List Active Directory Objects SID

By | September 28, 2006

Ok, I want to make things easy when looking for an object in the registry.
I hate when their are a million SIDs and I have to search through a few to find what I am looking for.
This script will allow you to pull all objects and their SID and write it to a text file.

———-COPY EVERYTHING BELOW THIS LINE———-

‘This script will list all objects in your domain along with their SIDs.
‘Created by Cheyenne Harden September 28 2006

On Error Resume Next

Const ADS_SCOPE_SUBTREE = 2
Const OPEN_FILE_FOR_WRITING = 2
Const ForReading = 1

Wscript.Echo “The output will be written to C:\SID.txt”

strFile = “SID.txt”
strWritePath = “C:\” & strFile
strDirectory = “C:\”

Set objFSO1 = CreateObject(“Scripting.FileSystemObject”)

If objFSO1.FileExists(strWritePath) Then
Set objFolder = objFSO1.GetFile(strWritePath)

Else
Set objFile = objFSO1.CreateTextFile(strDirectory & strFile)
objFile = “”

End If

Set fso = CreateObject(“Scripting.FileSystemObject”)
Set textFile = fso.OpenTextFile(strWritePath, OPEN_FILE_FOR_WRITING)

Set objConnection = CreateObject(“ADODB.Connection”)
Set objCommand =   CreateObject(“ADODB.Command”)
objConnection.Provider = “ADsDSOObject”
objConnection.Open “Active Directory Provider”

Set objCOmmand.ActiveConnection = objConnection
objCommand.CommandText = _
“Select Name, Location from ‘LDAP://DC=YOUR DOMAIN HERE,DC=SUFFIX’ ” _
& “Where objectClass=’user'” 
objCommand.Properties(“Page Size”) = 1000
objCommand.Properties(“Searchscope”) = ADS_SCOPE_SUBTREE
Set objRecordSet = objCommand.Execute
objRecordSet.MoveFirst

Do Until objRecordSet.EOF

sUser = objRecordSet.Fields(“Name”).Value
sDomain = “YOUR DOMAIN HERE”

Set oUserAccount = GetObject(“winmgmts://./root/cimv2”) _
.Get(“Win32_UserAccount.Domain='” & sDomain & “‘” _
& “,Name='” & sUser & “‘”)

sUserSID = oUserAccount.SID
textFile.WriteLine (“Object: ” & sUser & ”  ” &” SID: ” & sUserSID)
objRecordSet.MoveNext
Loop

Set objFSO = CreateObject(“Scripting.FileSystemObject”)
Set objArgs = Wscript.Arguments
Set objTextFile = objFSO.OpenTextFile(strWritePath, ForReading)

Do Until objTextFile.AtEndOfStream
strReg = objTextFile.Readline
Loop

WScript.Echo “Task Completed!”

 

———-COPY EVERYTHING ABOVE THIS LINE———-

 

PLEASE MAKE SURE NO WORD WRAPPING IS HAPPENING IN YOUR SCRIPT!!!

To make this script work you will need three things!

1. You will need the name of your domain and place it where you see “YOUR DOMAIN HERE”.
2. You will need the suffix for your domain (e.g. com, org, local). Place it where you see “SUFFIX”.
3. You will need to be an Admin.

 

This information is provided “AS IS” with no warranties expressed or implied.

Leave a Reply

Your email address will not be published. Required fields are marked *