Option Explicit Const ForWriting = 2 set objFSO = CreateObject("scripting.filesystemobject") set objFile = objFSO.createtextfile(".\Review" & "_" & Year(Now()) & Month(Now()) & Day(Now()) & ".txt" , ForWriting, True) Const ADS_UF_ACCOUNTDISABLE = 2 Dim intUAC, strStatus, strDate, objUser, strValue Dim objRootDSE, adoConnection, adoCommand, strQuery Dim adoRecordset, strDNSDomain, objShell, lngBiasKey Dim lngBias, k, strDN, dtmDate, objDate,objFSO,objFile,dtmPwdLastSet Dim strBase, strFilter, strAttributes, lngHigh, lngLow Dim strgivenName, strinitials, strSN, strsam, strtitle, strdepartment, strCompany Dim strmodifyTimeStamp, strWhenChanged, strpwd, stremployeetype, strMail, strwWWhomepage, strWhenCreated, stremployeeID Dim strstreetAddress, strcity, strstate, strpostalCode, strco, strpostofficeBox, strphysicalDeliveryOfficeName, strTelephoneNumber, strmobile, strManager, strUserDN Dim arrPOBOX, strPOBOXItem, strPOBOX ' Obtain local Time Zone bias from machine registry. Set objShell = CreateObject("Wscript.Shell") lngBiasKey = objShell.RegRead("HKLM\System\CurrentControlSet\Control\" _ & "TimeZoneInformation\ActiveTimeBias") If (UCase(TypeName(lngBiasKey)) = "LONG") Then lngBias = lngBiasKey ElseIf (UCase(TypeName(lngBiasKey)) = "VARIANT()") Then lngBias = 0 For k = 0 To UBound(lngBiasKey) lngBias = lngBias + (lngBiasKey(k) * 256^k) Next End If Set objShell = Nothing 'strDNSDomain="DC=DOMAIN,DC=COM" 'Uncomment so it does the current domain it runs in 'Determine DNS domain from RootDSE object. Set objRootDSE = GetObject("LDAP://RootDSE") strDNSDomain = objRootDSE.Get("defaultNamingContext") Set objRootDSE = Nothing ' Use ADO to search Active Directory. Set adoCommand = CreateObject("ADODB.Command") Set adoConnection = CreateObject("ADODB.Connection") adoConnection.Provider = "ADsDSOObject" adoConnection.Open "Active Directory Provider" adoCommand.ActiveConnection = adoConnection ' Search entire domain. strBase = "" ' Filter on all user objects. strFilter = "(&(objectCategory=person)(objectClass=user)(!userAccountControl:1.2.840.113556.1.4.803:=2))" ' Comma delimited list of attribute values to retrieve. strAttributes = "samaccountname,lastLogonTimeStamp,useraccountcontrol,pwdLastset,employeetype,company,mail,sn,givenName,modifyTimeStamp,initials,manager,title,department,employeeid,l,streetAddress,postalCode,postofficeBox,st,manager,co,TelephoneNumber,physicalDeliveryOfficeName,mobile" ' Construct the LDAP syntax query. strQuery = strBase & ";" & strFilter & ";" & strAttributes & ";subtree" ' Run the query. adoCommand.CommandText = strQuery adoCommand.Properties("Page Size") = 1000 adoCommand.Properties("Timeout") = 60 adoCommand.Properties("Cache Results") = False Set adoRecordset = adoCommand.Execute 'objFile.WriteLine "User Account Logon Review:" & " " & Month(Now()) & "\" & Year(Now()) 'objFile.WriteLine "givenName" & ";" & "SN" & ";" & "samAccountName" & ";" & "DN" & ";" & "Status" & ";" & "WhenCreated" & ";" & "whenchanged" & ";" & "LastLogonTimeStamp(Date)" & ";" & "Password Last Set" & ";" & "Domain" 'objFile.WriteLine "givenName" & ";" & "initials" & ";" & "sn" & ";" & "samAccountName" & ";" & "employeeID" & ";" & "mail" & ";" & "company" & ";" & "title" & ";" & "department" & ";" & "manager" & ";" & "streetAddress" & ";" & "postOfficeBox" & ";" & "city(l)" & ";" & _ '"state(st)" & ";" & "postalCode" & ";" & "countrycode(co)" & ";" & "physicalDeliveryOfficeName" & ";" & "telephoneNumber" & ";" & "mobile" & ";" & "DNSDomain" & ";" & "LastLogonTimeStamp" & ";" & "PwdLastSet" 'objFile.WriteLine "'"givenName"'" Do Until adoRecordset.EOF 'strDN = adoRecordset.Fields("distinguishedName").Value 'strwhencreated = adoRecordset.Fields("whencreated").Value 'strmodifyTimeStamp = adoRecordset.Fields("modifyTimeStamp").Value 