Recommend this page to a friend! |
All requests | > | Get disabled users and mobile number ... | > | Request new recommendation | > | Featured requests | > | No recommendations |
by Shidong Wang - 13 days ago (2016-10-18)
+3 | I have the domain administrator account but cannot execute powershell since it is disabled on my workstation. Thus I need one script, which can get a list of disabled users. I also need a list of mobile numbers of all users. It would be better if the script can run automatically once a week and send me an email. |
3. by muabshir - 7 days ago (2016-10-24) Reply
Hi Shidong Wang
I have worked on your problem and its seems quite interesting to me so I develop an small script for you I hope it might be helpful to you
<?php / * Get a list of users from Active Directory. */
$ldap_connection = ldap_connect("XX.XX.XX.XX","389"); /////////// Please enter IP of your AD for connection if (FALSE === $ldap_connection){
// Uh-oh, something is wrong...
}
// We have to set this option for the version of Active Directory we are using.
ldap_set_option($ldap_connection, LDAP_OPT_PROTOCOL_VERSION, 3) or die('Unable to set LDAP protocol version');
ldap_set_option($ldap_connection, LDAP_OPT_SIZELIMIT,10);
ldap_set_option($ldap_connection, LDAP_OPT_REFERRALS, 0); // We need this for doing an LDAP search.
if (TRUE === ldap_bind($ldap_connection, $ldap_username, $ldap_password)){
$ldap_base_dn = 'DC=00,DC=00m,DC=00'; /////// you need to set your BASE DN like domain name.com.org in this configration
$search_filter = '(&(objectCategory=person)(useraccountcontrol=514))'; ////514 is the ID of all inactive accounts
$attributes = array();
/// you can add more attributes as per your requirement ////
$attributes[] = 'givenname';
$attributes[] = 'mail';
$attributes[] = 'samaccountname';
$attributes[] = 'sn';
$attributes[] = 'useraccountcontrol'; $attributes[] = 'initials';
$result = ldap_search($ldap_connection, $ldap_base_dn, $search_filter, $attributes,null,995,1000,null);
if (FALSE !== $result){
$entries = ldap_get_entries($ldap_connection, $result);
for ($x=0; $x<$entries['count']; $x++){
if (!empty($entries[$x]['givenname'][0]) &&
!empty($entries[$x]['mail'][0]) &&
!empty($entries[$x]['samaccountname'][0]) &&
!empty($entries[$x]['sn'][0]) &&
'Shop' !== $entries[$x]['sn'][0] &&
'Account' !== $entries[$x]['sn'][0] &&
'User_Account' !== $entries[$x]['useraccountcontrol'][0] &&
'EIN' !== $entries[$x]['initials'][0]){
$ad_users[strtoupper(trim($entries[$x]['samaccountname'][0]))] = array('email' => strtolower(trim($entries[$x]['mail'][0])),'first_name' => trim($entries[$x]['givenname'][0]),'last_name' => trim($entries[$x]['sn'][0]), 'User_Account' => trim($entries[$x]['useraccountcontrol'][0]),'EIN' => trim($entries[$x]['initials'][0]));
echo "<pre>";
print_r($ad_users);
}
}
}
ldap_unbind($ldap_connection); // Clean up after ourselves.
}
echo "Retrieved ". count($ad_users) ." Active Directory users\n";
?>
if you want to know the exact naming convention of attributes please search this on google "List of LDAP Attributes Supported by ADMP " and visit manageengine dot come url
mail function is so easy you can attach any mail function with this code or directly copy past this code in excel
if you need more help plz feel free to contact me mubashir7 at gmail.com
i hope this code solve your problem
regards Mubashir Alam
6. by Shidong Wang - 6 days ago (2016-10-24) in reply to comment 3 by muabshir Comment
Hey Mubashir ,
thanks a lot... This is exactly what I want, I will run and test it.
Regards, Shidong
8. by muabshir - 6 days ago (2016-10-24) in reply to comment 6 by Shidong Wang Comment
ur welcome Shidong if you need any further help please email me
10. by Manuel Lemos - Less than 1 hour ago (2016-10-31) in reply to comment 8 by muabshir Comment
Mubashir, if this solves the problem, you could wrap that code in a class and submit to the site, so others can also benefit of the solution. Then post the package recommendation here.
Just make sure you wrap the code in a class.
1. by Oleg Zorin - 8 days ago (2016-10-23) Reply
Hi, Shidong Wang.
I see no reason to use some class for your task. It's quite simple:
$res = PDO->prepare(SELECT * FROM users
WHERE status
= :status ORDER BY name
ASC);
$res->setFetchMode(PDO::FETCH_ASSOC);
$res->execute(array('status' => $disabled_status));
$message = '<p>Disabled users:</p>';
while($lot = $res->fetch()) {
$message .= '<p>' . $lot['name'] . ' ' . $lot['phone'] . '</p>';
}
2. by muabshir - 7 days ago (2016-10-24) in reply to comment 1 by Oleg Zorin Comment
But in this code how we communicate with the domain controler
4. by Oleg Zorin - 7 days ago (2016-10-24) in reply to comment 2 by muabshir Comment
Probably I miss something in your request, but...
I think that you have some DB with your user's information and statuses. And you want to get some data from DB once in a week. Right?
So put this script in separate file. And run it with CRON (for unix server) or Task Manager (for win server) once per week.
5. by muabshir - 7 days ago (2016-10-24) in reply to comment 4 by Oleg Zorin Comment
Oleg Zorin i don't think they have any DB or table currently according to the statement they have domain controller and he only want to get the list of disable users from domain controller, furthermore he also don't have any script to run as cron
7. by Shidong Wang - 6 days ago (2016-10-24) in reply to comment 5 by muabshir Comment
You are absolutely right. Thanks very much for your clarification to Oleg. :-)
9. by Manuel Lemos - Less than 1 hour ago (2016-10-31) in reply to comment 4 by Oleg Zorin Comment
Oleg he is talking about Windows users. There are some WMI classes that can help but I don't know Windows.
0 | by Manuel Lemos 15980 - Less than 1 hour ago (2016-10-31) Comment For Windows users there is this general WMI class that can query local or remote Windows instances. I am not sure what exactly would ne the query but I guess Christian, the author, may help you on this. |
Recommend package | |
|