473,324 Members | 2,166 Online
Bytes | Software Development & Data Engineering Community
Post Job

Home Posts Topics Members FAQ

Join Bytes to post your question to a community of 473,324 software developers and data experts.

Querying Active Directory for a specific user

Seth Schrock
2,965 Expert 2GB
I have found the following thread which ADezii solved very nicely: ...Grab information from AD.... However, this just pulls for the current user. I want to be able to specify the user so that I can get their email address. From research that I have done online (ADSI Active Directory), you must use LDAP and not WinNT to be able to pull the EmailAddress property of the user. Again from looking online, it seems that I need to know the OU where the user is located to be able to do this. The problem is that our users are arranged through many different OUs and I can't predict where via code.

What I'm trying to do is get the email addresses for everyone in a specific security group. I had managed to get several pieces of information using the following code.
Expand|Select|Wrap|Line Numbers
  1. Public Sub UsersInGroup(GroupName As String)
  2. Dim adGroup As ActiveDs.IADsGroup
  3. Dim adMembers As IADsMembers
  4. Dim adMember As IADs
  5. Dim adNTUser As IADsUser
  6.  
  7. Set adGroup = GetObject("WinNT://MyDomain/" & GroupName)
  8. Set adMembers = adGroup.Members
  9.  
  10. For Each adMember In adMembers
  11.  
  12.     Set adNTUser = GetObject("WinNT://MyDomain/" & adMember.Name & ",user")
  13.     Debug.Print adMember.Name, adNTUser.FullName, adNTUser.IsAccountLocked, adNTUser.PasswordExpirationDate, adNTUser.EmailAddress
  14.  
  15. Next
  16.  
  17. End Sub
  18.  
Everything in this works except for the adNTUser.EmailAddress at the end of the Debug.Print line. So I just need to replace the WinNT string with an LDAP string that allows me to search for the user by username. I had tried
Expand|Select|Wrap|Line Numbers
  1. "LDAP://CN=" & adNTUser.FullName & ",CN=Users,DC=MyDomain,DC=com"
but I get an error saying "There is no such object on the server". I don't know much about LDAP and I have no clue what else to try.
Oct 28 '14 #1

✓ answered by Rabbit

This is a VBScript that I use at work to grab AD info quickly given their first and last name. The part you'll be interested in is the filter that is used to find the correct AD object regardless of which OU they are in.

Expand|Select|Wrap|Line Numbers
  1. Option Explicit
  2.  
  3. Dim objRoot, strDomain, objConn, objComm, objRecordset
  4. Dim sFilter, sAttribs, sDepth, sBase, sQuery
  5.  
  6. Set objRoot = GetObject("LDAP://RootDSE")
  7. strDomain = objRoot.Get("DefaultNamingContext")
  8. Set objConn = CreateObject("ADODB.Connection")
  9. Set objComm = CreateObject("ADODB.Command")
  10.  
  11. sFilter = "(&(objectClass=person)(sn=" & InputBox("Enter Last Name") & ")(givenName=" & InputBox("Enter First Name") & "))"
  12. sAttribs = "adsPath,objectCategory,physicalDeliveryOfficeName,telephoneNumber,streetAddress,manager,mail,sAMAccountName"
  13. sDepth = "SubTree"
  14. sBase = "<LDAP://" & strDomain & ">"
  15. sQuery = sBase & ";" & sFilter & ";" & sAttribs & ";" & sDepth
  16.  
  17. objConn.Open "Data Source=Active Directory Provider;Provider=ADsDSOObject"
  18. Set objComm.ActiveConnection = objConn
  19. objComm.Properties("Page Size") = 10000
  20. objComm.CommandText = sQuery
  21. Set objRecordset = objComm.Execute
  22.  
  23. Do Until objRecordset.EOF
  24.     MsgBox objRecordset("adsPath") & vbCrLf & vbCrLf & "Account Name: " & Nz(objRecordset("sAMAccountName"), "") & vbCrLf & "Street Address: " & Nz(objRecordset("streetAddress"), "") & vbCrLf & "Office: " & Nz(objRecordset("physicalDeliveryOfficeName"), "") & vbCrLf & "Telephone Number: " & Nz(objRecordset("telephoneNumber"), "") & vbCrLf & "E-Mail: " & Nz(objRecordset("mail"), "") & vbCrLf & "Manager: " & Nz(objRecordset("manager"), "")
  25.     objRecordset.MoveNext
  26. Loop
  27.  
  28. Function Nz(strItem, strReturn)
  29.     If IsNull(strItem) Then
  30.         Nz = strReturn
  31.     Else
  32.         Nz = strItem
  33.     End If
  34. End Function

10 12749
iam_clint
1,208 Expert 1GB
I do believe you are looking for username and not FullName for the LDAP query.
Oct 28 '14 #2
Seth Schrock
2,965 Expert 2GB
Well, based on the solution ADezii posted in the thread that I referenced, the string that sysInfo.UserName uses the user's full name along with the other elements I listed. So while you are accurate that the property used is called UserName, it refers to the user's name and not the computer username that I'm looking for.
Oct 28 '14 #3
Rabbit
12,516 Expert Mod 8TB
This is a VBScript that I use at work to grab AD info quickly given their first and last name. The part you'll be interested in is the filter that is used to find the correct AD object regardless of which OU they are in.

