1

Active Directory: VBScript to enumerate Citrix tokens

Posted January 11th, 2010 in active directory, citrix and tagged , , , , , , , , , , by dirk adamsky

This script enumerates all Citrix tokens in Active Directory.

Follow the next steps (no admin rights needed):

  • open your favorite text editor
  • copy and paste the script into the editor
  • save the script (for example c:tempcitrixtokens.vbs)
  • open a command prompt
  • go to “c:temp”
  • give “cscript citrixtokens.vbs” (without quotes) and enter

The script:

' Name : citrixtokens.vbs
' Description : script to enumerate citrix tokens
' Author : dirk adamsky - deludi bv
' Version : 1.00
' Date : 11-01-2010

Option Explicit
Dim adoCommand, adoConnection, strBase, strFilter, strAttributes, strCN, arrToken, strToken
Dim objRootDSE, strDNSDomain, strQuery, adoRecordset, strUserDN, objUser, protocolSettings, strMail

' Setup ADO objects.
Set adoCommand = CreateObject("ADODB.Command")
Set adoConnection = CreateObject("ADODB.Connection")
adoConnection.Provider = "ADsDSOObject"
adoConnection.Open "Active Directory Provider"
adoCommand.ActiveConnection = adoConnection

' Search entire Active Directory domain.
Set objRootDSE = GetObject("LDAP://RootDSE")
strDNSDomain = objRootDSE.Get("defaultNamingContext")
strBase = "<LDAP://" & strDNSDomain & ">"

' Filter on user objects.
strFilter = "(&(objectCategory=person)(objectClass=user))"

' Comma delimited list of attribute values to retrieve.
strAttributes = "mail,cn,securecomputingCom2000-SafeWord-UserID"

' Construct the LDAP syntax query.
strQuery = strBase & ";" & strFilter & ";" & strAttributes & ";subtree"
adoCommand.CommandText = strQuery
adoCommand.Properties("Page Size") = 100
adoCommand.Properties("Timeout") = 30
adoCommand.Properties("Cache Results") = False

' Run the query.
Set adoRecordset = adoCommand.Execute

' Enumerate the resulting recordset.
Do Until adoRecordset.EOF
    On Error Resume Next
    If adoRecordset.Fields("securecomputingCom2000-SafeWord-UserID").Actualsize <> 0 Then
        strCN = adoRecordset.Fields("cn").Value
        strMail = adoRecordset.Fields("mail").Value
        arrToken = adoRecordset.Fields("securecomputingCom2000-SafeWord-UserID").Value
        For each strToken in arrToken
            If strToken > 0 Then
                Wscript.echo strMail & " ; " & strCN & " ; " & strToken
            End If
        Next
    End if
    'Move to the next record in the recordset.
    adoRecordset.MoveNext
Loop
' Clean up.
adoRecordset.Close
adoConnection.Close

Set adoRecordset = Nothing
Set objRootDSE = Nothing
Set adoConnection = Nothing
Set adoCommand = Nothing

Related Posts:
  • Active Directory and WMI: VBscript to enumerate a sorted list of all mailboxes and their size in your AD domain
  • Active Directory: VBscript to enumerate all contacts in your domain
  • Active Directory and WMI: VBscript to enumerate the system uptime of all servers in Active Directory V2

    • One Response so far.

    1. Patrick says:
      1 April 2010 at 09:23

      Nice script, I need this one for a custom search LDAP Query though, that gives a neather effect.

      Any chance you have that lying around?

      Reply

    Leave a Reply





    Popular articles

    Tags

    active directory adsi alive attribute command prompt computer cscript disable disabled distribution group email enumerate excel exchange files filesystem object filter folder groups homedirectory hp microserver lastlogon lastlogontimestamp list mail mailbox memberOf members memberships n36l nested group number ou ping recursion server smtp address status subfolders user vb vbs vbscript vmware esxi wmi

    Categories

    Recent Comments