Hey, Scripting Guy! Is there any way to get a list of all the user accounts in Active Directory?
— CB, Fremont, CA
Hey, CB. By far the quickest and easiest way to do this is to search Active Directory for all your user accounts. Here’s a sample script that searches the fabrikam.com domain; to search your own domain, just edit the LDAP connection string (‘LDAP://dc=fabrikam,dc=com’) as needed. For example, if your domain is named contoso.com, you’d change the connection string to ‘LDAP://dc=contoso,dc=com’.
On Error Resume Next
Const ADS_SCOPE_SUBTREE = 2
Set objConnection = CreateObject(“ADODB.Connection”)
Set objCommand = CreateObject(“ADODB.Command”)
objConnection.Provider = “ADsDSOObject”
objConnection.Open “Active Directory Provider”
Set objCommand.ActiveConnection = objConnection
objCommand.Properties(“Page Size”) = 1000
objCommand.Properties(“Searchscope”) = ADS_SCOPE_SUBTREE
objCommand.CommandText = _
“SELECT Name FROM ‘LDAP://dc=fabrikam,dc=com’ WHERE objectCategory=’user'”
Set objRecordSet = objCommand.Execute
Do Until objRecordSet.EOF
There’s too much going on in this script to explain it all here; if you’re interested in how and why this works, and what else you can search for in Active Directory, you might want to take a look at a previous Scripting Guys’ webcast on this very topic.