0

Active Directory: VBscript to enumerate the last logon of all AD users and a lot of user attributes

Posted February 25th, 2010 in lastlogon and tagged , , , , , , , , , , , , , by dirk adamsky

! I made a new lastlogonscript, it can be found here.
This script is based on the lastlogon script by Richard L. Mueller.
Added is an enumeration of 30 user attributes.
All in all it gives you an huge load of information…..

Follow the next steps to run the script (no admin rights needed):

* open your favorite text editor
* copy and paste the script into the editor
* save the script (for example c:tempenumerate-lastlogon-details.vbs)
* open a command prompt
* go to “c:temp”
* give “cscript enumerate-lastlogon-details.vbs” (without quotes) and enter

The script:

' Name : enumerate-lastlogon-details.vbs
' Description : script to enumerate the last logon of all AD users and a lot of user attributes
' Author : dirk adamsky - deludi bv
' Version : 1.00
' Date : 25-02-2010
' Level : advanced

Option Explicit

Dim objRootDSE, adoConnection, adoCommand, strQuery, strMail, strDisname, strCompany, strDepartment
Dim adoRecordset, strDNSDomain, objShell, lngBiasKey
Dim lngBias, k, strDN, dtmDate, objDate, arrAttributes
Dim strBase, strFilter, strAttributes, lngHigh, lngLow, strOutput, i

arrAttributes = Array("cn","sAMAccountName","company","department","displayName",_
				"distinguishedName","lastKnownParent","mail","mailNickname","manager","physicalDeliveryOfficeName",_
				"postalCode","telephoneNumber","userPrincipalName","whenChanged","whenCreated",_
				"extensionAttribute1","extensionAttribute2","extensionAttribute3","extensionAttribute4","extensionAttribute5",_
				"extensionAttribute6","extensionAttribute7","extensionAttribute8","extensionAttribute9",_
				"extensionAttribute10","extensionAttribute11","extensionAttribute12","extensionAttribute13",_
				"extensionAttribute14,extensionAttribute15,lastLogonTimeStamp") 

' Obtain local Time Zone bias from machine registry.
Set objShell = CreateObject("Wscript.Shell")
lngBiasKey = objShell.RegRead("HKLMSystemCurrentControlSetControlTimeZoneInformationActiveTimeBias")
If (UCase(TypeName(lngBiasKey)) = "LONG") Then
    lngBias = lngBiasKey
ElseIf (UCase(TypeName(lngBiasKey)) = "VARIANT()") Then
    lngBias = 0
    For k = 0 To UBound(lngBiasKey)
        lngBias = lngBias + (lngBiasKey(k) * 256^k)
    Next
End If
Set objShell = Nothing

' Determine DNS domain from RootDSE object.
Set objRootDSE = GetObject("LDAP://RootDSE")
strDNSDomain = objRootDSE.Get("defaultNamingContext")
Set objRootDSE = Nothing

' Use ADO to search Active Directory.
Set adoCommand = CreateObject("ADODB.Command")
Set adoConnection = CreateObject("ADODB.Connection")
adoConnection.Provider = "ADsDSOObject"
adoConnection.Open "Active Directory Provider"
adoCommand.ActiveConnection = adoConnection

' Search entire domain.
strBase = "<LDAP://" & strDNSDomain & ">"

' Filter on all user objects.
strFilter = "(&(objectCategory=person)(objectClass=user))"

' Comma delimited list of attribute values to retrieve.
strAttributes = Join(arrAttributes,",")
Wscript.Echo strAttributes
' Construct the LDAP syntax query.
strQuery = strBase & ";" & strFilter & ";" & strAttributes & ";subtree"

' Run the query.
adoCommand.CommandText = strQuery
adoCommand.Properties("Page Size") = 100
adoCommand.Properties("Timeout") = 60
adoCommand.Properties("Cache Results") = False
Set adoRecordset = adoCommand.Execute

' Enumerate resulting recordset.
Do Until adoRecordset.EOF
    On Error Resume Next
    Set objDate = adoRecordset.Fields("lastLogonTimeStamp").Value
    If (Err.Number <> 0) Then
        On Error GoTo 0
        dtmDate = #1/1/1601#
    Else
        On Error GoTo 0
        lngHigh = objDate.HighPart
        lngLow = objDate.LowPart
        If (lngLow < 0) Then
            lngHigh = lngHigh + 1
        End If
        If (lngHigh = 0) And (lngLow = 0 ) Then
            dtmDate = #1/1/1601#
        Else
            dtmDate = #1/1/1601# + (((lngHigh * (2 ^ 32)) _
                + lngLow)/600000000 - lngBias)/1440
        End If
    End If
    ' Display values for the user.
    strOutput = ""
	For i = 0 To (Ubound(arrAttributes) - 1)
		strOutput = strOutput & " ; " & adoRecordset.Fields(arrAttributes(i)).Value
	Next
	If (dtmDate = #1/1/1601#) Then
        Wscript.Echo strOutput & " ; Never"
    ElseIf DateDiff("d",dtmDate,Date) > 90 Then
	    Wscript.Echo strOutput & " ; " & dtmDate
    End If
    adoRecordset.MoveNext
Loop

' Clean up.
adoRecordset.Close
adoConnection.Close
Set adoRecordset = Nothing
Set objDate = Nothing
Set adoConnection = Nothing
Set adoCommand = Nothing

When you have problems/questions please post a reply.

Happy scripting.

Best regards,

Dirk Adamsky – Deludi BV

[adrotate group="2" banner="3"]


Related Posts:
  • Active Directory and WMI: VBscript to enumerate a sorted list of all mailboxes and their size in your AD domain
  • Active Directory: VBscript to enumerate all contacts in your domain
  • Active Directory: Vbscript to enumerate all users of a nested group with a citrix token

    • Leave a Reply





    Popular articles

    Tags

    active directory adsi alive attribute command prompt computer cscript disable disabled distribution group email enumerate excel exchange files filesystem object filter folder groups homedirectory hp microserver lastlogon lastlogontimestamp list mail mailbox memberOf members memberships n36l nested group number ou ping recursion server smtp address status subfolders user vb vbs vbscript vmware esxi wmi

    Categories

    Recent Comments