Active Directory: E-mail Notification for Newly Added Users and Computers

Recently, someone asked if there was a way to be notified when servers have been added to an Active Directory domain. I looked around the Internet and it seems there’s not a direct way to do this without some large software package. So in lieu of having an instant notification, I created a script that tallies up newly added user and computer accounts and emails the admin with all the info. This script is initially setup to be run once a day, but you can modify to whatever frequency you want.

I really expected this to take at most a couple hours to write but parsing through all the data turned out to take a heckofa lot of time. From converting the desired comparison date to UTC to parsing the AD attribute memberOf, I spent a good day working on this. I learned a lot, though and found this page which details the AD schema to be very helpful.

If you need anything more than this, you may want to consider an enterprise-type administration package such as Microsoft’s MOM.

ADAddedUsersNComputers.vbs

'****************************************************************************
' This script created by Chrissy LeMaire ([email protected])
' Website: http://netnerds.net/
'
' ADAddedUsersNComputers.vbs
'
' This script Checks AD for any additions made to Users or Computers
' in the past 24 hours. The time interval to check can be changed below.
'
' NO WARRANTIES, USE THIS AT YOUR OWN RISK, etc.
'*****************************************************************************

'Please modify these four settings
strSMTPServer = "myexchangeserver"
strEmailFrom = "Administrator  <[email protected]>"
strEmailTo = "Administrator <[email protected]>"

strTimeInUTC = CompareDateUTCConvert("h",-24) 'This is the same syntax as dateAdd(). The example will get new users/computers added in the past 24 hours.

'Unless you want to change the domain to check or the format of the emailed info, nothing below really needs to be modified.
On Error Resume Next
numPersonCount = 0
numComputerCount = 0

Set objAdRootDSE = GetObject("LDAP://RootDSE")
Set objRS = CreateObject("adodb.recordset")
varConfigNC = objAdRootDSE.Get("defaultNamingContext")
strConnstring = "Provider=ADsDSOObject"
strWQL = "SELECT ADsPath FROM 'LDAP://" & varConfigNC & "' WHERE createTimeStamp > '" & strTimeInUTC & "' and (objectCategory = 'Person' or objectCategory = 'Computer')"

objRS.Open strWQL, strConnstring
Do until objRS.eof
Set objADUserOrComputer = GetObject(objRS.Fields.Item(0))
strObjectCategory = ParseDN(objADUserOrComputer.objectCategory)

Select Case strObjectCategory
Case "Person"
numPersonCount = numPersonCount + 1
If Len(objADUserOrComputer.displayName) > 0 Then strUserMsg = strUserMsg & vbCrLf & "displayName = " & objADUserOrComputer.displayName
'strUserMsg = strUserMsg & vbCrLf & "distinguishedName = " & objADUserOrComputer.distinguishedName
strUserMsg = strUserMsg & vbCrLf & "sAMAccountName = " & objADUserOrComputer.sAMAccountName
strUserMsg = strUserMsg & vbCrLf & "sAMAccountType = " & SAMAccountTypetoName(objADUserOrComputer.sAMAccountType)
strUserMsg = strUserMsg & vbCrLf & "whenChanged = " & objADUserOrComputer.whenChanged
strUserMsg = strUserMsg & vbCrLf & "whenCreated = " & objADUserOrComputer.whenCreated
strUserGroups = ParseMemberOf(objADUserOrComputer.memberOf,objADUserOrComputer.PrimaryGroupID)
strUserMsg = strUserMsg & vbCrLf & "Member Of: " & strUserGroups
If Len(objADUserOrComputer.userPrincipalName) > 0 Then strUserMsg = strUserMsg & vbCrLf & "userPrincipalName = " & objADUserOrComputer.userPrincipalName
strUserMsg = strUserMsg & vbCrLf
Case "Computer"
numComputerCount = numComputerCount + 1
strCompMsg = strCompMsg & vbCrLf & "dNSHostName = " & objADUserOrComputer.dNSHostName
strCompMsg = strCompMsg & vbCrLf & "isCriticalSystemObject = " & objADUserOrComputer.isCriticalSystemObject
strCompMsg = strCompMsg & vbCrLf & "operatingSystem = " & objADUserOrComputer.operatingSystem
strCompMsg = strCompMsg & vbCrLf & "operatingSystemServicePack = " & objADUserOrComputer.operatingSystemServicePack
strCompMsg = strCompMsg & vbCrLf & "operatingSystemVersion = " & objADUserOrComputer.operatingSystemVersion
If InStr(objADUserOrComputer.rIDSetReferences,"Domain Controller") > 0 Then strCompMsg = strCompMsg & vbCrLf & "Domain Controller = Yes"
If Len(objADUserOrComputer.description) > 0 Then strCompMsg = strCompMsg & vbCrLf & "description = " & objADUserOrComputer.description
If Len(objADUserOrComputer.machineRole) > 0 Then strCompMsg = strCompMsg & vbCrLf & "machineRole = " & objADUserOrComputer.machineRole
If Len(objADUserOrComputer.physicalLocationObject) > 0 Then strCompMsg = strCompMsg & vbCrLf & "physicalLocationObject = " & ParseDN(objADUserOrComputer.physicalLocationObject)
strCompMsg = strCompMsg & vbCrLf
End Select
objRS.movenext
Set objADUserOrComputer = Nothing
Loop
objRS.close
Set objRS = Nothing
Set objAdRootDSE = Nothing

