viewpoint-particle

Author Topic: Get User Property from AD USer Account  (Read 4359 times)

int5749

  • Newbie
  • *
  • Posts: 8
Get User Property from AD USer Account
« on: July 25, 2013, 07:36:53 am »
Hi,
is there a way to get a specific porperty from AD User Account?? Yes, i already found how to gather like WhenCreated, LastLogin etc. but i would need to get the value of the Tab "General" and field "E-mail:"

So far i do not have any glue how to proceed  :( and any help is much appreciated.

Regards,
Joerg

td

  • Tech Support
  • *****
  • Posts: 2222
    • WinBatch
Re: Get User Property from AD USer Account
« Reply #1 on: July 25, 2013, 08:20:41 am »
Some of the properties displayed in the UI are calculated and do not actually exist.  You would have to generate them yourself.  The complete list of available user object properties can be found here.

http://msdn.microsoft.com/en-us/library/windows/desktop/ms683980(v=vs.85).aspx

Click on a listed property to see it's display name.  Most ADSI based AD access tools like the WinBatch ADSI extender use a property's display name to get or set values.   BTW, WinBatch has three built in ways to access Active Directory - the ADSI extender, COM Automation or dotNet.
"Success is a lousy teacher. It seduces smart people into thinking they can't lose."
  - Bill Gates


ChuckC

  • Full Member
  • ***
  • Posts: 117
Re: Get User Property from AD USer Account
« Reply #2 on: July 25, 2013, 10:26:36 am »
Also of interest...

In Active Directory Users & Computers, enable the "Advanced Features" option on the View menu.  Then, when examining the properties of a user object, click on the Attribute Editor tab.  This tab contains a list of every attribute, either mandatory or optional, that is capable of having a value or list of values assigned to it.  For the attributes that do have values, the values are displayed; otherwise, the text "<not set>" is displayed in place of a value.

....IFICantBYTE

  • Full Member
  • ***
  • Posts: 119
Re: Get User Property from AD USer Account
« Reply #3 on: July 25, 2013, 07:09:23 pm »
This is one way..
I've been using this old UDF of mine in many in-house Winbatch applications to return a list of details about a user account... the email property you are after is just "mail" .. it is in the query string along with a few other properties.
Just pass the UDF the username you want to query.


Code: Winbatch
;UDF/UDS START               ===================================================================================================               . . . . I F I C /-) /\/ ¯/¯ B Y T E
#DefineFunction GetUserInfoLDAP(samAccountName); pass UserName for samAccountName
UserInfoList = ""

; Use ADO to search the domain for all Groups.
objConnection = CreateObject("ADODB.Connection")
objCommand = CreateObject("ADODB.Command")
objConnection.Provider = "ADsDSOOBject"
objConnection.Open("Active Directory Provider")
objCommand.ActiveConnection = objConnection
; Determine the DNS domain from the RootDSE object.
; Change strQuery OU to get ROOT for Users Query

ErrorMode(@OFF)
objRootDSE = GetObject("LDAP://RootDSE")
ErrorMode(@CANCEL)
If objRootDSE == 0 Then Goto CLOSEOBJECTS ; Return blank list and close objects if LDAP can't be found

strDNSDomain = objRootDSE.Get("defaultNamingContext")
strFilter = StrCat("(&(objectCategory=user)(objectClass=user)(samAccountName=",samAccountName,"))")
strQuery = "<LDAP://":strDNSDomain:">;":strFilter:";l,title,telephoneNumber,displayName,department,mail,msExchHomeServerName;subtree"

; Enumerate all groups in the Queried OU Structure.

objCommand.CommandText = strQuery
objCommand.Properties("Page Size") = 100
objCommand.Properties("Timeout") = 30
objCommand.Properties("Cache Results") = @False

objRecordSet = objCommand.Execute

While objRecordSet.EOF == @FALSE
   strLOC = objRecordSet.Fields("l")
   strTIL = objRecordSet.Fields("title")
   strTEL = objRecordSet.Fields("telephoneNumber")
   strDNM = objRecordSet.Fields("displayName")
   strDPT = objRecordSet.Fields("department")
   strEML = objRecordSet.Fields("mail")
   strEXS = objRecordSet.Fields("msExchHomeServerName")
   UserInfoList = strLOC.value:@TAB:strTIL.value:@TAB:strTEL.value:@TAB:strDNM.value:@TAB:strDPT.value:@TAB:strEML.value:@TAB:strEXS.value
   objRecordSet.MoveNext
EndWhile
:CLOSEOBJECTS
objRootDSE = 0
objCommand = 0
objConnection = 0
Return UserInfoList
#EndFunction
;UDF/UDS END               ===================================================================================================               . . . . I F I C /-) /\/ ¯/¯ B Y T E

samAccountName = "YOUR USER NAME"
Message("",GetUserInfoLDAP(samAccountName))
Regards,
....IFICantBYTE

Nothing sucks more than that moment during an argument when you realize you're wrong. :)