Announcement

Collapse
No announcement yet.

querying AD from networked computers

Collapse
X
  • Filter
  • Time
  • Show
Clear All
new posts

  • querying AD from networked computers

    Background: I'm installing an inventory app and it will accept custom field input via comma, space or tab delimmited text files.

    I have a user who would like to run this app via login script so that it will inventory each computer and include the logged in user's OU as one of the custom fields. She needs the OU because her active directory stucture is set up to where the OUs dictate which department a user belongs to.

    Optimally, I am thinking that I want to create a Group Policy at the OU level that will force users to run the login script. I am guessing that the login script should include:
    - an AD Query that will write the logged in User's OU to a text file (no idea where to even begin with this)

    - Path to the share where the inventory scanner can be run from (to run the inventory)

    Question: Is there a way to query active directory from a networked computer (in a way that is invisible to the user) and collect just that user's OU?

    I don't really want to have to go and install anything on the networked computers if I can help it.

    Desired Result: To have a text file that contains a specific user's OU (and OU only) on the networked computer they log into.

  • #2
    Re: querying AD from networked computers

    Hi,

    Running the following from the command line on an AD networked computer will show you which OU's a user is a member of:

    DSQUERY USER DOMAINROOT -NAME <USERNAME>

    Hope this helps

    Michael
    Michael Armstrong
    www.m80arm.co.uk
    MCITP: EA, MCTS, MCSE 2003, MCSA 2003: Messaging, CCA, VCP 3.5, 4, 5, VCAP5-DCD, VCAP5-DCA, ITIL, MCP, PGP Certified Technician

    ** Remember to give credit where credit is due and leave reputation points sigpic where appropriate **

    Comment


    • #3
      Re: querying AD from networked computers

      Originally posted by m80arm
      Running the following from the command line on an AD networked computer will show you which OU's a user is a member of:

      DSQUERY USER DOMAINROOT -NAME <USERNAME>
      Correct me if I'm wrong but I think that requires an install of the adminpak.msi
      Last edited by JeremyW; 14th July 2006, 13:57.
      Regards,
      Jeremy

      Network Consultant/Engineer
      Baltimore - Washington area and beyond
      www.gma-cpa.com

      Comment


      • #4
        Re: querying AD from networked computers

        Originally posted by JeremyW
        Correct if I'm wrong but I think that require an install of the adminpak.msi
        Correct - That is always something I take for granted

        Michael
        Michael Armstrong
        www.m80arm.co.uk
        MCITP: EA, MCTS, MCSE 2003, MCSA 2003: Messaging, CCA, VCP 3.5, 4, 5, VCAP5-DCD, VCAP5-DCA, ITIL, MCP, PGP Certified Technician

        ** Remember to give credit where credit is due and leave reputation points sigpic where appropriate **

        Comment


        • #5
          Re: querying AD from networked computers

          Here is something I helped a friend of mine with - she wanted to map printers/shares based on user object's parent OU name:

          Code:
          '==========================================================================
          ' VBScript Source File -- Created with SAPIEN Technologies PrimalScript 4.0
          ' NAME: DriveAndPrinterMapper.vbs 
          ' AUTHOR: Guy Teverovsky , Private work
          ' DATE  : 5/11/2006
          ' COMMENT: Use your head before hitting the keyboard !
          '==========================================================================
          Option Explicit
          
          '---------------------------------------------------------------------------
          '	Script initialization
          '---------------------------------------------------------------------------
          Dim WshNetwork, oAdsSysObj, oDrives, strUserOU
          Dim arrPrnStudio,arrPrnFloor2,arrPrnFloor4,arrPrnFloor5,arrPrnFloor5MG
          
          Set WshNetwork 	= CreateObject("WScript.Network")			
          Set oAdsSysObj 	= CreateObject("ADSystemInfo") 			' Instantiate ADSystemInfo object
          Set oDrives 	= WshNetwork.EnumNetworkDrives			' Enumerate network drives
          Set CurrentUser = GetObject("LDAP://" & oAdsSysObj.UserName)	
          
          strUserOU 		= LCase(fGetParentOU(oAdsSysObj))
          
          arrPrnStudio	= Split("\\server1\StudioHP:HP Business Inkjet 2800 PCL 6",":")
          arrPrnFloor2	= Split("\\server1\Floor2:HP LaserJet 4050 Series PS",":")
          arrPrnFloor4	= Split("\\server1\FLOOR4:HP LaserJet 4050 Series PS",":")
          arrPrnFloor5	= Split("\\server1\Floor5:HP LaserJet 4050 Series PS",":")
          arrPrnFloor5MG	= Split("\\server1\Manag_HP_5:HP LaserJet 4250 PCL 5e",":")
          
          '---------------------------------------------------------------------------
          ' Start working
          '---------------------------------------------------------------------------
          
          Select Case LCase(strUserOU)
          	Case "studio"
          		fMapDrive "S:", "\\server3\STUDIO"
          		fConnectPrinter arrPrnStudio
          	Case "sales"
          		fMapDrive "S:", "\\server3\SALES"
          		fConnectPrinter arrPrnFloor5 
          	Case "presales"
          		fConnectPrinter arrPrnFloor5 
          	Case "management"
          		fConnectPrinter arrPrnFloor5
          		fConnectPrinter arrPrnFloor5MG 			
          	Case "support"	
          		fConnectPrinter arrPrnFloor5
          End Select
          
          '---------------------------------------------------------------------------
          ' Functions
          '---------------------------------------------------------------------------
          Function fMapDrive(ByVal strLetter, ByVal strUNCPath)
          
          	'WScript.Echo strLetter & vbTab & "==>" & vbTab & strUNCPath
          	
          	Dim boolInUse : boolInUse = False
          	Dim strCurrentPath : strCurrentPath = ""
          	For i = 0 to oDrives.Count -1 Step 2
          		If LCase(strLetter) = LCase(oDrives(i)) Then
          			boolInUse = True
          			strCurrentPath = oDrives(i+1)
          		End If
          	Next
          	If boolInUse = True Then
          		' The drive letter is in use
          		If LCase(strCurrentPath) <> LCase(strUNCPath) Then
          			' And is mapped to the wrong location
          			' Disconnect from the wrong and connect to the right
          			WshNetwork.RemoveNetworkDrive strLetter,True,True
          			WshNetwork.MapNetworkDrive strLetter, strUNCPath, True 
          		End If
          	Else
          		' The letter is not mapped, just map it to the right place
          		WshNetwork.MapNetworkDrive strLetter, strUNCPath, True 	
          	End If
          End Function
          
          ' -------------------------------------------------------
          ' Function that recieves an object (objAdsObj) and tries 
          ' to return it's parent's container name as a string
          ' -------------------------------------------------------
          Function fGetParentOU(oAdsSysObj)
              Dim objUser, objContainer 
              Set objUser = GetObject("LDAP://" & oAdsSysObj.UserName)
              Set objContainer = GetObject(objUser.Parent)
              fGetParentOU = objContainer.Get("name")
          End Function
          
          Sub fConnectPrinter(arrPrinter)
          	'WScript.Echo arrPrinter(0) & vbTab & "==>" & vbTab & arrPrinter(1) 
          	WshNetwork.AddWindowsPrinterConnection arrPrinter(0), arrPrinter(1)
          End Sub
          The script should run on any W2K and up client computer and can be used as logon/login script
          Guy Teverovsky
          "Smith & Wesson - the original point and click interface"

          Comment

          Working...
          X