Export (0) Print
Expand All

Reading Attributes of Directory Service Objects

Microsoft® Windows® 2000 Scripting Guide

The preceding sections described how to create an OU, a user account, and a group, and set the description attribute on each of these objects. The next common task is to read an attribute of each object.

Reading an Active Directory object's attributes involves two simple steps:

  1. Connect to the Active Directory object you want to read.

  2. Read one or more of the object's attributes.

The goal of the three scripts in this section will be to read the description attribute of the HR OU, the MyerKen user account, and the Atl-Users group and display their values on the screen.

Important

  • Command window output generated by the CScript script host follows each script example that echoes information to the screen. If you run these scripts, be sure you use CScript because some of the scripts contain a significant amount of output. This makes WScript an inappropriate scripting host for running these scripts.

Reading an Attribute of an OU

The script in Listing 5.8 reads and displays the description attribute of the OU named HR in the na.fabrikam.com domain. To carry out this task, the script performs the following steps:

  1. Connect to the HR OU object in the na.fabrikam.com domain.

  2. Read the object's description attribute.

Listing 5.8 Reading the description Attribute of an OU

  
1
2


Set objOU = GetObject("LDAP://ou=HR,dc=NA,dc=fabrikam,dc=com")
Wscript.Echo objOU.Get("description")

When this script runs in the na.fabrikam.com domain, it echoes the description of the HR OU to the command window, as shown:



Human Resources

Reading an Attribute of a User Account

The script in Listing 5.9 reads and displays the description attribute of the user account named MyerKen, located in the HR OU of the na.fabrikam.com domain.

  1. Connect to the MyerKen user account object in the HR OU of the na.fabrikam.com domain.

  2. Read the object's description attribute.

Listing 5.9 Reading the description Attribute of a User Account

  
1
2
3


Set objUser = _
 GetObject("LDAP://cn=MyerKen,ou=HR,dc=NA,dc=fabrikam,dc=com")
Wscript.Echo objUser.Get("description")

When this script runs in the na.fabrikam.com domain, it echoes the description of the user account to the command window, as shown:



HR employee

Reading an Attribute of a Group

The script in Listing 5.10 reads and displays the description attribute of a global group named Atl-Users, located in the HR OU of the na.fabrikam.com domain.

  1. Connect to the Atl-Users group in the HR OU of the na.fabrikam.com domain.

  2. Read the object's description attribute.

Listing 5.10 Reading the description Attribute of a Group

  
1
2
3


Set objGroup = _
 GetObject("LDAP://cn=Atl-Users,ou=HR,dc=NA,dc=fabrikam,dc=com")
Wscript.Echo objGroup.Get("description")

When this script runs in the na.fabrikam.com domain, it echoes the description of the group to the command window, as shown:



Atlanta users

Important observations about the scripts in this section:

  • They perform the same basic steps: They connect to an Active Directory object and read an attribute of the object.

  • They use the same method (Get) without regard to the class of object being read.

As demonstrated in this section, the process for reading attributes is uniform from one object to the next. In fact, within a particular task, the steps you follow from one object to the next are consistent. This consistency empowers you to write scripts that can read thousands of attributes from the many objects stored in Active Directory.

Was this page helpful?
(1500 characters remaining)
Thank you for your feedback
Show:
© 2014 Microsoft