Getting AD Details based on username

Just an extra comment to Ansgar the RootDSE is great if you only have one domain. You can modify his code to point else where:

    base  = "<LDAP://" & rootDSE.Get("defaultNamingContext") & ">"

to something like:

    base  = "<LDAP://" & "DC=corp,DC=foo,DC=com" & ">"

if your domain AD domain is corp.foo.com

LDAP URIs require a distinguished name. Account names won't work. If you want to get user objects based on the account name you need a "regular" LDAP query:

username = "SomeUserName"

Set rootDSE = GetObject("LDAP://RootDSE")
base  = "<LDAP://" & rootDSE.Get("defaultNamingContext") & ">"
'filter on user objects with the given account name
fltr  = "(&(objectClass=user)(objectCategory=Person)" & _
        "(sAMAccountName=" & username & "))"
'add other attributes according to your requirements
attr  = "distinguishedName,sAMAccountName"
scope = "subtree"

Set conn = CreateObject("ADODB.Connection")
conn.Provider = "ADsDSOObject"
conn.Open "Active Directory Provider"

Set cmd = CreateObject("ADODB.Command")
Set cmd.ActiveConnection = conn
cmd.CommandText = base & ";" & fltr & ";" & attr & ";" & scope

Set rs = cmd.Execute
Do Until rs.EOF
  WScript.Echo rs.Fields("distinguishedName").Value
  rs.MoveNext
Loop
rs.Close

conn.Close

Since I got annoyed from having to write all that boilerplate code over and over again, I wrapped it in a class (ADQuery) some time ago.

Getting AD Details based on username

Tags:

Active Directory

Vbscript

Vba

Related

Recent Posts