|
server
newsgroups
|
|||||||||||||||||||||||
|
|||||||||||||||||||||||
Amateur Scripter Question
I can't get my script to work on objects nestled in 2 OU levels deep. They
only work in the 1st OU level. For example: OU=United States, OU=New York. If the object is in the New York OU, it doesn't work. If I move it up to the United States OU it works. Is there something extra you need to do to touch objects nestled 2 OU's deep? -- Change your thoughts and you change your world. meek wrote:
>I can't get my script to work on objects nestled in 2 OU levels deep. They If the components of the AdsPath are comma delimited as in your example, > only work in the 1st OU level. For example: OU=United States, OU=New > York. > If the object is in the New York OU, it doesn't work. If I move it up to > the > United States OU it works. Is there something extra you need to do to > touch > objects nestled 2 OU's deep? your ADSI binding string is in Little-Endian form. This is the default (I have never seen anyone use the alternative Big-Endian form). The components are listed in order from the lowest level to the highest. The last components in the AdsPath are the domain. The first component is the relative distinguished name of the specific object you are referencing. In your example, "ou=United States" resides in "ou=New York", which doesn't seem likely. I assume the components are listed in the wrong order. To bind to the user "cn=Jim Smith" in "ou=United States", which is in the root of the domain "MyDomain.com", you would use: Set objUser1 = GetObject("LDAP://cn=Jim Smith,ou=United States,dc=MyDomain,dc=com") If "ou=New York" is in "ou=United States" ("ou=New York" is a child of the parent "ou=United States"), you would bind to the user "cn=Mary Johnson" in "ou=New York with: Set objUser2 = GetObject("LDAP://cn=Mary Johnson,ou=New York,ou=United States,dc=MyDomain,dc=com") Does this help? Thanks Rich. You are absolutely correct. I had the order wrong. However,
after changing the order, I get an error stating the item doesn't exist. Let me take another look to see if I goofed something up. Thanks for the immediate response. One more thing, once I get this script working, how to I apply it to all users in the OU? Would I just use the %username% in the place of the username and home directory folder name? -- Show quoteChange your thoughts and you change your world. "Richard Mueller [MVP]" wrote: > meek wrote: > > >I can't get my script to work on objects nestled in 2 OU levels deep. They > > only work in the 1st OU level. For example: OU=United States, OU=New > > York. > > If the object is in the New York OU, it doesn't work. If I move it up to > > the > > United States OU it works. Is there something extra you need to do to > > touch > > objects nestled 2 OU's deep? > > If the components of the AdsPath are comma delimited as in your example, > your ADSI binding string is in Little-Endian form. This is the default (I > have never seen anyone use the alternative Big-Endian form). The components > are listed in order from the lowest level to the highest. The last > components in the AdsPath are the domain. The first component is the > relative distinguished name of the specific object you are referencing. > > In your example, "ou=United States" resides in "ou=New York", which doesn't > seem likely. I assume the components are listed in the wrong order. To bind > to the user "cn=Jim Smith" in "ou=United States", which is in the root of > the domain "MyDomain.com", you would use: > > Set objUser1 = GetObject("LDAP://cn=Jim Smith,ou=United > States,dc=MyDomain,dc=com") > > If "ou=New York" is in "ou=United States" ("ou=New York" is a child of the > parent "ou=United States"), you would bind to the user "cn=Mary Johnson" in > "ou=New York with: > > Set objUser2 = GetObject("LDAP://cn=Mary Johnson,ou=New York,ou=United > States,dc=MyDomain,dc=com") > > Does this help? > > -- > Richard Mueller > Microsoft MVP Scripting and ADSI > Hilltop Lab - http://www.rlmueller.net > -- > > > You can bind to the OU object, filter on all child objects of class "user",
and enumerate. In brief: ========== ' Bind to OU. Set objOU = GetObject("LDAP://ou=New Your,ou=United States,dc=MyDomain,dc=com") ' Filter on user objects. objOU.Filter = Array("user") ' Enumerate all users in the OU. For Each objUser in objOU ' Display user NT name and home directory. Wscript.Echo objUser.sAMAccountName & ", " & objUser.homeDirectory Next ========= I can't tell what you are trying to accomplish. The above just spits out all user names and their home directories. As with most administrative scripts, it should be run at a command prompt with the cscript host. The output can be redirected to a text file. For example, if the above program is in the file Example.vbs: cscript //nologo Example.vbs > report.txt Show quote "meek" <m***@discussions.microsoft.com> wrote in message news:4347A542-FC00-4117-8BC3-20A4215F3804@microsoft.com... > Thanks Rich. You are absolutely correct. I had the order wrong. However, > after changing the order, I get an error stating the item doesn't exist. > Let > me take another look to see if I goofed something up. Thanks for the > immediate response. > > One more thing, once I get this script working, how to I apply it to all > users in the OU? Would I just use the %username% in the place of the > username and home directory folder name? > -- > Change your thoughts and you change your world. > > > "Richard Mueller [MVP]" wrote: > >> meek wrote: >> >> >I can't get my script to work on objects nestled in 2 OU levels deep. >> >They >> > only work in the 1st OU level. For example: OU=United States, OU=New >> > York. >> > If the object is in the New York OU, it doesn't work. If I move it up >> > to >> > the >> > United States