'strwWWhomepage = adoRecordset.Fields("wWWhomepage").Value 'stremployeetype = adoRecordset.Fields("employeetype").Value 'strpostofficeBox = adoRecordset.Fields("postofficeBox").Value strgivenName = adoRecordset.Fields("givenName").Value strinitials = adoRecordset.Fields("initials").Value strsn = adoRecordset.Fields("sn").Value strsam = "" + adoRecordset.Fields("samaccountname").Value + "" strmail = adoRecordset.Fields("mail").Value stremployeeID = adoRecordset.Fields("employeeID").Value strstreetAddress = adoRecordset.Fields("streetAddress").Value strcity = adoRecordset.Fields("l").Value strstate = adoRecordset.Fields("st").Value strpostalCode = adoRecordset.Fields("postalCode").Value strco = adoRecordset.Fields("co").Value strphysicalDeliveryOfficeName = adoRecordset.Fields("physicalDeliveryOfficeName") strTelephoneNumber = adoRecordset.Fields("TelephoneNumber").Value strmobile = adoRecordset.Fields("mobile").Value strcompany = adoRecordset.Fields("company").Value strtitle = adoRecordset.Fields("title").Value strdepartment = adoRecordset.Fields("department").Value strmanager = adoRecordset.Fields("manager").Value ' The postOfficeBox attribute is multi-valued, but ' there is never more than one item in the array. arrPOBOX = adoRecordset.Fields("postOfficeBox").Value If IsNull(arrPOBOX) Then strPOBOX = "" Else For Each strPOBOXItem In arrPOBOX strPOBOX = strPOBOXItem Next End If intUAC=adoRecordset.Fields("userAccountControl").Value If intUAC AND ADS_UF_ACCOUNTDISABLE Then strStatus="DISABLED" Else strStatus="ENABLED" End if If (TypeName(adoRecordset.Fields("pwdLastSet").Value) = "Object") Then Set objDate = adoRecordset.Fields("pwdLastSet").Value dtmPwdLastSet = Integer8Date(objDate, lngBias) Else dtmPwdLastSet = #1/1/1601# End If ' Retrieve attribute values for the user. ' strDN = adoRecordset.Fields("samaccountname").Value ' Convert Integer8 value to date/time in current time zone. On Error Resume Next Set objDate = adoRecordset.Fields("lastLogonTimeStamp").Value If (Err.Number <> 0) Then On Error GoTo 0 dtmDate = #1/1/1601# Else On Error GoTo 0 lngHigh = objDate.HighPart lngLow = objDate.LowPart If (lngLow < 0) Then lngHigh = lngHigh + 1 End If If (lngHigh = 0) And (lngLow = 0 ) Then dtmDate = #1/1/1601# Else dtmDate = #1/1/1601# + (((lngHigh * (2 ^ 32)) _ + lngLow)/600000000 - lngBias)/1440 End If End If ' Display values for the user. If (dtmDate = #1/1/1601#) Then strDate="Never" Else strDate=dtmDate End If 'objFile.WriteLine strgivenName & ";" & strinitials & ";" & strsn & ";" & strsam & ";" & stremployeeID & ";" & strmail & ";" & strcompany & ";" & strtitle & ";" & strdepartment & ";" & strManager & ";" & strstreetAddress & ";" & strPOBOX & ";" & strcity & ";" & _ 'strstate & ";" & strpostalCode & ";" & strco & ";" & strphysicalDeliveryOfficeName & ";" & strTelephoneNumber & ";" & strmobile & ";" & strDNSDomain & ";" & strDate & ";" & dtmPwdLastSet objFile.WriteLine strSAM adoRecordset.MoveNext Loop Wscript.echo "Script Complete" 'objFile.WriteLine "Complete" objFile.Close Function Integer8Date(ByVal objDate, ByVal lngBias) ' Function to convert Integer8 (64-bit) value to a date, adjusted for ' local time zone bias. Dim lngAdjust, lngDate, lngHigh, lngLow lngAdjust = lngBias lngHigh = objDate.HighPart lngLow = objdate.LowPart ' Account for error in IADsLargeInteger property methods. If (lngLow < 0) Then lngHigh = lngHigh + 1 End If If (lngHigh = 0) And (lngLow = 0) Then lngAdjust = 0 End If lngDate = #1/1/1601# + (((lngHigh * (2 ^ 32)) _ + lngLow) / 600000000 - lngAdjust) / 1440 ' Trap error if lngDate is ridiculously huge. On Error Resume Next Integer8Date = CDate(lngDate) If (Err.Number <> 0) Then On Error GoTo 0 Integer8Date = #1/1/1601# End If On Error GoTo 0 End Function