(158, 5) (null): A referral was returned from the server.
I want to retrieve, last logon, user id, accounts disabled and when account was created.
I thought it was the LDAP: query and tried putting in dc =xyz,dc=local
But that didnt work either.
script pulled from internet below:
Code: Select all
'
' File: AllUsersLastLogon.vbs
' DESCRIPTION:
' * User-ID
' * Last Logon server
' * Date and Time of last logon
' * Logon older than 30 days
' * Has never logged on at all.
' * Account Disabled
' * Account created at
' * Flag error Code
' * Users Full name
' * OU path
' * LDAP path
' * Special Error codes
Option Explicit
Dim DomainName, DomainName2, strDN, concat, obj
Dim objExcel, ws, WriteFile, WriteFilePath
Dim oConnection, oCommand, oRoot, strDomain
Dim strPath, strQuery, oResults, sPosition
Dim CRLF
Dim FolderPath
Dim fso, WshShell
Dim User, DC, ShowResult
Dim Pos1, Pos2, Pos3, Pos4, Pos5, Pos6
Dim OldYearTime, OldYearTimeLen, DateTimeCounter
Dim NewYearTime, NewYear, OldYear, CompareYear, NewYearVal, OldYearVal
Dim NewDate, NewDateTime, NewMonth, OldDate, OldDateTime, OldMonth, NewDay, NewDayVal, OldDay, OldDayVal
Dim NewTime, NewTimeVal, OldTime, OldTimeVal
Dim LogonDC, intButton
Dim i, x, c, DomainObj, UserObj
Dim UserLastLogonArray()
Dim MyArraySize
Dim MyDateAndTimePos, MyPeriodPos, a, MessageVal
Dim Flag, CodeAccDis, Code
Dim DCName, UserInDomain, DomainString, userName, iElement, UserVal
Dim strWhenCreated, objUser, DateTimeVal
Dim Users30DaysNo
Dim UserInDomainNo
Dim UsersNoLogonNo
Dim AccountDisNo, FileTime, ExcelPath, NoLastLoginCounter, UserNeverLoggedOn
NoLastLoginCounter = 0
UserNeverLoggedOn = False
FileTime = Timer
AccountDisNo = 0
UsersNoLogonNo = 0
Users30DaysNo = 0
UserInDomainNo = 0
MessageVal = 0
DateTimeCounter = 0
OldYearTime = 1
FolderPath = "C:Temp"
WriteFilePath = "C:TempWriteAllUsersLastLogon"
c = 2
DateTimeVal = Date & " " & Time
'*******************************************************************************************
' Preliminary work and functions
'*******************************************************************************************
Set WshShell = Wscript.CreateObject("WScript.shell")
Set fso = CreateObject("Scripting.FileSystemObject")
Function ControlSyntax()
if wscript.arguments.count <> 1 Then
wscript.echo "Syntax error. Usage: cscript badauths.vbs loginname"
wscript.quit (5555)
end If
DomainName = "dc=" & wscript.arguments(0) & ",dc=dk"
DomainName2 = wscript.arguments(0) & ".dk"
End function
'Creates the folder if necssesary
Function MakeFolder()
If Not fso.FolderExists (FolderPath) then
fso.CreateFolder ("C:Temp")
End If
End Function
'Creates the file if necssesary, and writes the headers of the rows
Function MakeFile()
If (fso.FileExists(WriteFilePath + ".htm")) Then
fso.DeleteFile(WriteFilePath + ".htm")
End If
Set WriteFile = fso.OpenTextFile(WriteFilePath & "_" & FileTime & ".htm", 8, true, -2)
WriteFile.Write "<html>" & vbCRLf & "<head>" & vbCRLf
WriteFile.Write "<link rel='stylesheet' TYPE='text/css' HREF='http://dkweb:12345/css/default.css'>" & vbCRLf
WriteFile.Write "</head>" & vbCRLf & "<body bgcolor='#98FB98'>" & vbCRLf
WriteFile.Write "<script language='vbscript'>" & vbCRLf
WriteFile.Write "Set WShell = CreateObject(" & chr(34)& "WScript.Shell" & chr(34) & ")" & vbCRLf
WriteFile.Write "</script>" & vbCRLf
WriteFile.Write "<h1 class='H4'>User last logon was ...</h1>" & vbCRLf