OU it works. Is there something extra you need to do to >> > touch >> > objects nestled 2 OU's deep? >> >> If the components of the AdsPath are comma delimited as in your example, >> your ADSI binding string is in Little-Endian form. This is the default (I >> have never seen anyone use the alternative Big-Endian form). The >> components >> are listed in order from the lowest level to the highest. The last >> components in the AdsPath are the domain. The first component is the >> relative distinguished name of the specific object you are referencing. >> >> In your example, "ou=United States" resides in "ou=New York", which >> doesn't >> seem likely. I assume the components are listed in the wrong order. To >> bind >> to the user "cn=Jim Smith" in "ou=United States", which is in the root of >> the domain "MyDomain.com", you would use: >> >> Set objUser1 = GetObject("LDAP://cn=Jim Smith,ou=United >> States,dc=MyDomain,dc=com") >> >> If "ou=New York" is in "ou=United States" ("ou=New York" is a child of >> the >> parent "ou=United States"), you would bind to the user "cn=Mary Johnson" >> in >> "ou=New York with: >> >> Set objUser2 = GetObject("LDAP://cn=Mary Johnson,ou=New York,ou=United >> States,dc=MyDomain,dc=com") >> >> Does this help? >> >> -- >> Richard Mueller >> Microsoft MVP Scripting and ADSI >> Hilltop Lab - http://www.rlmueller.net >> -- >> >> >> Rich,
Thanks again. I did goof yesterday. I had the username spelled incorrectly. Once correcting this, I was successfully able to run the script and make the changes. Just to let you know, we moved our user's home folder from a previous server, to our new SAN. We have redirected their "My Documents" folder to the new server using group policy. However, the Home folder listed on the profile tab in the active directory object properties still has the path to the old server. I wanted to make a script to change this for all 500 users automatically. I do have the script working on individual users, but need to know how to get it to run for all the users. We currently have about 5 top level OUs that have about 30 sub OUs and some of those sub OUs have OUs. If I understand your response, I must bind to the OU and run the script for all users? -- Show quoteChange your thoughts and you change your world. "Richard Mueller [MVP]" wrote: > You can bind to the OU object, filter on all child objects of class "user", > and enumerate. In brief: > ========== > ' Bind to OU. > Set objOU = GetObject("LDAP://ou=New Your,ou=United > States,dc=MyDomain,dc=com") > > ' Filter on user objects. > objOU.Filter = Array("user") > > ' Enumerate all users in the OU. > For Each objUser in objOU > ' Display user NT name and home directory. > Wscript.Echo objUser.sAMAccountName & ", " & objUser.homeDirectory > Next > ========= > I can't tell what you are trying to accomplish. The above just spits out all > user names and their home directories. As with most administrative scripts, > it should be run at a command prompt with the cscript host. The output can > be redirected to a text file. For example, if the above program is in the > file Example.vbs: > > cscript //nologo Example.vbs > report.txt > > -- > Richard Mueller > Microsoft MVP Scripting and ADSI > Hilltop Lab - http://www.rlmueller.net > -- > > "meek" <m***@discussions.microsoft.com> wrote in message > news:4347A542-FC00-4117-8BC3-20A4215F3804@microsoft.com... > > Thanks Rich. You are absolutely correct. I had the order wrong. However, > > after changing the order, I get an error stating the item doesn't exist. > > Let > > me take another look to see if I goofed something up. Thanks for the > > immediate response. > > > > One more thing, once I get this script working, how to I apply it to all > > users in the OU? Would I just use the %username% in the place of the > > username and home directory folder name? > > -- > > Change your thoughts and you change your world. > > > > > > "Richard Mueller [MVP]" wrote: > > > >> meek wrote: > >> > >> >I can't get my script to work on objects nestled in 2 OU levels deep. > >> >They > >> > only work in the 1st OU level. For example: OU=United States, OU=New > >> > York. > >> > If the object is in the New York OU, it doesn't work. If I move it up > >> > to > >> > the > >> > United States OU it works. Is there something extra you need to do to > >> > touch > >> > objects nestled 2 OU's deep? > >> > >> If the components of the AdsPath are comma delimited as in your example, > >> your ADSI binding string is in Little-Endian form. This is the default (I > >> have never seen anyone use the alternative Big-Endian form). The > >> components > >> are listed in order from the lowest level to the highest. The last > >> components in the AdsPath are the domain. The first component is the > >> relative distinguished name of the specific object you are referencing. > >> > >> In your example, "ou=United States" resides in "ou=New York", which > >> doesn't > >> seem likely. I assume the components are listed in the wrong order. To > >> bind > >> to the user "cn=Jim Smith" in "ou=United States", which is in the root of > >> the domain "MyDomain.com", you would use: > >> > >> Set objUser1 = GetObject("LDAP://cn=Jim Smith,ou=United > >> States,dc=MyDomain,dc=com") > >> > >> If "ou=New York" is in "ou=United States" ("ou=New York" is a child of > >> the > >> parent "ou=United States"), you would bind to the user "cn=Mary Johnson" > >> in > >> "ou=New York with: > >> > >> Set objUser2 = GetObject("LDAP://cn=Mary Johnson,ou=New York,ou=United > >> States,dc=MyDomain,dc=com") > >> > >> Does this help? > >> > >> -- > >> Richard Mueller > >> Microsoft MVP Scripting and ADSI > >> Hilltop Lab - http://www.rlmueller.net > >> -- > >> > >> > >> > > >  |
|||||||||||||||||||||||
Other interesting topics