Expand|Select|Wrap|Line Numbers
  1. Option Explicit
  2.  
  3. Dim objRoot, strDomain, objConn, objComm, objRecordset
  4. Dim sFilter, sAttribs, sDepth, sBase, sQuery
  5.  
  6. Set objRoot = GetObject("LDAP://RootDSE")
  7. strDomain = objRoot.Get("DefaultNamingContext")
  8. Set objConn = CreateObject("ADODB.Connection")
  9. Set objComm = CreateObject("ADODB.Command")
  10.  
  11. sFilter = "(&(objectClass=person)(sn=" & InputBox("Enter Last Name") & ")(givenName=" & InputBox("Enter First Name") & "))"
  12. sAttribs = "adsPath,objectCategory,physicalDeliveryOfficeName,telephoneNumber,streetAddress,manager,mail,sAMAccountName"
  13. sDepth = "SubTree"
  14. sBase = "<LDAP://" & strDomain & ">"
  15. sQuery = sBase & ";" & sFilter & ";" & sAttribs & ";" & sDepth
  16.  
  17. objConn.Open "Data Source=Active Directory Provider;Provider=ADsDSOObject"
  18. Set objComm.ActiveConnection = objConn
  19. objComm.Properties("Page Size") = 10000
  20. objComm.CommandText = sQuery
  21. Set objRecordset = objComm.Execute
  22.  
  23. Do Until objRecordset.EOF
  24.     MsgBox objRecordset("adsPath") & vbCrLf & vbCrLf & "Account Name: " & Nz(objRecordset("sAMAccountName"), "") & vbCrLf & "Street Address: " & Nz(objRecordset("streetAddress"), "") & vbCrLf & "Office: " & Nz(objRecordset("physicalDeliveryOfficeName"), "") & vbCrLf & "Telephone Number: " & Nz(objRecordset("telephoneNumber"), "") & vbCrLf & "E-Mail: " & Nz(objRecordset("mail"), "") & vbCrLf & "Manager: " & Nz(objRecordset("manager"), "")
  25.     objRecordset.MoveNext
  26. Loop
  27.  
  28. Function Nz(strItem, strReturn)
  29.     If IsNull(strItem) Then
  30.         Nz = strReturn
  31.     Else
  32.         Nz = strItem
  33.     End If
  34. End Function
Oct 28 '14 #4
Seth Schrock
2,965 Expert 2GB
Can I filter based on the username? For some strange reason, I have access to the FullName property through WinNT, but not the FirstName and LastName properties. I get the username through the Member object.
Oct 28 '14 #5
Rabbit
12,516 Expert Mod 8TB
You can filter by any field available in AD. I believe the username field is called sAMAccountName. Which may or may not include the domain as part of it. I can't remember of the top off my head.
Oct 29 '14 #6
Seth Schrock
2,965 Expert 2GB
It worked. Thanks Rabbit. Here is my completed code that allows me to specify the security group and then outputs the username and email address associated with the user:
Expand|Select|Wrap|Line Numbers
  1. Public Sub UsersInGroup(GroupName As String)
  2. Dim adGroup As ActiveDs.IADsGroup
  3. Dim adMembers As IADsMembers
  4. Dim adMember As IADs
  5. Dim adUser As IADsUser
  6. Dim objConn As Object
  7. Dim objComm As Object
  8. Dim objRecordset As Object
  9. Dim sFilter As String
  10. Dim sAttribs As String
  11. Dim sDepth As String
  12. Dim sBase As String
  13. Dim sQuery As String
  14.  
  15. Set objConn = CreateObject("ADODB.Connection")
  16. Set objComm = CreateObject("ADODB.Command")
  17. Set adGroup = GetObject("WinNT://ftc/" & GroupName)
  18. Set adMembers = adGroup.Members
  19.  
  20. objConn.Open "Data Source=Active Directory Provider;Provider=ADsDSOObject"
  21. Set objComm.ActiveConnection = objConn
  22. objComm.Properties("Page Size") = 10000
  23.  
  24. sAttribs = "adsPath,objectCategory,physicalDeliveryOfficeName,telephoneNumber,streetAddress,manager,mail,sAMAccountName"
  25. sDepth = "SubTree"
  26. sBase = "<LDAP://DC=FTC,DC=com>"
  27.  
  28. For Each adMember In adMembers
  29.     sFilter = "(&(objectClass=person)(sAMAccountName=" & adMember.Name & "))"
  30.     sQuery = sBase & ";" & sFilter & ";" & sAttribs & ";" & sDepth
  31.     objComm.CommandText = sQuery
  32.     Set objRecordset = objComm.Execute
  33.  
  34.     Debug.Print "Account Name: " & Nz(objRecordset("sAMAccountName"), ""), "E-Mail: " & Nz(objRecordset("mail"), "")
  35.  
  36. Next
  37.  
  38. Set objComm = Nothing
  39. Set objConn = Nothing
  40. Set adGroup = Nothing
  41. Set adMembers = Nothing
  42. Set objRecordset = Nothing
  43.  
  44. End Sub
Oct 29 '14 #7
Rabbit
12,516 Expert Mod 8TB
No problem Seth. By the way, the sAttribs is a listing of fields to return. You don't need to return all the fields that I returned in my script if all you need is the email.
Oct 29 '14 #8
Seth Schrock
2,965 Expert 2GB
I had noticed that, but then forgot to look into it. Thanks again.
Oct 29 '14 #9
Nauticalgent
100 64KB
A little late, but from within the VBE, which Reference must be enabled to use this?
Mar 22 '19 #10
Rabbit
12,516 Expert Mod 8TB
If you are referring to Seth's code, I'm not sure which reference he's using to get access to the ActiveDs objects. However, if you go to my original VBS code, with minor modifications that should work in VBA without needing an additional reference.
Mar 25 '19 #11

