Sunday, August 1, 2010

Search Users from Multiple Domains Using a Common Attribute–PowerShell Script

This script searches 2 Active Directory domains using a common matching attribute value (employeeID) and creates an out file with Source SamAccountName, Target SamAccountName and Name.  You can use this script if you are performing user migrations and merging user accounts during the migration.

image

Input file – Empid.csv – contains all employee IDs.

image

Output file – UserInfo.txt - The script generates a TAB delimited file output which contains Source SamAccountName, Target SamAccountName and Name files.

image

In this script I am using employeeID as the common attribute to search user account in the source (ss-infra.lab) and target (santhosh.lab) domains.

Download:

http://www.sivarajan.com/scripts/Search_Multiple_Domains_Using_EmpID.txt

4 comments:

During migrations we often require to find duplicate accounts ( users, groups or computers) between source and target domains. How can this script be used to accomplish this. Thanks.

Duplicate Names? It depends on the attribute. You can change the attribute filter in the script. I am using Employee ID. Also update the input file with correct values.

Hi Santosh,

need your help.. I want a script which will read users NT name from txt file. search in three child trusted domains & if found add them to a group. This group is located in domain1.

Users are located in multiple OUs and could reside in any domain.
Input file users.txt contains only user name in the following format:

user12345
user23456
user34567
user45678
so on.....

Can you please help asap.
======================
Option Explicit

Dim objRootDSE, strDNSDomain, objTrans, strNetBIOSDomain
Dim strFile, objFSO, objFile, strNTName, strDN, objGroup, strGroup
Dim objUser

Const ForReading = 1
' Constants for the NameTranslate object.
Const ADS_NAME_INITTYPE_GC = 3
Const ADS_NAME_TYPE_NT4 = 3
Const ADS_NAME_TYPE_1779 = 1

' Specify Network path of file of user names.
strFile = "\\server\c$\test\users.csv"
strGroup = "DL_TEST_SCRIPT_GROUP"

strNetBIOSDomain1 = "domain1_local"
strNetBIOSDomain2 = "domain2.local"
strNetBIOSDomain3 = "domain3.local"

' Bind to the group object in Active Directory, using the WinNT provider.
On Error Resume Next
Set objGroup = GetObject("WinNT://" & strNetBIOSDomain1 & "/" _
& strGroup & ",group")

' Use FSO to open text file for read access.
Set objFSO = CreateObject("Scripting.FileSystemObject")
Set objFile = objFSO.OpenTextFile(strFile, ForReading)


' Read the file.
Do Until objFile.AtEndOfStream
' Read user name.
strNTName = Trim(objFile.ReadLine)
' Skip blank lines.
If (strNTName <> "") Then
On Error Resume Next
Set objUser = GetObject("WinNT://" & strNetBIOSDomain1 & "/" _
& strNTName & ",user")
If (Err.Number <> 0) Then
On Error GoTo 0
End If

Set objUser = GetObject("WinNT://" & strNetBIOSDomain2 & "/" _
& strNTName & ",user")
If (Err.Number <> 0) Then
On Error GoTo 0
End If

Set objUser = GetObject("WinNT://" & strNetBIOSDomain3 & "/" _
& strNTName & ",user")
If (Err.Number <> 0) Then
On Error GoTo 0
End If
Else

' Check if the user is already a member of the group.
If (objGroup.IsMember(objUser.AdsPath) = True) Then
Wscript.Echo "User " & strNTName & " is already member of specified group."
Else
' Add user to the group.
objGroup.Add(objUser.AdsPath)
Wscript.Echo "User " & strNTName & " has been added to Group."
End If
End If
Loop

' Clean up.
objFile.Close


Thanks, MPG

Post a Comment

Popular Posts

Share

Twitter Delicious Facebook Digg Stumbleupon Favorites More