Google Groups no longer supports new Usenet posts or subscriptions. Historical content remains viewable.
Dismiss

vbs and ldap - sub ou?

353 views
Skip to first unread message

Massi

unread,
Dec 19, 2007, 4:28:52 AM12/19/07
to
Hi all,
little problem here: i'm trying to get all computer from an OU in my
win2k AD domain.

This works:

Set objOU = GetObject("LDAP://OU=Clients,DC=my,DC=domain,DC=com")
objOU.Filter = Array("Computer")
For Each objComputerItem In objOU
strComputer = objComputerItem.CN
msgbox(strComputer)
Next

this does NOT work:

Set objOU = GetObject("LDAP://
OU=Clients,OU=notebooks,DC=my,DC=domain,DC=com")
objOU.Filter = Array("Computer")
For Each objComputerItem In objOU
strComputer = objComputerItem.CN
msgbox(strComputer)
Next

like it the script cannot find the sub-ou.
It does not work even if i put simply the name of the sub ou
GetObject("LDAP://OU=notebooks,DC=my,DC=domain,DC=com")

Why?
And is there a way to get the script search in sub-ous automatically?

thank you!

Richard Mueller [MVP]

unread,
Dec 19, 2007, 9:42:09 AM12/19/07
to
Massi wrote:

You have the order of the components wrong. The child ou is:

ou=notebooks,ou=Clients,dc=My,dc=Domain,dc=com

assuming that ou=notebooks resides in ou=Clients.

--
Richard Mueller
Microsoft MVP Scripting and ADSI
Hilltop Lab - http://www.rlmueller.net
--


Massi

unread,
Dec 19, 2007, 11:43:45 AM12/19/07
to
On 19 Dic, 15:42, "Richard Mueller [MVP]" <rlmueller-
nos...@ameritech.nospam.net> wrote:

> You have the order of the components wrong. The child ou is:
>
> ou=notebooks,ou=Clients,dc=My,dc=Domain,dc=com
>
> assuming that ou=notebooks resides in ou=Clients.

you are right, but i already found that error :)
what about this:

> > And is there a way to get the script search in sub-ous automatically?

is there a way? i'd like the script to browse OUs recursively..

Richard Mueller [MVP]

unread,
Dec 19, 2007, 1:04:34 PM12/19/07
to

"Massi" <patta...@gmail.com> wrote in message
news:8fceb570-8f58-480b...@f3g2000hsg.googlegroups.com...

Yes, you can code a recursive sub. For example:
==================
Dim objOU

Set objOU = GetObject("LDAP://ou=Parent,dc=MyDomain,dc=com")
Call EnumComputers(objOU)

Sub EnumComputers(objParent)
' Recursive method to enumerate computer objects in
' container and all sub containers/OU's.
Dim objComputer, objChild

' Output name of OU.
Wscript.Echo objParent.distinguishedName

' Enumerate computers in OU.
objParent.Filter = Array("computer")
For Each objComputer In objParent
Wscript.Echo "-- " & objComputer.cn
Next

' Call this sub recursively for each child OU/Container.
objParent.Filter = Array("container", "organizationalUnit")
For Each objChild In objParent
Call EnumComputers(objChild)
Next
End Sub
=========
I added code to document the OU the computer is in. Also, it would be more
efficient to use ADO to retrieve information on all computer objects in an
OU and all child OU's. You would not need to bind to the OU and computer
objects, which can slow things down in a large netword. See this link for
information on using ADO:

http://www.rlmueller.net/ADOSearchTips.htm

For example:
=============
Option Explicit

Dim adoCommand, adoConnection, strBase, strFilter, strAttributes

Dim strQuery, adoRecordset, strNTName, strCN, strDN

' Setup ADO objects.

Set adoCommand = CreateObject("ADODB.Command")
Set adoConnection = CreateObject("ADODB.Connection")
adoConnection.Provider = "ADsDSOObject"
adoConnection.Open "Active Directory Provider"
adoCommand.ActiveConnection = adoConnection

' Specify one OU as the base of the search.

strBase = "<LDAP://ou=West,dc=MyDomain,dc=com>"

' Filter on computer objects.
strFilter = "(objectCategory=computer)"

' Comma delimited list of attribute values to retrieve.
strAttributes = "sAMAccountName,cn,distinguishedName"

' Construct the LDAP syntax query.

' The clause ";subtree" makes ADO search the base container and all

' child containers/OU's.
strQuery = strBase & ";" & strFilter & ";" & strAttributes & ";subtree"
adoCommand.CommandText = strQuery
adoCommand.Properties("Page Size") = 100
adoCommand.Properties("Timeout") = 30
adoCommand.Properties("Cache Results") = False

' Run the query.
Set adoRecordset = adoCommand.Execute


' Enumerate the resulting recordset.
Do Until adoRecordset.EOF

' Retrieve values and display.
strNTName = adoRecordset.Fields("sAMAccountName").Value

strCN = adoRecordset.Fields("cn").value

strDN = adoRecordset.Fields("distinguishedName").Value

Wscript.Echo strNTName & ";" & strCN & ";" & strDN

' Move to the next record in the recordset.
adoRecordset.MoveNext
Loop

' Clean up.

adoRecordset.Close

adoConnection.Close

============

In this case I chose to output the values in semicolon delimited lines,
since DN's (and sometimes Common Names) have embedded commas. The script
should be run at a command prompt with the cscript host. The output can be
redirected to a text file, which can be read by a spreadsheet program.

Massi

unread,
Dec 21, 2007, 3:01:27 AM12/21/07
to
On 19 Dic, 19:04, "Richard Mueller [MVP]" <rlmueller-
nos...@ameritech.nospam.net> wrote:

> Yes, you can [cut]

WOW thank you very very much :)

0 new messages