If Len(strUserMsg) > 0 Then strEmailMessage = strEmailMessage & "--------- USERS ---------" & vbCrLf & strUserMsg & vbCrLf
If Len(strCompMsg) > 0 Then strEmailMessage = strEmailMessage & "--------- COMPUTERS ---------" & vbCrLf & strCompMsg
If Len(strUserMsg) = 0 And Len(strCompMsg) = 0 Then strEmailMessage = "No users or computers have been added in the last 24 hours."

Set objCDO = CreateObject("CDO.Message")
    objCDO.Subject = "Users Added: " & numPersonCount & ". Computers Added: " & numComputerCount & "."
    objCDO.From = strEmailFrom
    objCDO.To = strEmailTo
    objCDO.TextBody = strEmailMessage
    objCDO.Configuration.Fields.Item("http://schemas.microsoft.com/cdo/configuration/sendusing") = 2 'cdoSendUsingPort (1 = local, 3 = Exchange)
    objCDO.Configuration.Fields.Item("http://schemas.microsoft.com/cdo/configuration/smtpserver") = strSMTPServer
    objCDO.Configuration.Fields.Item("http://schemas.microsoft.com/cdo/configuration/smtpserverport") = 25
    objCDO.Configuration.Fields.Update
    objCDO.Send
    set objCDO = Nothing

Function CompareDateUTCConvert(dateAddInterval,compareNumber)
'Wow, this is a lil complex. So createTimestamp is in UTC format.
'So first we grab your machine's time bias and then apply it.
'Next, we adjust the date to the one you specified above (now()-24hours by default)
'Finally, we parse the final date to UTC format ie. 20070207032200.0Z

Set objSWbemServices = GetObject("winmgmts:" & "{impersonationLevel=impersonate}!\.\root\cimv2")
Set colTimeZone = objSWbemServices.ExecQuery("SELECT * FROM Win32_TimeZone")
For Each objTimeZone in colTimeZone
strBias = objTimeZone.Bias
Next
Set colTimeZone = Nothing
Set objSWbemServices = Nothing
strCompareDate = dateAdd(dateAddInterval,compareNumber,now())
strUTCCompare = DateAdd("n",strBias*(-1),strCompareDate)
CurrentUTC = Year(strUTCCompare) & Right("0" & Month(strUTCCompare),2) & Right("0" & Day(strUTCCompare),2)
CurrentUTC = CurrentUTC & Right("0" & Hour(strUTCCompare),2) & Right("0" & Minute(strUTCCompare),2) & Right("0" & Second(strUTCCompare),2) & ".0Z"
CompareDateUTCConvert = CurrentUTC
End Function