WriteFile.Write "<hr color='#6B8E23' width='100%'>
" & vbCRLf
WriteFile.Write "<font class='LogText'>Script startet at " & Date & " " & Time & vbCRLf
WriteFile.Write "
<hr color='#6B8E23' width='100%'>
<font class='LogText'>" & vbCRLf
WriteFile.Write "
<h3>STATUS:" & vbCRLf & vbCRLf
Set objExcel = WScript.CreateObject("EXCEL.application")
objExcel.Visible = True
objExcel.Workbooks.Add
Set ws = objExcel.Worksheets(1)
objExcel.ActiveSheet.Name = "Last Logon"
ws.Cells(1,1).Value = "User-ID"
ws.Columns(1).ColumnWidth = 15
ws.Cells(1,2).Value = "Last logged on Server"
ws.Columns(2).ColumnWidth = 20
ws.Cells(1,3).Value = "At date and time"
ws.Columns(3).ColumnWidth = 20
ws.Cells(1,4).Value = "Older than 30 days"
ws.Columns(4).ColumnWidth = 25
ws.Cells(1,5).Value = "Has Never Logged On"
ws.Columns(5).ColumnWidth = 25
ws.Cells(1,6).Value = "Account Disabled"
ws.Columns(6).ColumnWidth = 20
ws.Cells(1,7).Value = "Account Created at"
ws.Columns(7).ColumnWidth = 18
ws.Cells(1,8).Value = "Flag Error Code"
ws.Columns(8).ColumnWidth = 15
ws.Cells(1,9).Value = "Users Full Name"
ws.Columns(9).ColumnWidth = 35
ws.Cells(1,10).Value = "OU path"
ws.Columns(10).ColumnWidth = 30
ws.Cells(1,11).Value = "LDAP path"
ws.Columns(11).ColumnWidth = 70
ws.Cells(1,12).Value = "Special Error codes"
ws.Columns(12).ColumnWidth = 20
objExcel.Range("A1:L1").Select
objExcel.Selection.Font.Bold = True
objExcel.Selection.Interior.ColorIndex = 5
objExcel.Selection.Interior.Pattern = 2
objExcel.Selection.Font.ColorIndex = 2
objExcel.ActiveSheet.Range("A1").Activate
ws.Cells(1,1).Select
intButton = WshShell.Popup("Working, please wait...", , "Working !", 64)
End Function
'*******************************************************************************************
' Get All Users for all DC's
'*******************************************************************************************
Function GetDCforDomain()
Set oConnection = CreateObject("ADODB.Connection")
Set oCommand = CreateObject("ADODB.Command")
oConnection.Provider = "ADsDSOObject"
oConnection.Open = "Active Directory Provider"
Set oCommand.ActiveConnection = oConnection
Set oRoot = GetObject("LDAP://RootDSE")
'strDomain = oRoot.Get("DefaultNamingContext")
strDomain = DomainName
concat="LDAP://OU=Domain Controllers," & strDomain 'OU for Domain Controllers
set obj=GetObject(concat)
For Each DCName In obj
UserInDomainNo = UserInDomainNo + 1
Next
For Each DCName In obj
UserInDomain = DCName.name
Exit For
Next
ForAllUsers()
End Function
Function ForAllUsers()
Set DomainObj = GetObject("WinNT://" & DomainName2)
DomainObj.Filter = Array("user")
' List all users
For Each UserObj In DomainObj
userName = UserObj.Name
GetUserLastLogon()
NoGo = 0
'If c = 40 Then 'If you only want to check a specific number of users for a start
'Exit Function 'then undo the remark and type the number of users you want to check
'End If
Next
End Function
'*******************************************************************************************
' Get All Users LastLogin for all DC's
'*******************************************************************************************
Dim UsersOU, UserFullName, MyPos1, MyPos2, TopOU, SearchName, BadSymbol
Dim counter, BadName, NoGo, UserGotNoOU
counter = 0
NoGo = 0
Function GetUserLastLogon() 'Check all users LastLogin at all DC's
i = 2
x = 0
For Each DCName In obj 'For each DC in DC-collection, go check ...
