You're wondering, "Where the hell has that guy been?". More than likely you're not actually thinking that but my blog has. So while I don't have anything super great to post, I dug through my archive of functions and found one to post.
This neat little function will let you pass some info and return to you the full LDAP path to the object. Some of you veteran scripters out there might ask, "Why not use the built in Wscript call?". Well you could, but that only returns the user account. This nifty function will let you query AD to get the LDAP path for computer objects as well.
So lets get to it. The function has for input parameters.
Object name = name of the object in AD. Be sure to use the samAccount name.
Object type = type of object. User or Computer
Server = The domain server to query
Domain = The domain to query in. ex. na.fabrikam.com
Here's the function first for you to absorb (ahem, copy) and then we'll discuss:
Function getLDAPPath(sstrCN, sstrType, sstrServer, sstrDomain)
'Input: sstrCN = Name of the object to look For
'Input: sstrType = Type of object: "User" or "Computer"
'Input: sstrServer = DC to query On
'Input: sstrDomain = Domain to query: Example: "na.fabrikam.com"
'Output: String = LDAP path to object
Set sCon = CreateObject("ADODB.Connection")
Set sCom = CreateObject("ADODB.Command")
sCon.Provider = "ADsDSOObject"
sCon.Open "Active Directory Provider"
Set sCom.ActiveConnection = sCon
sstrDomain = "DC=" & Replace(sstrDomain,".",",DC=")
sstrType = UCase(sstrType)
Select Case sstrType
Case "USER"
sstrQueryField = "samAccountName"
sstrQueryObject = "USER"
Case "COMPUTER"
sstrQueryField = "Name"
sstrQueryObject = "COMPUTER"
End Select
sCom.CommandText = "select adspath from 'LDAP://" & sstrServer & _
"/" & sstrDomain & "' WHERE " & sstrQueryField & _
" = '" & sstrCN & "' and objectclass = '" & sstrQueryObject & "'"
Set sRs = sCom.Execute
Do While Not sRs.EOF
sPath = sRs("adspath")
sRs.movenext
Loop
getLDAPPath = sPath
sCon.Close
Set sCon = Nothing
Set sCom = Nothing
End Function
Note: If you are copying and pasting, be sure to restore the proper line breaks... Also, I don't typically like using an underscore to break the lines since it's hard to read. But it helps for copying from this blog.
There. To break it down, the function first sets up the necessary connections. Next, it reformats the domain to an AD query friendly format. Then we build a search command and execute. The results come back as a recordset. We iterate through the recordset to get the "adspath" field. Set the path to the function name and close out the connections to complete this bad boy.
It's an easy function and doesn't do a whole lot, but if you need to find the LDAP path for a machine name, then this will work for you.
Also note that if you have multiple domains, you may need to enter in the server name as a fully qualified domain name (FQDN) if you don't have the DNS suffix for that domain setup on the computer.
Maybe I should add domain variable to the end of the server? Maybe. But that could cause problems if a server handled multiple domains. (If that's even possible, I don't know).
That's it for now. I'll try to dig up more stuff or post new and exciting subs/functions as I get them (and not slack off again).
If you have any questions or suggestions, feel free to leave a comment and I'll be happy to reply!
-Corey Thomas
Your humble vbscripting blogger