Function ParseDN(strDN)
'Take a DN and extract what we want then make it pretty.
arrDN = split(strDN,",") 'CN=Example-Thing,CN=Whatever,CN=Etc
strDN = right(arrDN(0),len(arrDN(0))-3) 'CN=Example-Thing -> Example-Thing
strDN = replace(strDN,"-"," ") 'Example Thing
ParseDN = strDN
End Function

Function ParseMemberOf(memberof,primarygroupid)
'This shows what groups a person belongs to.
'The output of memberof changes depending on
'how many groups the user is a member of, etc.
Select Case TypeName(memberof)
Case "String" ParseMemberOf = ParseDN(memberof)
Case "Empty" ParseMemberOf = PrimaryGroupIDtoName(primarygroupid,varConfigNC)
Case "Variant()"
For each groupDN in memberof
strUserGroups = strUserGroups & vbCrLf & ParseDN(groupDN)
Next
ParseMemberOf = strUserGroups
Case Else ParseMemberOf = "Unknown"
End Select
End Function

Function SAMAccountTypetoName(theType)
'Just makin it more useful...
Select Case theType
Case 268435456 SAMAccountTypetoName = "Group Object"
Case 268435457 SAMAccountTypetoName = "Non-Security Group Object"
Case 536870912 SAMAccountTypetoName = "Alias Object"
Case 536870913 SAMAccountTypetoName = "Non-Security Alias Object"
Case 805306368 SAMAccountTypetoName = "Normal User Account"
Case 805306369 SAMAccountTypetoName = "Machine Account"
Case 805306370 SAMAccountTypetoName = "Trust Account"
Case 1073741824 SAMAccountTypetoName = "App Basic Group"
Case 1073741825 SAMAccountTypetoName = "App Query Group"
Case 2147483647 SAMAccountTypetoName = "Account Type Max"
Case Else SAMAccountTypetoName = "Unknown"
End Select
End Function

Function PrimaryGroupIDtoName(PGID,varConfigNC)
'Ugh.. the alternative to this function can be found here:
'http://support.microsoft.com/kb/297951
'both are kinda nasty.
  Set objRSPGID = CreateObject("adodb.recordset")
    Connstring = "Provider=ADsDSOObject"
    strSQL = "<ldap://" & varConfigNC & ">;(objectCategory=group);distinguishedName,primaryGroupToken,name;subtree"
objRSPGID.Open strSQL, Connstring
      If not objRSPGID.eof and not objRSPGID.bof Then
       Do until objRSPGID.eof Or Len(strGroupName) > 0
       If PGID = objRSPGID("primaryGroupToken") Then strGroupName = objRSPGID("name")
       objRSPGID.movenext
     Loop
      End If
     objRSPGID.close
  Set objRSPGID = Nothing
  If Len(strGroupName) = 0 Then strGroupName = "Unknown"
  PrimaryGroupIDtoName = strGroupName
End Function

To schedule this, save the above code as ADAddedUsersNComputers.vbs in C:\scripts (for ex.) and use Scheduled Tasks to run the following command: %windir%\system32\wscript.exe C:\scripts\ADAddedUsersNComputers.vbs. I suggest running it daily at the end of each workday.

Chrissy is a PowerShell MVP who has worked in IT for nearly 20 years, and currently serves as a Sr. Database Engineer in Belgium. Always an avid scripter, she attended the Monad session at Microsoft’s Professional Developers Conference in Los Angeles back in 2005 and has worked and played with PowerShell ever since. Chrissy is currently pursuing an MS in Systems Engineering at Regis University and helps maintain RealCajunRecipes.com in her spare time. She holds a number of certifications, including those relating to SQL Server, SuSE Linux, SharePoint and network security. She recently became co-lead of the SQL PASS PowerShell Virtual Chapter. You can follow her on Twitter at @cl.