strQuery = "SELECT distinguishedName, AdsPath, ou FROM 'LDAP://" & strDomain & "'WHERE sAMAccountName = '" & userName & "'"
oCommand.CommandText = strQuery
Set oResults = oCommand.Execute
strDN = oResults.Fields("distinguishedName")
strPath = DCName.name & "." & DomainName2 & "/" & strDN
'Remove the initial CN= from the distinguished name, put it back in strPath.
sPosition = InStr(1, strPath, "=", 1)
strPath = Mid(strPath, sPosition +1)
Pos1 = InStr (1,strPath,"/",1)
DC = Left (strPath, (Pos1 -1))
Set User = GetObject("WinNT://" & DC & "/" & userName & ",user") 'userName = User-ID
UsersOU = oResults.Fields("AdsPath")
UserFullName = User.FullName
'-------- Checking validity of users FullName and OU membership --------
MyPos1 = ""
MyPos2 = ""
UserGotNoOU = False
MyPos1 = InStr (4, UsersOU, "OU=", 1)
If MyPos1 = 0 Then 'If user is not a member of a manually created OU, then ... (ex. member of default OU Users)
UserGotNoOU = True
MyPos1 = InStr (9, UsersOU, "CN=", 1) 'Search for the next 'CN=' in the AdsPath
MyPos2 = InStr (MyPos1, UsersOU, "DC=", 1)
TopOU = Mid (UsersOU, (MyPos1+3), ((MyPos2-1)-(MyPos1+3))) 'Gets a default OU, ex. OU=Users (It's really called CN=Users)
Else
MyPos2 = InStr (MyPos1, UsersOU, "DC=", 1) 'Capture the users OU
TopOU = Mid (UsersOU, (MyPos1+3), ((MyPos2-1)-(MyPos1+3))) 'Gets the OU path, ex. OU=TEST2,OU=TEST1,OU=TEST
End If
MyPos1 = ""
MyPos2 = ""
MyPos1 = InStr (4, UsersOU, "CN=", 1) 'Capture the users Full Name
MyPos2 = InStr (MyPos1, UsersOU, ",OU=", 1) 'Capture the users Full Name
If MyPos2 = 0 Then 'If user is not a member of a manually created OU, then ... (ex. member of default OU Users)
UserGotNoOU = True
MyPos2 = InStr (MyPos1, UsersOU, ",CN=", 1) 'Capture the users Full Name
SearchName = Mid (UsersOU, (MyPos1+3), (MyPos2-(MyPos1+3))) 'Capture the users Full Name
ws.Cells(c,9).Value = SearchName
ws.Cells(c,10).Value = TopOU
ws.Cells(c,11).Value = UsersOU
Else
SearchName = Mid (UsersOU, (MyPos1+3), (MyPos2-(MyPos1+3))) 'Capture the users Full Name
ws.Cells(c,9).Value = SearchName
ws.Cells(c,10).Value = TopOU
ws.Cells(c,11).Value = UsersOU
End If
'-------- End of 'Checking validity of users FullName and OU membership' --------
Flag = UserObj.UserFlags 'User Flag Code Set
On Error Resume Next
ShowResult = User.LastLogin 'Gets the last login date and time for the user
If Err.Number <> 0 Then 'Capture any no-LastLogin events
OldYearTime = " - "
NoLastLoginCounter = NoLastLoginCounter + 1 'Accumulating requested DC's
LogonDC = "-"
Else '... Else ... Building up the Array with last logins
ReDim Preserve UserLastLogonArray(x)
UserLastLogonArray(x) = ShowResult & "_" & DC
UserVal = 1 '... User did at least one log on to the Domain
x = x + 1 'Counting up the Array size
End If
If NoLastLoginCounter = 9 Then
UserNeverLoggedOn = True
UsersNoLogonNo = UsersNoLogonNo + 1
End If
Next
MyArraySize = UBound (UserLastLogonArray) + 1
GetDateAndTime()
End Function
'*******************************************************************************************
' Get date and time for all elements in the Array, if any,
' and writing the result to the worksheet.
