Re: Export users from AD
Miha wrote:
> I need a script that will export all users (with e-mail addresses) from AD
> that have Exchange mailboxes into a .csv or plain text format. It needs to
> be a script (not manual export) so that will run automatically with
> scheduler.
> How can this be done?
> Thank you in advance.
> Regards,
> Miha
As noted, you can use ADO to retrieve information from AD. See this link:
http://www.rlmueller.net/ADOSearchTips.htm
The user name you retrieve can be the value of the "distinguishedName"
attribute or the "sAMAccountName" attribute. The later is also called the
"pre-Windows 2000 logon name" (or the NT Name). The "mail" attribute is the
E-mail address on the "General" tab of ADUC. However, if you use Exchange, I
think you want the value of the multi-valued attribute proxyAddresses.
Using the variables from the link above, the base of the search (if you want
all users in the domain) could be the distinguishedName of the domain:
' Search entire Active Directory domain.
Set objRootDSE = GetObject("LDAP://RootDSE")
strDNSDomain = objRootDSE.Get("defaultNamingContext")
strBase = "<LDAP://" & strDNSDomain & ">"
To retrieve information on all users the filter would be:
' Filter on user objects.
strFilter = "(&(objectCategory=person)(objectClass=user))"
To restrict the query to users with Exchange email addresses I believe the
filter would be:
' Filter on user objects with Exchange email addresses.
strFilter = "(&(objectCategory=person)(objectClass=user)(proxyAddresses=*))"
This retrieves all users that have any value(s) assigned to the
proxyAddresses attribute. Finally, the list of attribute values to retrieve
would be:
' Comma delimited list of attribute values to retrieve.
strAttributes = "sAMAccountName,distinguishedName,proxyAddresses"
I don't have Exchange so I cannot test, but the complete script could be as
below. The script echos the values to the console delimited with semicolons
(since distinguishedNames have embedded commas), so it can be read into a
spreasheet. Run the program at a command prompt with cscript and redirect
the output to a text file:
============
Option Explicit
Dim adoCommand, adoConnection, strBase, strFilter, strAttributes
Dim objRootDSE, strDNSDomain, strQuery, adoRecordset, strNTName, strDN
Dim strLine, arrAddresses, strAddress
' Setup ADO objects.
Set adoCommand = CreateObject("ADODB.Command")
Set adoConnection = CreateObject("ADODB.Connection")
adoConnection.Provider = "ADsDSOObject"
adoConnection.Open "Active Directory Provider"
adoCommand.ActiveConnection = adoConnection
' Search entire Active Directory domain.
Set objRootDSE = GetObject("LDAP://RootDSE")
strDNSDomain = objRootDSE.Get("defaultNamingContext")
strBase = "<LDAP://" & strDNSDomain & ">"
' Filter on user objects with Exchange email addresses.
strFilter = "(&(objectCategory=person)(objectClass=user)(proxyAddresses=*))"
' Comma delimited list of attribute values to retrieve.
strAttributes = "sAMAccountName,distinguishedName,proxyAddresses"
' Construct the LDAP syntax query.
strQuery = strBase & ";" & strFilter & ";" & strAttributes & ";subtree"
adoCommand.CommandText = strQuery
adoCommand.Properties("Page Size") = 100
adoCommand.Properties("Timeout") = 30
adoCommand.Properties("Cache Results") = False
' Run the query.
Set adoRecordset = adoCommand.Execute
' Enumerate the resulting recordset.
Do Until adoRecordset.EOF
' Retrieve values and display.
strNTName = adoRecordset.Fields("sAMAccountName").Value
strDN = adoRecordset.Fields("distinguishedName").value
' Construct one line of output per user.
strLine = strNTName & ";" & strDN
' Add Email addresses to the output line.
arrAddresses = adoRecordset.Fields("proxyAddresses").Value
For Each strAddress In arrAddresses
strLine = strLine & ";" & strAddress
Next
Wscript.Echo strLine
' Move to the next record in the recordset.
adoRecordset.MoveNext
Loop
' Clean up.
adoRecordset.Close
adoConnection.Close
===========
If the VBScript program is saved in a file called GetEmail.vbs, run it at a
command prompt with a command similar to:
cscript //nologo GetEmail.vbs > report.txt
The file report.txt is created in the current directory. It can be read into
a spreadsheet, just designate the semicolon as the delimiter.
--
Richard Mueller
MVP Directory Services
Hilltop Lab -
http://www.rlmueller.net
--