GetOU ' calling sub to search
intRow = intRow + 1
Loop
' This section just formats the excel file to widen the columns
' --------------------------------------------------------------
Set objRange = objExcel.Range("A1")
objRange.Activate
Set objRange = objExcel.ActiveCell.EntireColumn
objRange.AutoFit()
Set objRange = objExcel.Range("B1")
objRange.Activate
Set objRange = objExcel.ActiveCell.EntireColumn
objRange.AutoFit()
Set objRange = objExcel.Range("C1")
objRange.Activate
Set objRange = objExcel.ActiveCell.EntireColumn
objRange.AutoFit()
Set objRange = objExcel.Range("D1")
objRange.Activate
Set objRange = objExcel.ActiveCell.EntireColumn
objRange.AutoFit()
objExcel.ActiveWorkbook.Save
objExcel.Quit
' Sub to get Details for user
' ----------------------------
Sub GetOU
On Error Resume Next
Set objRootDSE = GetObject("LDAP://RootDSE")
strDomain = objRootDSE.Get("DefaultNamingContext")
Set objConnection = CreateObject("ADODB.Connection")
objConnection.Provider = "ADsDSOObject"
objConnection.Open "Active Directory Provider"
Set objCommand = CreateObject("ADODB.Command")
Set objCommand.ActiveConnection = objConnection
objCommand.Properties("Size Limit") = 100000
objCommand.Properties("Searchscope") = 2
objCommand.CommandText = "SELECT distinguishedName FROM 'LDAP://" & _
strDomain & _
"' WHERE objectCategory='User' AND DisplayName = '" & _
ExcelRow & "'"
Set objRecordSet = objCommand.Execute
If Not objRecordSet.EOF Then
strDN = objRecordSet.Fields("distinguishedName").Value
' ###########################################################
' ###########################################################
' This is where the script does 'its thing' ...
' gets what you want.
' ------------------------------------------------
Set MyUser = GetObject ("LDAP://" & strDN)
objExcel.Cells(intRow, 3).Value = UCASE(MyUser.SamAccountName)
' ###########################################################
' ###########################################################
Else
Wscript.Echo "User Not Found: " & ExcelRow
End If
Err.Clear
End Sub
If multiple accounts are found, the Record Set will have multiple records and you'll need to loop through it. Your code currently only gets the first item in the Record Set.
Change If Not objRecordSet.EOF Then to Do While Not objRecordSet.EOF
Then
strDN = objRecordSet.Fields("distinguishedName").Value
' ###########################################################
' ###########################################################
Set MyUser = GetObject ("LDAP://" & strDN)
When inserting the users into the spreadsheet, you'll want to control the placement of the cell dynamically so the same cell isn't written over at each loop.
objExcel.Cells(intRow, 3).Value = UCASE(MyUser.SamAccountName)
At the end of processing this user, you'll use this to move to the next object (user) in the Record Set
objRecordSet.MoveNext
Then instead of End If, you'll use Loop
EDIT:
Also, instead of connecting to the object using Set MyUser = GetObject(etc), could you just use "SELECT sAMAccountName FROM... in your query then strsAMAccountName = objRecordSet.Fields("sAMAccountName") to save some memory/time?
Edit2:
I am doing this in my script.
If objRecordSet.RecordCount = 0 Then
'Things to do if not found
Exit Sub 'Then exit before entering loop
End If
Also, if the user isn't found then objRecordSet.EOF will equal True.

change password at next logon...vbscript

I have the below code that "should" tick the box for change a local users password at next logon but I keep on getting errors.
The account is already created and on the server locally.
Any help please.
I have to do this in vbscript and not powershell due to older servers in our environment.
Code:
' get computer name
Set oWshNet = CreateObject("WScript.Network" )
sComputerName = oWshNet.ComputerName
'Set Account Testuser Password Expired parameter
Set objUser = GetObject("WinNT:// " & sComputerName & "/Testuser")
objUser.Put "PasswordExpired", 1
objUser.SetInfo
Error:
account.vbs(6, 1) (null): The network path was not found.
*****EDIT***********
Figured it out: (thanks google!)
Set oShell = CreateObject("WScript.Shell")
Const SUCCESS = 0
sUser = "TestUser"
' get the local computername with WScript.Network,
' or set sComputerName to a remote computer
Set oWshNet = CreateObject("WScript.Network")
sComputerName = oWshNet.ComputerName
Set oUser = GetObject("WinNT://" & sComputerName & "/" & sUser)
oUser.Put "PasswordExpired", 1
oUser.SetInfo
oShell.LogEvent SUCCESS, "Password Attribute Changed"
Thanks.
The answer to this was:
Set oShell = CreateObject("WScript.Shell")
Const SUCCESS = 0
sUser = "TestUser"
' get the local computername with WScript.Network,
' or set sComputerName to a remote computer
Set oWshNet = CreateObject("WScript.Network")
sComputerName = oWshNet.ComputerName
Set oUser = GetObject("WinNT://" & sComputerName & "/" & sUser)
oUser.Put "PasswordExpired", 1
oUser.SetInfo
oShell.LogEvent SUCCESS, "Password Attribute Changed"

Get SAMAccountNames for all users in AD group

I'm looking for a vbscript that will retrieve the SAMAccountNames for all members in a Active Directory Group.
Thanks.
Here is the script you are looking for :
' Begining from a given group
Dim strGrp
strGrp = "cn=g1,ou=ou,dc=societe,dc=fr"
Set objGroup = GetObject ("LDAP://"& strGrp)
objGroup.getInfo
arrMemberOf = objGroup.GetEx("member")
' Loop = For Each .... Next
' WScript.Echo "Members of Group "
For Each strMember in arrMemberOf
WScript.echo strMember
Set objUser = GetObject ("LDAP://"& strMember)
sAMAccountName = objUser.GetEx("sAMAccountName")
WScript.echo sAMAccountName(0)
Next
Wscript.Quit
Here is a site where you can get help.

Resources