'*******************************************************************************************
Function GetDateAndTime()
a = 0
i = 0
For a = 1 To MyArraySize Step 1 'Go throug elements in the Array
If UserVal = 0 Then 'If user do not have a LastLogin value, then ...
If NoGo <> 1 Then
OldYearTime = " - "
LogonDC = " - "
End If
ws.Cells(c,1).Select
ws.Cells(c,1).Value = UserObj.Name
objExcel.Selection.Font.ColorIndex = 3
ws.Cells(c,2).Select
ws.Cells(c,2).Value = LogonDC
objExcel.Selection.Font.ColorIndex = 3
ws.Cells(c,3).Select
ws.Cells(c,3).Value = OldYearTime
objExcel.Selection.Font.ColorIndex = 3
If UserNeverLoggedOn = True Then
ws.Cells(c,5).Select
ws.Cells(c,5).Value = "Has Never Logged On"
objExcel.Selection.Font.ColorIndex = 3
End If
ws.Cells(c,7).Value = strWhenCreated
Else
MyDateAndTimePos = InStr (UserLastLogonArray(i), "_")
NewYearTime = Left (UserLastLogonArray(i), MyDateAndTimePos - 1)
MyPeriodPos = InStr (UserLastLogonArray(i), ".")
DC = Mid (UserLastLogonArray(i), (MyDateAndTimePos + 1), MyPeriodPos - (MyDateAndTimePos + 1))
Call LatestLogon (NewYearTime, DC)
Call CheckLogonDates (OldYearTime, LogonDC)
DateTimeCounter = DateTimeCounter + 1
i = i + 1
End If
Next
If MessageVal = 0 Then
ws.Cells(c,1).Value = UserObj.Name
ws.Cells(c,2).Value = LogonDC
ws.Cells(c,3).Value = OldYearTime
ws.Cells(c,8).Value = Flag
If Flag = 515 Or Flag = 547 Then
ws.Cells(c,6).Select
ws.Cells(c,6).Value = "Account Disabled***"
objExcel.Selection.Font.ColorIndex = 3
ws.Cells(c,8).Select
ws.Cells(c,8).Value = Flag
objExcel.Selection.Font.ColorIndex = 3
AccountDisNo = AccountDisNo + 1
End If
ws.Cells(c,7).Value = strWhenCreated
Else
ws.Cells
(c,1).Select
ws.Cells(c,1).Value = UserObj.Name
objExcel.Selection.Font.ColorIndex = 3
ws.Cells(c,2).Select
ws.Cells(c,2).Value = LogonDC
objExcel.Selection.Font.ColorIndex = 3
ws.Cells(c,4).Select
ws.Cells(c,4).Value = OldYearTime
objExcel.Selection.Font.ColorIndex = 3
Users30DaysNo = Users30DaysNo + 1
ws.Cells(c,7).Value = strWhenCreated
ws.Cells(c,8).Value = Flag
End If
DateCreationForUser()
c = c + 1
UserVal = 0
ReDim UserLastLogonArray(x)
OldYearTime = 1
DateTimeCounter = 0
counter = 0
NoLastLoginCounter = 0
UserNeverLoggedOn = False
End Function
'*******************************************************************************************
' Which logon in the UserLastLogonArray is the latest
'*******************************************************************************************
Function LatestLogon(NewYearTime, DC)
If DateTimeCounter >= 1 Then