Sign in to post your reply or Sign up for a free account.

Similar topics

0
by: Trey Mitchell | last post by:
I have built a single class in vb.Net to handle all active directory authentication needed in my web app. People can sign into the website with no problem. There is also a second form of...
0
by: Brian Mitchell | last post by:
Is there any way to return active directory objects from the object's guid? My basic problem is that I don't know the appropriate search filters. Does anyone know of any sites that list them? (like...
0
by: Gary | last post by:
I'm creating an Infopath form and I need to query Active Directory to obtain some data. Here is the code I'm using (obtained from sample code from MSDN) Private Shared domainADsPath As String =...
0
by: hellosibba | last post by:
i am trying to enumerate and query the organization Domain controller to get all the domains and its corresponding users in it. i also want to query the user's information like full name,...
4
by: cpajoe2001 | last post by:
I am not sure if this is the proper place to put this thread but I have run into a road block. I am writing a web app that will create groups in Active Directory then add users to those groups. I...
3
by: Brian McCullough | last post by:
Hello, I am trying to query ADAM using the ActiveDirectoryMembershipProvider in my ASP.NET 2.0 application, but have been unsuccessful. I have followed the steps in these blog posts, but still...
0
by: gdltec | last post by:
I have an ASP page that needs to be populated with employee data from Active Directory (i.e. Name, email, manager, etc), can anyone help me out on how to acomplish this? I just need to know how to...
0
by: justintaitt | last post by:
Hi, I am new to active directory and am trying to query it for the user name and ID of members of a group to populate a drop down list in the form: firstname lastname (userID) When I run the page...
4
by: jllg2000 | last post by:
I got this query: CREATE VIEW viewADContacts AS SELECT , SN , ST State FROM OPENQUERY( ADSI2, 'SELECT Name, SN, ST FROM ''LDAP://presidencia.local/CN=Users,...
0
by: VBDevo | last post by:
Hello, Can anyone help me in this please I'm trying to restore an Active Directory deleted user, I found the code only in c++ in the MSDN, and it uses the DLL : wldap32.dll , which is under...
0
by: DolphinDB | last post by:
Tired of spending countless mintues downsampling your data? Look no further! In this article, you’ll learn how to efficiently downsample 6.48 billion high-frequency records to 61 million...
0
by: Vimpel783 | last post by:
Hello! Guys, I found this code on the Internet, but I need to modify it a little. It works well, the problem is this: Data is sent from only one cell, in this case B5, but it is necessary that data...
0
by: jfyes | last post by:
As a hardware engineer, after seeing that CEIWEI recently released a new tool for Modbus RTU Over TCP/UDP filtering and monitoring, I actively went to its official website to take a look. It turned...
0
by: ArrayDB | last post by:
The error message I've encountered is; ERROR:root:Error generating model response: exception: access violation writing 0x0000000000005140, which seems to be indicative of an access violation...
1
by: Defcon1945 | last post by:
I'm trying to learn Python using Pycharm but import shutil doesn't work
1
by: Shællîpôpï 09 | last post by:
If u are using a keypad phone, how do u turn on JavaScript, to access features like WhatsApp, Facebook, Instagram....
0
by: af34tf | last post by:
Hi Guys, I have a domain whose name is BytesLimited.com, and I want to sell it. Does anyone know about platforms that allow me to list my domain in auction for free. Thank you
0
by: Faith0G | last post by:
I am starting a new it consulting business and it's been a while since I setup a new website. Is wordpress still the best web based software for hosting a 5 page website? The webpages will be...
0
isladogs
by: isladogs | last post by:
The next Access Europe User Group meeting will be on Wednesday 3 Apr 2024 starting at 18:00 UK time (6PM UTC+1) and finishing by 19:30 (7.30PM). In this session, we are pleased to welcome former...

By using Bytes.com and it's services, you agree to our Privacy Policy and Terms of Use.

To disable or enable advertisements and analytics tracking please visit the manage ads & tracking page.