0

Active Directory: VBscript to enumerate the local users of all servers in your domain

Posted June 10th, 2010 in Various and tagged , , , , , , , by dirk adamsky

This script enumerates the local users of all servers (domain controllers are excluded) in your domain.
The results are logged in a file and send with CDO mail.
You can also schedule the script for monitoring purposes.

Follow the next steps to run the script (admin rights needed):

  • copy and paste the script in your favorite text editor
  • change the smtp addresses of the sender and the recipient to your addresses
  • save the script (for example c:templocalusers.vbs)
  • open a command prompt
  • go to “c:temp”
  • give “cscript localusers.vbs” (without quotes) and enter

The script:

' Name : localusers.vbs
' Description : script to enumerate the local users of all servers in your domain
' Author : dirk adamsky - deludi bv
' Version : 1.00
' Date : 10-06-2010
' Level: intermediate

strDate = Replace(Date,"/","-")
Set objFSO = CreateObject("Scripting.FileSystemObject")
strCurrentDir = objFSO.GetAbsolutePathName(".")
Set objFSO = Nothing

Set adoCommand = CreateObject("ADODB.Command")
Set adoConnection = CreateObject("ADODB.Connection")
adoConnection.Provider = "ADsDSOObject"
adoConnection.Open "Active Directory Provider"
adoCommand.ActiveConnection = adoConnection

Set objRootDSE = GetObject("LDAP://RootDSE")
strDNSDomain = objRootDSE.Get("defaultNamingContext")
strBase = "<LDAP://" & strDNSDomain & ">"

strFilter = "(&(objectCategory=computer)(operatingSystem=*server*))"

strAttributes = "name,distinguishedName"
strQuery = strBase & ";" & strFilter & ";" & strAttributes & ";subtree"
adoCommand.CommandText = strQuery
adoCommand.Properties("Page Size") = 100
adoCommand.Properties("Timeout") = 30
adoCommand.Properties("Cache Results") = False
Set adoRecordset = adoCommand.Execute

Do Until adoRecordset.EOF
	strHostname = adoRecordset.Fields("name").Value
	If CheckStatus(strHostname) = True Then
		If Instr(adoRecordset.Fields("distinguishedName").Value,"Domain Controllers") = 0 Then
			Set objGroup = GetObject("WinNT://" & strHostname & "/Users,group")
			For Each Member In objGroup.Members
				If Lcase(Member.Name) <> "interactive" And Lcase(Member.Name) <> "authenticated users" Then
			 		Logprint strHostname & " has " & Member.Name & " in the local users group"
				End If
			Next
			Set objGroup = Nothing
		End If
	End If
	adoRecordset.MoveNext
Loop

Sendmail "recipient@test.org", "localusers", "see attachment for details", strCurrentDir & "" & strDate & "-localusers.csv"

Set adoRecordset = Nothing
Set objRootDSE = Nothing
Set adoConnection = Nothing
Set adoCommand = Nothing

Function CheckStatus(strAddress)
	Dim objPing, objRetStatus
	Set objPing = GetObject("winmgmts:{impersonationLevel=impersonate}").ExecQuery _
      ("select * from Win32_PingStatus where address = '" & strAddress & "'")
	For Each objRetStatus In objPing
        If IsNull(objRetStatus.StatusCode) Or objRetStatus.StatusCode <> 0 Then
			CheckStatus = False
        Else
			CheckStatus = True
        End If
    Next
	Set objPing = Nothing
End Function

Function LogPrint(Message)
Const ForAppending = 8
	Set ObjFSO = CreateObject("Scripting.FileSystemObject")
	Set objTextFile = ObjFSO.OpenTextFile(strDate & "-localusers.csv", ForAppending, True)
    objTextFile.WriteLine Message
    objTextFile.Close
	Set objTextFile = Nothing
	Set ObjFSO = Nothing
End Function

Function SendMail(strRecipient, strHeader, strBody, strAttachment)
	Set objMessage = CreateObject("CDO.Message")
		objMessage.Subject = strHeader
		objMessage.From = "sender@test.org"
		objMessage.To = strRecipient
		objMessage.TextBody = strBody
		objMessage.AddAttachment strAttachment
		objMessage.Configuration.Fields.Item ("http://schemas.microsoft.com/cdo/configuration/sendusing") = 2
		objMessage.Configuration.Fields.Item ("http://schemas.microsoft.com/cdo/configuration/smtpserver") = "mail.domstad.org"
		objMessage.Configuration.Fields.Item ("http://schemas.microsoft.com/cdo/configuration/smtpserverport") = 25
		objMessage.Configuration.Fields.Item ("http://schemas.microsoft.com/cdo/configuration/smtpconnectiontimeout") = 60
		objMessage.Configuration.Fields.Update
		objMessage.Send
		Set objMessage = Nothing
End Function

When you have problems/questions please post a reply or give a ‘star’ rating.

Happy scripting.

Best regards,

Dirk Adamsky – Deludi BV


Related Posts:
  • Active Directory and WMI: VBscript to enumerate the system uptime of all servers in Active Directory V2
  • Active Directory and WMI: VBscript to enumerate the system uptime of all servers in Active Directory
  • Active Directory And WMI: VBscript to monitor all servers in Active Directory

    • Leave a Reply





    Popular articles

    Tags

    active directory adsi alive attribute command prompt computer cscript disable disabled distribution group email enumerate excel exchange files filesystem object filter folder groups homedirectory hp microserver lastlogon lastlogontimestamp list mail mailbox memberOf members memberships n36l nested group number ou ping recursion server smtp address status subfolders user vb vbs vbscript vmware esxi wmi

    Categories

    Recent Comments