Pos1 = 0
Pos2 = 0
Pos1 = InStr (NewYearTime, " ")
NewYear = Left (NewYearTime, (Pos1-1))
NewYearVal = Right (NewYear, 4)
OldYearTimeLen = Len (OldYearTime)
If OldYearTimeLen > 2 Then
Pos2 = InStr (OldYearTime, " ")
OldYear = Left (OldYearTime, (Pos2-1))
OldYearVal = Right (OldYear, 4)
If NewYearVal >= OldYearVal Then
If NewYearVal = OldYearVal Then
NewDate = Left (NewYear, 5)
NewMonth = Right (NewDate, 2)
OldDate = Left (OldYear, 5)
OldMonth = Right (OldDate, 2)
If NewMonth >= OldMonth Then
If NewMonth = OldMonth Then
NewDay = Left (NewYear, 2)
OldDay = Left (OldYear, 2)
If NewDay >= OldDay Then
If NewDay = OldDay Then
Pos5 = Len (NewYearTime)
NewTime = Right (NewYearTime, (Pos5-Pos1))
Pos6 = Len (OldYearTime)
OldTime = Right (OldYearTime, (Pos6-Pos2))
If NewTime > OldTime Then
OldYearTime = NewYearTime
LogonDC = DC
End If
Else
OldYearTime = NewYearTime
LogonDC = DC
End If
End If
Else
OldYearTime = NewYearTime
LogonDC = DC
End If
End If
Else
OldYearTime = NewYearTime
LogonDC = DC
End If
End If
End If
End If
If DateTimeCounter < 1 Then
OldYearTime = NewYearTime
LogonDC = DC
End If
MessageVal = 0
End Function
'*******************************************************************************************
' Check to see if the latest logon is older than 30 days
'*******************************************************************************************
Dim MyVal
Function CheckLogonDates (OldYearTime, LogonDC)
User = UserObj.Name
Pos2 = ""
OldYear = ""
OldYearVal = ""
Pos2 = InStr (OldYearTime, " ")
OldYear = Left (OldYearTime, (Pos2-1))
OldYearVal = Right (OldYear, 4)
OldDate = Left (OldYear, 5)
OldMonth = Right (OldDate, 2)
OldDay = Left (OldDate, 2)
NewYearVal = Right (Date, 4)
NewDate = Left (Date, 5)
NewMonth = Right (NewDate, 2)
NewDay = Left (NewDate, 2)
MyVal = (NewMonth - OldMonth)
If OldYearVal <= NewYearVal Then
If OldYearVal < NewYearVal Then
MessageVal = 1
Else
If OldMonth < NewMonth Then
If (NewMonth - OldMonth) < 2 Then
If OldDay <= NewDay Then
MessageVal = 1
End If
Else
MessageVal = 1
End If
End If
End If
End If
End Function
'*******************************************************************************************
' Checking creation date for user account
'*******************************************************************************************
Function DateCreationForUser()
BadSymbol = InStr (1, SearchName, "/", 1) 'Check for bad symbol in canonical name ...
If BadSymbol <> 0 Then
ws.Cells(c,7).Select
ws.Cells(c,7).Value = "Check Manually !"
