Hi All,
I’ve created a function to search for users in Active Directory.
It’s fairly similar to the previous query to get the Domain Controllers.
The function accepts 2 parameters, the first being the username that’s being searched for, and the second is the type of search, e.g. begins with, or contains.
This code can also easily be modified to show all users in Active Directory by removing the samaccountname section in the query.
function Search(search,SearchType) {
var arrSearchResult = [];
var strSearch = '';
switch(SearchType) {
case "contains":
strSearch = "*"+search+"*";
break;
case "begins":
strSearch = search+"*";
break;
case "ends":
strSearch = "*"+search;
break;
case "exact":
strSearch = search;
break;
default:
strSearch = "*"+search+"*";
break;
}
objRootDSE = GetObject("LDAP://RootDSE");
strDomain = objRootDSE.Get("DefaultNamingContext");
strOU = "OU=Users"; // Set the OU to search here.
strAttrib = "name,samaccountname"; // Set the attributes to retrieve here.
objConnection = new ActiveXObject("ADODB.Connection");
objConnection.Provider="ADsDSOObject";
objConnection.Open("ADs Provider");
objCommand = new ActiveXObject("ADODB.Command");
objCommand.ActiveConnection = objConnection;
var Dom = "LDAP://"+strOU+","+strDomain;
var arrAttrib = strAttrib.split(",");
objCommand.CommandText = "select '"+strAttrib+"' from '"+Dom+"' WHERE objectCategory = 'user' AND objectClass='user' AND samaccountname='"+search+"' ORDER BY samaccountname ASC";
try {
objRecordSet = objCommand.Execute();
objRecordSet.Movefirst;
while(!(objRecordSet.EoF)) {
var locarray = new Array();
for(var y = 0; y < arrAttrib.length; y++) {
locarray.push(objRecordSet.Fields(y).value);
}
arrSearchResult.push(locarray);
objRecordSet.MoveNext;
}
return arrSearchResult;
} catch(e) {
alert(e.message);
}
}
This function will return an array within an array with the strAttrib
defining which fields are retrieved.
The output can be parsed with 2 for loops like so :
var arrResults = Search('user');
for(a in arrResults) {
for(b in arrResults[a]) {
alert(arrResults[a][b]);
}
}
That code snippet will alert all the attributes of the user queried.
where all these following objects were defined??
objRootDSE
objConnection
objCommand
i am getting an error.
i have tried writing ‘var’ before all these variable but it doesn’t works
They are just normal variables. They are defined when I assign them a value.
What are you trying to do ?
I am trying to create a peoplePicker like functionality.
i want to create peoplepicker on clientside using only html and java script
What code do you have so far ?
I have drag and dropped HTML Button and HTML textbox and written this JavaScript. Earlier i was having script that was returning only currently logged in Users but i want all the users should be visible when any one searches for him/her like peopleEditor
Can you paste the code on pastebin ?
What attribute can be included in the objCommand.CommandText string to only retrieve Active (non-disabled) users?
Good Question…
“useraccountcontrol” has values depending on the state of the account
The states should be
512=Enabled
514= Disabled
66048 = Enabled, password never expires
66050 = Disabled, password never expires
Hope that helps
I am getting error at :
GetObject is undefined.
Here is the line which is throwing object undefined error:
objRootDSE = GetObject(“LDAP://RootDSE”);
Are you using the Javascript on a webpage or in a HTA ? I was doing these in a HTA with some ActiveX controls if I remember correctly
I was getting undefined exception on execution of below line:
objRecordSet = objCommand.Execute();
Please suggest!!
I would suggest that rather than using Javascript, you look at using Powershell to do what you need to do.
Using Javascript to search AD isn’t very efficient anymore since Powershell has gotten so much better since I wrote this post.
Hi Sir,
I don’t know javascript, however know a bit about AD and html.
what i want to do is to create html form and add some samaccountname/login name input on the form.
however i need to check if the users is exsist on the AD and put underline on the form if the users is exist on AD
how should i do that?