netnerds.net

9Jan/0718

VBScript: Use an LDAP Query to Find All Windows Servers on a Domain

Damn, the ADsDSOObject rocks! This script, which weighs in at less than 20 lines, finds all machines running any form of Windows Server on a given domain. Note that this script isn't useful in finding domain controllers, but rather any machine running Windows Server.

Awesome

'****************************************************************************
' This script created by Chrissy LeMaire (clemaire@gmail.com)
' Website: http://netnerds.net/
'
' This script finds all machines running Windows Server (NT, 2000, 2003) in AD
'
'Msgbox output provides server name and OS version.
'
' NO WARRANTIES, USE THIS AT YOUR OWN RISK, etc.
'*****************************************************************************

Set objAdRootDSE = GetObject("LDAP://RootDSE")
Set objRS = CreateObject("adodb.recordset")

  varConfigNC = objAdRootDSE.Get("defaultNamingContext")
  strConnstring = "Provider=ADsDSOObject"
  strWQL = "SELECT * FROM 'LDAP://" & varConfigNC & "' WHERE objectCategory= 'Computer' and OperatingSystem = 'Windows*Server*'"
  objRS.Open strWQL, strConnstring
    Do until objRS.eof
   Set objServer = GetObject(objRS.Fields.Item(0))
strServerName = objServer.CN
strOperatingSystem = objServer.OperatingSystem
MsgBox strServerName & " is running " & strOperatingSystem
objRS.movenext
   Set objServer = Nothing
    Loop
  objRS.close

Set objRS = Nothing
Set objAdRootDSE = Nothing

Also, I found this nice reference of Command One Liners while searching the web. Totally handy!

Posted by: Chrissy   Filed under: Active Directory, Networking, VBScript Leave a comment
Comments (18) Trackbacks (0)
  1. Jeffery Hicks
    January 11th, 2007 - 07:09

    I’m glad you found the one-liners handy. If you come up with any good ones, I hope you’ll share.

    ( REPLY )
  2. Mike
    February 13th, 2007 - 13:58

    Thank you!

    This is just what I have been looking for!

    Mike

    ( REPLY )
  3. MHC
    June 17th, 2008 - 07:47

    Perfect, works right out of the box.

    ( REPLY )
  4. Mark C
    November 11th, 2008 - 21:03

    That’s a great script. However, is it possible to have the results outputted to a .csv file rather than being displayed in a message box?

    ( REPLY )
  5. Andrew
    November 18th, 2008 - 04:40

    hi – wondering if you could help me with getting this output into a txt file?

    I’m a scripting newbie!

    Thanks

    ( REPLY )
  6. Trond Hindenes
    November 20th, 2008 - 18:20

    Andrew,
    Change the MsgBox to wscript.echo, save your script and run like this:

    cscript myscriptfile.vbs >C:\output.txt

    The easist way to pipe to a text file instead of screen.

    -Trond

    ( REPLY )
  7. Jerry Tienter
    November 30th, 2008 - 18:33

    Hi,

    This is a GREAT script. Could you please add some code to identify the sql server instances running on the server with the users and permissions?

    Thanks.

    ( REPLY )
  8. joesph.sakar
    January 8th, 2009 - 23:59

    How do we enumerate AD windows servers in a domain across the trust

    ( REPLY )
  9. Richard Gardner
    March 20th, 2009 - 11:08

    ” joesph.sakar | January 8, 2009 @ 11:59 pm
    How do we enumerate AD windows servers in a domain across the trust”

    I have not tried that but I would have to assume that you would need a few things to enumerate any info across trusts, and even then, I believe you would need to have rights granted in those trusted domains. You may even have to have an account in that domian, and instead change context

    ‘this line here presumes you are “in” the context for the information you are trying to seek.

    Set objAdRootDSE = GetObject(“LDAP://RootDSE”)

    You can instead explicitly note the context you want, and provide credentials, with a traditional LDAP bind/query.

    Remember that to get all fancy with code will usually lead to frustration, and to KISS. Usually, you already have a relationship with a local domain admin for the trusted domain, and you can simply hand him this script that Chrissy generously provides above. Or they can give you or you already have admin rights, if you are centrally managing the trusted domains from your central administrative domain.

    From within the central domain, you can only gain certain amounts of info about a trust (which equates to what the GUI gives you), see:

    http://www.activexperts.com/activmonitor/windowsmanagement/adminscripts/monitoring/ad/#EnumTrusRelationShips.htm

    Cheers!

    ( REPLY )
  10. Edward Hong
    March 31st, 2009 - 13:46

    I used this script and it worked great, but I discovered that I’m running into a limitation of 1000 records. Any idea why, and any idea how I can increase the limit? (Yes, I’m dealing with a pretty huge AD structure). If I have to, I can change the Select criteria to search for OS versions individually, but I was hoping for a simple answer to this. Thanks!

    ( REPLY )
  11. Ryan
    June 6th, 2009 - 12:46

    Edward,

    I know it has been a while since you posted this, but I thought I would reply to you about your question. LDAP limits its results to 1000 by default.

    Not sure how to get around this through a vbscript, but I ran into this on a vb.net app I built a few years ago.

    ( REPLY )
  12. Alex
    September 24th, 2009 - 13:36

    If you are looking for a powershell version, you could try this:

    $strOperatingSystem = “Windows*Server*”

    $objDomain = New-Object System.DirectoryServices.DirectoryEntry

    $objSearcher = New-Object System.DirectoryServices.DirectorySearcher
    $objSearcher.SearchRoot = $objDomain

    $objSearcher.Filter = (“OperatingSystem=$strOperatingSystem”)

    $colProplist = “name”
    foreach ($i in $colPropList){$objSearcher.PropertiesToLoad.Add($i)}

    $colResults = $objSearcher.FindAll()

    foreach ($objResult in $colResults)
    {
    $objComputer = $objResult.Properties;
    $objComputer.name
    }

    ( REPLY )
  13. Grant Pagliaro
    October 26th, 2009 - 21:45

    Thanks, had a similar requirement and this helped a lot.

    ( REPLY )
  14. Catalin
    April 6th, 2010 - 02:28

    Looks great! Thank you very much!

    Does anyone know what I should change to get this script to enumerate all servers from the entire forest?

    Thanks in advance

    ( REPLY )
  15. Catalin
    April 6th, 2010 - 04:49

    –EDIT–
    Found how: — just replace:

    <> in
    varConfigNC = objAdRootDSE.Get(“defaultNamingContext”)

    with

    <>

    Still, I am reaching the 1000 limit too :(

    ( REPLY )
  16. MountyTech
    November 18th, 2010 - 16:40

    Hi,

    Thanks for the script. Do you know how I could limit the search by OU? Not the whole domain.

    Thanks

    ( REPLY )
  17. Toxie
    December 30th, 2011 - 20:48

    By default, mazpagesize is set to 1000 so only 1000 results will be returned. It's an AD thing.

    ntdsutil "LDAP Policies" connections "connect to server %DCNAME%" q "set maxpagesize to 3000" "commit changes" q q

    ( REPLY )

Leave a comment


No trackbacks yet.

« VBScript: Enumerate All SQL Servers on a Domain CHM: The Best E-Book Ever for Windows/SQL/Exchange/IIS Admins Now Half Off! »

About

    We are IT consultants who grew up living and loving life in Cajun Country.

Authors


    Chrissy LeMaire
    View Chrissy LeMaire, BSc. MCITP's profile on LinkedIn


    Brandon Abshire
    View Brandon Abshire, MCDBA's profile on LinkedIn

Categories