objExcel.Selection.Font.ColorIndex = 3
NoGo = 1
Else
On Error Resume Next
If UserGotNoOU = True Then
Set objUser = GetObject ("LDAP://cn=" & UserFullName & ",cn=" & TopOU & ",dc=cdas,dc=dk")
If Err.Number <> 0 Then
ws.Cells(c,12).Value = Err.Number
End If
Else
Set objUser = GetObject ("LDAP://cn=" & UserFullName & ",ou=" & TopOU & ",dc=cdas,dc=dk")
If Err.Number <> 0 Then
ws.Cells(c,12).Value = Err.Number
End If
End If
objUser.GetInfo
strWhenCreated = objUser.Get("whenCreated")
ws.Cells(c,7).Value = strWhenCreated
Set objUser = Nothing
End If
End Function
'*******************************************************************************************
' Calling the Functions, Writing final statements to files and displaying the HTML file
'*******************************************************************************************
'Calling the functions in the right order
ControlSyntax()
MakeFolder()
MakeFile()
GetDCforDomain()
'---------------------------
'--- Writing to the Excel file ---
ws.Cells(c,1).Value = "Script started at " & DateTimeVal
c = c + 1
ws.Cells(c,1).Value = "Script Ended at " & Date & " " & Time
Set ws = objExcel.Worksheets(1)
ExcelPath = "c:TempWriteAllUsersLastLogon_" & Date & "_" & FileTime & ".xls"
MsgBox ExcelPath
ws.SaveAs ExcelPath
objExcel.quit
'---------------------------
'---------------------------
'--- Writing to the HTML file ---
WriteFile.Write "<table border='0' cellpadding='0' cellspacing='0'>" & vbCRLf
WriteFile.Write "<tr>" & vbCRLf
WriteFile.Write "<td class='LogText' width='390'>Number of users queried:</td>" & vbCRLf
WriteFile.Write "<td class='LogText' width='10' align='right'>" & (c - 3) & "</td>" & vbCRLf
WriteFile.Write "</tr>" & vbCRLf
WriteFile.Write "<tr>" & vbCRLf
WriteFile.Write "<td class='LogText' width='390'>Number of DC's queried:</td>" & vbCRLf
WriteFile.Write "<td class='LogText' width='10' align='right'>" & UserInDomainNo & "</td>" & vbCRLf
WriteFile.Write "</tr>" & vbCRLf
WriteFile.Write "<tr>" & vbCRLf
WriteFile.Write "<td class='LogText' width='390'>Users that haven't logged on for 30 days or more:</td>" & vbCRLf
WriteFile.Write "<td class='LogText' width='10' align='right'>" & (Users30DaysNo - 1) & "</td>" & vbCRLf
WriteFile.Write "</tr>" & vbCRLf
WriteFile.Write "<tr>" & vbCRLf
WriteFile.Write "<td class='LogText' width='390'>Users that haven't logged on ever:</td>" & vbCRLf
WriteFile.Write "<td class='LogText' width='10' align='right'>" & (UsersNoLogonNo - 1) & "</td>" & vbCRLf
WriteFile.Write "</tr>" & vbCRLf
WriteFile.Write "<tr>" & vbCRLf
WriteFile.Write "<td class='LogText' width='390'>Number of disabled accounts:</td>" & vbCRLf
WriteFile.Write "<td class='LogText' width='10' align='right'>" & AccountDisNo & "</td>" & vbCRLf
WriteFile.Write "</tr>" & vbCRLf
WriteFile.Write "</table>
" & vbCRLf
WriteFile.Write "
" & vbCRLf
WriteFile.Write "<script type=" & chr(34)& "text/vbscript" & chr(34)& " language=" & chr(34)& "VBScript" & chr(34)& ">" & vbCRLf
WriteFile.Write "sub FireExcel()" & vbCRLf
WriteFile.Write " WShell.run " & chr(34)& "excel.exe" & " " & ExcelPath & chr(34) & vbCRLf
WriteFile.Write "end sub" & vbCRLf
WriteFile.Write "</script>" & vbCRLf
WriteFile.Write ""
WriteFile.Write "<font class='LogText'>Click here to open the Excel file: <a href=" & chr(34) & WriteFilePath & "_" & FileTime & ".htm" & chr(34) & "name='FireExcel' onclick='FireExcel'>" & ExcelPath & "</a></font>" & vbCRLf
WriteFile.Write ""
WriteFile.Write "</body>" & vbCRLf & "</html>" & vbCRLf
WriteFile.Close
wshShell.Run """C:Program FilesInternet ExplorerIEXPLORE.EXE""" & WriteFilePath & "_" & FileTime & ".htm"
'---------------------------
MsgBox "The AllUsersLastLogon.vbs script has ended !"