代码之家  ›  专栏  ›  技术社区  ›  er4z0r

使用vbscript和Active Directory通过sid查找用户电子邮件

adsi active-directory vbscript windows
  •  0
  • er4z0r  · 技术社区  · 15 年前

    我正在分析有关Windows系统上用户帐户更改的日志消息。 我想通知用户更改,因此我需要检索他们的个人信息 来自Active Directory的信息(第一个、最后一个、电子邮件)。

    我已经找到了一种检索用户名的方法,但这只能通过WMI而不是ADSI: 

    Function FindUser(Message)
    Dim objWMIService
    Dim strAccountRegex
    Dim objRegex
    Dim objMatch
    Dim strComputer
    Dim objUser
    Dim objShell


    strAccountRegex = "(\%\{[A-Z,0-9,\-]*\})"
    strComputer = "."

    Wscript.StdOut.writeLine "Querying WMI to retrieve user-data" 

    Set objWMIService = GetObject("winmgmts:\\" & strComputer & "\root\cimv2")
    Set objShell    = WScript.CreateObject("WScript.Shell")
    Set objRegex    = new RegExp
    objRegex.Pattern= strAccountRegex
    for each objMatch in objRegex.Execute(Message)
            REM Wscript.StdOut.writeLine "Found an Account ID: " & objMatch.value
            Dim strSID
            strSID=NormalizeSID(objMatch.value)
            REM Wscript.Echo "SID after escaping: " & strSID
            Set objUser = objWMIService.Get _
            ("Win32_SID.SID='" & strSID & "'")
    next
    FindUser=objUser.ReferencedDomainName & "\" & objUser.AccountName
End Function

    它工作正常,但我想通过Active Directory而不是通过WMI来完成。 你能帮助我吗?

    1 回复  |  直到 15 年前
        1
  •  0
  •   er4z0r    15 年前

    好啊。我找到了一种通过Active Directory执行此操作的方法。 对于强制力,这里是代码: 

    REM Converts the SID into a from, that can be processed by WMI
Function NormalizeSid(strSidToNormalize)
  Dim regEx,strReplace
  strReplace=""
  ' Create regular expression.
  Set regEx = New RegExp
  regEx.Global  = True
  regEx.Pattern = "(%|{|})"
  regEx.IgnoreCase = True

  ' Make replacement.
  NormalizeSid = regEx.Replace(strSidToNormalize, strReplace)
End Function

REM Searches for a SID the in the Message that was passed as argument
REM SID returned will be of the  form %{S-1-5-21-3968247570-3627839482-368725868-1110}
REM NOTE: Neither WMI nor ADSI will accept this. Use NormalizeSid like in FindUser
Function FindSidInMessage(Message)
    Dim strAccountRegex
    Dim objRegex
    Dim objMatch
    Dim strSID

    strAccountRegex = "(\%\{S\-[,0-9,\-]*\})"
    Set objRegex    = new RegExp
    objRegex.Pattern= strAccountRegex

    for each objMatch in objRegex.Execute(Message)
            REM Wscript.StdOut.writeLine "Found an Account ID: " & objMatch.value
            strSID=objMatch.value
    next

    FindSidInMessage=strSID
End Function 

REM Searches Directory for the User matching the SID passed as parameter
Function FindUser(userSID)
    Dim normalizedSID
    Dim objUser

    normalizedSID=NormalizeSid(userSID)
    Wscript.Echo "SID after escaping: " & normalizedSID

    Wscript.StdOut.writeLine "Querying AD to retrieve user-data" 
    Set objUser = GetObject("LDAP://<SID="& normalizedSID & ">")
    FindUser=objUser.EmailAddress
End Function

    希望这对其他人有用。

    推荐文章
    关于   移动版
    代码之家 - 一站式码农服务社区
    沪ICP备11025650号