I am trying to find a way to search for multiple users in AD. using users and computers, I could only search for one at a time, even seperating user names with colons or commas did not work. Nor did creating a query work. Any ideas would be greatly appreciated.
Tek-Tips is the largest IT community on the Internet today!
Members share and learn making Tek-Tips Forums the best source of peer-reviewed technical information on the Internet!
-
Congratulations Rhinorhino on being selected by the Tek-Tips community for having the most helpful posts in the forums last week. Way to Go!
Searhing AD
- Thread starter cldboone
- Start date
What is the common criteria for the users if there is any? What action do you want to perform on the IDs when you find them?
You will probably find this easier to do with a script. Answer the above questions and I can give you a script to reach the goal.
I hope you find this post helpful. Please let me know if it was.
Regards,
Mark
You will probably find this easier to do with a script. Answer the above questions and I can give you a script to reach the goal.
I hope you find this post helpful. Please let me know if it was.
Regards,
Mark
- Thread starter
- #3
Yes it is a start, the only thing they have in common is that they are all in the same OU. Our users are put in to Queue_department, the Queue tree relate to their job. They have comman groups for the location.IE cc-Jax, domain users.
All i have is their log on names, I wanted to find them all then modify them individually, Need to remove them from the current queue trees, add them to another also add them to another group.
They are all in one of 4 Queue trees.
All i have is their log on names, I wanted to find them all then modify them individually, Need to remove them from the current queue trees, add them to another also add them to another group.
They are all in one of 4 Queue trees.
OK, so to take your environment specific terms out of the equation to make sure I understand your goal, you are looking for a way to move users from one OU to another. You have four possible OUs to select from right?
Is the goal to alawys move users from the same OU to the same OTHER OU?
I hope you find this post helpful. Please let me know if it was.
Regards,
Mark
Is the goal to alawys move users from the same OU to the same OTHER OU?
I hope you find this post helpful. Please let me know if it was.
Regards,
Mark
- Thread starter
- #5
no, sorry let me try to explain better, (sorry a little new)
Our users are all in the users OU.
The way it is set up is users are placed first in Queue trees
IE queue_pay, or saves or billing, whatever type of call they take (dpeartment) they are in.
we have some site specific groups.
cc-jax for example.
sometimes, some users are moved from one department (q tree) to another. usually at least 3 or 4. This time I had 25. Rather than search AD for them one at a time or each q tree for them, I wanted to search for the users, preferable in AD users and computers, so that I had the accounts all in one list.
Then modify their Q tree assignents and group memeberships.
( I did not design this environment)
I hope this helps, I basically want to search AD, via the users and computers snap it for more than one account at a time.
Our users are all in the users OU.
The way it is set up is users are placed first in Queue trees
IE queue_pay, or saves or billing, whatever type of call they take (dpeartment) they are in.
we have some site specific groups.
cc-jax for example.
sometimes, some users are moved from one department (q tree) to another. usually at least 3 or 4. This time I had 25. Rather than search AD for them one at a time or each q tree for them, I wanted to search for the users, preferable in AD users and computers, so that I had the accounts all in one list.
Then modify their Q tree assignents and group memeberships.
( I did not design this environment)
I hope this helps, I basically want to search AD, via the users and computers snap it for more than one account at a time.
What is confusing me is what you are talking about Queue Trees. Are you refering to groups?
If so then there is an easy solution for you.
Edit the group rather than the user object.
There you can specify to add additional users and can use the Semi-Colon to seperate your users. Do the same thing for the group they need to be removed from. You will be able to quickly highlight the users on the Members tab and hit delete.
If you want a script to help with this let me know.
I hope you find this post helpful. Please let me know if it was.
Regards,
Mark
If so then there is an easy solution for you.
Edit the group rather than the user object.
There you can specify to add additional users and can use the Semi-Colon to seperate your users. Do the same thing for the group they need to be removed from. You will be able to quickly highlight the users on the Members tab and hit delete.
If you want a script to help with this let me know.
I hope you find this post helpful. Please let me know if it was.
Regards,
Mark
- Thread starter
- #7
That is what I ended up doing, yes Q trees are like groups, that is the way I understand them I have not asked the engineer to explain them to me in detail yet.
I would like that script, I am starting to take an interest is scripting, I think I will need it if I want to go anywhere above level 2 admin.
I do appreciate your help, it was quite useful.
My email is cLdboone@aol.com
I would like that script, I am starting to take an interest is scripting, I think I will need it if I want to go anywhere above level 2 admin.
