How to get a list of all users in an OU (VBScript)


Hi all, welcome back,


Today I’ll post a very straight forward sample which gets a list of all users in an Organizational Unit (OU) in Active Directory (AD) using VBScript:

‘ Get OU

strOU = “OU=Users,DC=domain,DC=com”

‘ Create connection to AD

Set objConnection = CreateObject(“ADODB.Connection”)
objConnection.Open “Provider=ADsDSOObject;”

‘ Create command

Set objCommand = CreateObject(“ADODB.Command”)
objCommand.ActiveConnection = objConnection
objCommand.Properties(“Page Size”) = 1000

‘ Execute command to get all users in OU

objCommand.CommandText = _
“<LDAP://” & strOU & “>;” & _
“(&(objectclass=user)(objectcategory=person));” & _
“adspath,distinguishedname,sAMAccountName;subtree”
Set objRecordSet = objCommand.Execute

‘ Show info for each user in OU

Do Until objRecordSet.EOF

‘ Show required info for a user

WScript.Echo objRecordSet.Fields(“adspath”).Value
WScript.Echo objRecordSet.Fields(“distinguishedname”).Value
WScript.Echo objRecordSet.Fields(“sAMAccountName”).Value

‘ Move to the next user

objRecordSet.MoveNext

Loop

‘ Clean up

objRecordSet.Close
Set objRecordSet = Nothing
Set objCommand = Nothing
objConnection.Close
Set objConnection = Nothing


 


I hope this helps.


Regards,


 


Alex (Alejandro Campos Magencio)

Comments (18)

  1. tonyr says:

    just curious why your starting these vbscript samples why not powershell?

  2. alejacma says:

    That’s a good question… Many, many people are still using VBScript out there. Additionally, PowerShell is not supported on Windows 2000, for instance, and I have many customers using that OS.

    But you are right and I should post something on PowerShell. Right now I’m posting real issues or questions that customers raised to me in the past few weeks, and nobody has ever requested a PowerShell sample to me, for instance. So I have none.

    I should start offering them PowerShell as an alternative. This way I may get some samples to post ;-)

    Thx a lot for your comment! Appreciated!

    Cheers,

    Alex

  3. tonyr says:

    its true that its not supported on w2k but you don’t have to run it on a w2k device run it on xpvista2003 against a remote w2k device.. but I do understand what your saying otherwise!

    tr

  4. alejacma says:

    And additionally, some customers use these VBScript samples in their ASP applications. Unfortunately for them, not everybody is using ASP.NET yet…

  5. PWRick says:

    Thank you for posting this script I have found it helpful. I do have a question though, I am using this as an ASP script to retrieve the list of users from our Active Directory. I found a listing of AD fields but when I substitue "givenname" or "dispalyname" for "distinguishedname" I get an error "Item cannot be found in the collection corresponding to the requested name or ordinal." Am I using the wrong field names? Thanks

  6. Yulius says:

    Hello Alex this is very usefull script in my thought.

    I just want to try your script for test in my LAB.

    but i’m not much know about scripting languange, can you tell me what is the outcomes for your script?? it is generated a file (for example txt file)??

    Please give me the light for this,

  7. Yulius says:

    o yeah please write me an email, if you dont mind.

    my email : lemmy_102@yahoo.com

    Thanks

  8. alejacma says:

    The script is just showing the results on the screen.

    Cheers,

    Alex

  9. revere says:

    Hi, could you help me, This script is very useful for me, but i need to get one more user info such as UserLast Logon Date and Time. When I tried to append this request to the script above, I walked into problems with timestamp format… Thanks in advance for any answer. revere@fjfi.cvut.cz

  10. alejacma says:

    If you want to get LastLogon, check this other post of mine:

    How to get LastLogon property for all users in a Domain (VBScript)

    http://blogs.msdn.com/alejacma/archive/2009/03/12/how-to-get-lastlogon-property-for-all-users-in-a-domain-vbscript.aspx

    I hope this helps.

  11. revere says:

    Many thanks for your answer. All what I need is to get LastLoginInfo (Time and Date) for all users in one OU in Domain. I can’t program in VBscript and can’t find any relevant tool in Windows 2000/2003. Your script (the first used) doesn’t display the LastLogon Value and the second one is working and working, till I’ll break it :-)) . Well, I think it’s serching for all users in AD … Thanks

  12. hsam says:

    does the output comes in a txt file ?

  13. anand says:

    script shows all the result in a popup box. how can i get all results in an Excel file or notepad?

    my requirements are

    1. Group name, (In which the user is member of)
    2. Email Id and

    3. Userid

    please reply to my mail ID: anandmirchi0101@rediffmail.com

  14. alejacma says:

    Anand, if you need help to develop such a script, I suggest you contact Microsoft Technical Support. I’m afraid I cannot create samples on demand…

  15. Gane_sh says:

    How to list users from ou/sub ou using vb script.

  16. bhaskar says:

    Hi your script is very good…but i want a script which gives active enabled users information from Active directory.I want the information as below mentioned fields:-

    First Name

    Last Name

    NT ID

    Region and Site

    Email ID

    PPS ID

    Full Address

    I want the output in a excel sheet and mainly i will be running the script remotely.

    Please help me…If you can give me the script with above mentioned details,i will be very very great full to you.

    Thanks,

    Bhaskar

  17. bhaskar says:

    you can  send me the script to my mail aslo bhaskar.v25@gmail.com    Waiting for your reply.It will b every much helpfull for me if you cna do the script

  18. alejacma says:

    Sorry bhaskar, but I'm afraid I cannot attend those kind of demands. Not enough free time. If you need help, I suggest you open a support case with us, Microsoft Technical Support. We are not allowed to do custom code for our customers, but we can provide with assistance and samples to do what you need if you open an Advisory case, which will be paid by the hour (and note that in many regions, only customers with a Premier account are able to open those kind of cases). Thx for your understanding.

    Regards,

    Alex