Active Directory With JScript : How to Search for Users

 Active Directory, Javascript  15 Responses »
May 202011
 

Hi All,

I’ve created a function to search for users in Active Directory.
It’s fairly similar to the previous query to get the Domain Controllers.
The function accepts 2 parameters, the first being the username that’s being searched for, and the second is the type of search, e.g. begins with, or contains.

This code can also easily be modified to show all users in Active Directory by removing the samaccountname section in the query.


function Search(search,SearchType) {
var arrSearchResult = [];
var strSearch = '';
switch(SearchType) {
case "contains":
strSearch = "*"+search+"*";
break;
case "begins":
strSearch = search+"*";
break;
case "ends":
strSearch = "*"+search;
break;
case "exact":
strSearch = search;
break;
default:
strSearch = "*"+search+"*";
break;
}
objRootDSE = GetObject("LDAP://RootDSE");
strDomain = objRootDSE.Get("DefaultNamingContext");

strOU = "OU=Users"; // Set the OU to search here.
strAttrib = "name,samaccountname"; // Set the attributes to retrieve here.

objConnection = new ActiveXObject("ADODB.Connection");
objConnection.Provider="ADsDSOObject";
objConnection.Open("ADs Provider");
objCommand = new ActiveXObject("ADODB.Command");
objCommand.ActiveConnection = objConnection;
var Dom = "LDAP://"+strOU+","+strDomain;
var arrAttrib = strAttrib.split(",");
objCommand.CommandText = "select '"+strAttrib+"' from '"+Dom+"' WHERE objectCategory = 'user' AND objectClass='user' AND samaccountname='"+search+"' ORDER BY samaccountname ASC";

try {

objRecordSet = objCommand.Execute();

objRecordSet.Movefirst;
while(!(objRecordSet.EoF)) {
var locarray = new Array();
for(var y = 0; y < arrAttrib.length; y++) { locarray.push(objRecordSet.Fields(y).value); } arrSearchResult.push(locarray); objRecordSet.MoveNext; } return arrSearchResult; } catch(e) { alert(e.message); } }

This function will return an array within an array with the strAttrib defining which fields are retrieved.
The output can be parsed with 2 for loops like so :


var arrResults = Search('user');
for(a in arrResults) {
for(b in arrResults[a]) {
alert(arrResults[a][b]);
}
}

That code snippet will alert all the attributes of the user queried.

Related Posts
Share

Active Directory With Javascript : How to Get All The Domain Controllers in Your Domain

 Active Directory, Javascript  No Responses »
May 192011
 

Hi All,

Another quick one while I’m working on these.

The following will give you the names of all your Domain Controllers in the Domain Controllers OU or at least the computers in the Domain Controllers OU.


function GetDC() {

var arrDCs = [];

objRootDSE = GetObject("LDAP://RootDSE");
strDomain = objRootDSE.Get("DefaultNamingContext");
objConnection = new ActiveXObject("ADODB.Connection");
objConnection.Provider="ADsDSOObject";
objConnection.Open("ADs Provider");
objCommand = new ActiveXObject("ADODB.Command");
objCommand.ActiveConnection = objConnection;
var Dom = "LDAP://OU=Domain Controllers,"+strDomain;
objCommand.CommandText = "select name from '"+Dom+"' WHERE objectCategory = 'computer' ORDER BY name ASC";

objRecordSet = objCommand.Execute();

objRecordSet.Movefirst;

while(!(objRecordSet.EoF)) {
arrDCs.push(objRecordSet.Fields('Name').Value);
objRecordSet.MoveNext;
}
return arrDCs;
}

This function will return an array containing a list of the members names in the Domain Controllers OU.
The list that is returned can be modified by changing the search query.

Related Posts
Share

Active Directory with Javascript : How to Get The Distinguished Name

 Active Directory, Javascript  No Responses »
May 192011
 

Hi all,

I covered this in another post, but thought I would make it separate to make it easier to find.

The following code block lets you get the distinguished name of the username that is passed into this function.


function GetDN(strUsername) {

var objUserDN = new ActiveXObject("NameTranslate");
objUserDN.Init(1,"< DOMAIN NAME HERE >");
objUserDN.Set(3,"< DOMAIN NAME HERE >\\"+strUsername);
strUserDN = objUserDN.get(1)
return strUserDN;
}

This codeblock does the following :

  1. Creates a new NameTranslate Object and binds objUserDN to it
  2. Initialises NameTranslate with the Init method with the ‘1’ setting the type of bind used, which is Domain in this case.
  3. Sets the type of translation used and the username to be translated by using the set method, the 3 specifies that the username that is input is in the NT format of “domain\User”
  4. Gets the Distinguished Name by using the Get method with a parameter of 1 which specifies that it should get the RFC 1779 formatted name.
  5. Returns the distinguished name

References :
ADS_NAME_INITTYPE_ENUM Enumeration
ADS_NAME_TYPE_ENUM Enumeration

Related Posts
Share

Javascript : Get the computer name with Javascript.

 Javascript  12 Responses »
May 182011
 

Hi all,

Thought I’d do a post on some JS as I haven’t done much in a while.
Today, I will go over some windows script host objects that may come in useful.
First up – wsh.network

Firstly we need to create the ActiveX Object in Javascript like so :


var wsh = new ActiveXObject(wscript.network)

Once this ActiveX Object is created, we can now use it to grab data from the computer using the properties of wsh.


var strCompName = wsh.computername;

That code snippet will store the NetBios computer name into strCompName, easy as pie.

If you have any questions or comments, please feel free to leave a comment below.

Reference
MSDN WSH.Neworking

Share

Query a User in Active Directory

 Active Directory, Javascript  2 Responses »
Jan 042011
 

Quick snippet on how to query an AD user with Javascript.

Firstly, get the user object with:

var objUser = GetObject("LDAP://cn=username,ou=users,dc=example,dc=com");

With this object, you can query any attributes of the user.


var disabled = objUser.AccountDisabled; // True when the account is disabled
var firstname = objUser.givenname; // Returns the users first name.

A List of attributes can be found here.

Some of the more difficult attributes to query are “memberof” which displays the group memberships, and “lockouttime” which is how long they have been locked out for.

When querying memberof, it will return a VB Array, which Javascript won’t recognise unless you retrieve it with:

var memberof = VBArray(objUser.GetEx("memberof")).toArray();

With lockouttime the number is a 64-bit number, which requires a Highpart and Lowpart to access the whole number.
This code will get the lock out time:

var lockouttime = objUser.lockouttime;
var locktimems = Math.abs(lockouttime.HighPart) * Math.pow(2,32) + Math.abs(lockouttime.LowPart); //locktimems now has the time that the account is locked out until in milliseconds.

More garbage from me later !

Share
 Older Entries  Newer Entries