I do appreciate your help, it was quite useful.
My email is cLdboone@aol.com
OK, this is untested. I am basing it off of a working script, but had to change a lot because it had hard coded paths in it. You will need to verify the LDAP paths for your environment and adjust the script as needed.
This will read from an excel spreadsheet and add/remove groups as needed.
Put username in column A, Remove group in column B and the add group in column C.
set oExl = GetObject(,"Excel.Application")
r=1
Const LDOMAIN = "LDAP://AD-ENTIADM01/"
Const ENT_OU = ",DC=company,DC=local"
do until len(oExl.cells(r, 1).value) = 0
userName = oExl.cells(r, 1).value
removeGroup= oExl.cells(r, 2).value
addGroup= oExl.cells(r, 3).value
set objUser = GetUser2(userName)
addgpstr = LDOMAIN & addGroup & ENT_OU
delgpstr = LDOMAIN & removeGroup & ENT_OU
' bind to the groups
set addobjGroup = GetObject(addgpstr)
'now add the user to the group
objGroup.Add objUser.ADsPath
set delobjGroup = GetObject(delgpstr)
'now add the user to the group
objGroup.Remove objUser.ADsPath
r=r+1
loop
Public Function GetUser2(ByVal sAMAccountName)
Dim ADCon,ADCmd,ADRec,str
Set ADCon = CreateObject("ADODB.Connection")
Set ADCmd = CreateObject("ADODB.Command")
ADCon.Provider = "ADsDSOObject"
ADCon.Open "Active Directory Provider", UID, PWD
Set ADCmd.ActiveConnection = ADCon
ADCmd.Properties("Cache results") = False
ADCmd.Properties("TimeOut") = 120
str = "select sAMAccountName, ADsPath " & _
"from '" & LDOMAIN & "OU=users" & ENT_OU "' " & _
"where objectCategory='person' and sAMAccountName='" & sAMAccountName & "'"
ADCmd.CommandText = str
Set ADRec = ADCmd.Execute()
If ADRec.EOF Then
Set objUser = Nothing
Exit Function
End If
' Then bind to the IADs object.
Set GetUser2 = getObject(ADRec.Fields("adspath"))
End Function
I hope you find this post helpful. Please let me know if it was.
Regards,
Mark
This will read from an excel spreadsheet and add/remove groups as needed.
Put username in column A, Remove group in column B and the add group in column C.
set oExl = GetObject(,"Excel.Application")
r=1
Const LDOMAIN = "LDAP://AD-ENTIADM01/"
Const ENT_OU = ",DC=company,DC=local"
do until len(oExl.cells(r, 1).value) = 0
userName = oExl.cells(r, 1).value
removeGroup= oExl.cells(r, 2).value
addGroup= oExl.cells(r, 3).value
set objUser = GetUser2(userName)
addgpstr = LDOMAIN & addGroup & ENT_OU
delgpstr = LDOMAIN & removeGroup & ENT_OU
' bind to the groups
set addobjGroup = GetObject(addgpstr)
'now add the user to the group
objGroup.Add objUser.ADsPath
set delobjGroup = GetObject(delgpstr)
'now add the user to the group
objGroup.Remove objUser.ADsPath
r=r+1
loop
Public Function GetUser2(ByVal sAMAccountName)
Dim ADCon,ADCmd,ADRec,str
Set ADCon = CreateObject("ADODB.Connection")
Set ADCmd = CreateObject("ADODB.Command")
ADCon.Provider = "ADsDSOObject"
ADCon.Open "Active Directory Provider", UID, PWD
Set ADCmd.ActiveConnection = ADCon
ADCmd.Properties("Cache results") = False
ADCmd.Properties("TimeOut") = 120
str = "select sAMAccountName, ADsPath " & _
"from '" & LDOMAIN & "OU=users" & ENT_OU "' " & _
"where objectCategory='person' and sAMAccountName='" & sAMAccountName & "'"
ADCmd.CommandText = str
Set ADRec = ADCmd.Execute()
If ADRec.EOF Then
Set objUser = Nothing
Exit Function
End If
' Then bind to the IADs object.
Set GetUser2 = getObject(ADRec.Fields("adspath"))
End Function
I hope you find this post helpful. Please let me know if it was.
Regards,
Mark
take a look at this linik which lists how to create the mailbox. You should be able to do some queries based on this info.
I hope you find this post helpful. Please let me know if it was.
Regards,
Mark
I hope you find this post helpful. Please let me know if it was.
Regards,
Mark
- Status
Similar threads
- Locked
- Question