Posted in Active Directory, VBScript
40 comments on “Active Directory: E-mail Notification for Newly Added Users and Computers
  1. Wayne Hall says:

    This is a great script – thanx much. I found it while looking for a script that notifies people of changes to groups. Ideally, I’d like a script to run at some interval, record the members of each group, and if members have been added or removed, notify a specific person (or the groups’ owner object).

    On the front of it, it should be pretty easy to do in perl or php and use a diff-type of function, and I can easily see it extending to a SQL database or some storage mechanism. Or maybe putting it into something like PBNJ, which uses nmap to discover new hosts and open ports on the network and notify of changes. This would be the same thing, but for Active Directory objects.

    Got any tips for what I’m looking for?

  2. Bernard says:

    What timezone does the program use…When running, the time the account is added is wrong

  3. Chrissy says:

    Hey Bernard,
    It’s initially GMT but then a bias is added depending on your computer’s timezone setting. How many hours difference do you see?

    As for your request wayne, that seems like a lot of work. After taking a long ass time to write the script above (the parsing was a pain), I’d look for a small package from some lil company. Maybe you can look into software from the company that makes RestoreADmin. That program is rad…it stores the AD scheme in a sql db.

  4. Bernard says:

    Thanks for your response Chrissy, I see a four hour difference. we are in the central time zone. Should I just adjust the bias -4?

  5. Very handy script.. Thanks for sharing!

  6. Mirza A. Baig says:

    Hello,
    I have been using this script for months now. It has been really handy. All I really need is for it to send email notification once a computer account is created. It was working, but now it is not. Nothing within the script has changed. It does still sends me notifications, but it says that 0 new users and 0 new computers have been added. Can you please assist?

  7. Mirza A. Baig says:

    Do you have a script that will send email notification once a computer account has been moved to a particular OU?

  8. David Sipp says:

    Exactly what I need. But I can not get a result. I am a domain admin and know the names and DNS are good. Scrip runs error free, just never recieve the results email? Here is what i have done to the variables section:
    ‘Please modify these four settings
    strSMTPServer = “daltfccxm01”
    strEmailFrom = “David Sipp ”
    strEmailTo = “User ”

    strTimeInUTC = CompareDateUTCConvert(“h”,-72)

    What can I check?

    Thanks,

    Dsipp

  9. David Sipp says:

    Ok, I figured it out. AV software caused the block. DOHHH!

  10. Phil says:

    Any chance you have some code that will email when any AD user or computer account data is changed?

    Thanks!

  11. RT says:

    Is there anyway you can modify the script so that it ONLY emails if there are changes in the AD. I manage many servers and I do not need emails for servers that did not change.

    Thx.

  12. Mohamed Ghaleb says:

    Hi, I got Windows Script Host Error in line 90 Char 1, Unspecified error, code 80004005, source: (null)

    I am in need to that script any help would be really great.

    Thank you.

  13. Mohamed Ghaleb says:

    By the way, I saved it on the DC it self, and running it with a Domain admin account.

  14. mrBOFH says:

    Thanks for the script. I ran into similar problems as Mohamed Ghaleb and fixed those by changing the below lines (Windows XP Pro box)

    Function CompareDateUTCConvert(dateAddInterval,compareNumber)
    ‘Wow, this is a lil complex. So createTimestamp is in UTC format.
    ‘So first we grab your machine’s time bias and then apply it.
    ‘Next, we adjust the date to the one you specified above (now()-24hours by default)
    ‘Finally, we parse the final date to UTC format ie. 20070207032200.0Z

    Replaced line 91
    ‘Set objSWbemServices = GetObject(“winmgmts:\\” & “{impersonationLevel=impersonate}!\.\root\cimv2”)

    With:
    Set objSWbemLocator = CreateObject(“WbemScripting.SWbemLocator”)
    Set objWMIService = objSWBemlocator.ConnectServer(strComputer,”\root\CIMV2″)

    And line 94
    ‘ Set colTimeZone = objSWbemServices.ExecQuery(“SELECT * FROM Win32_TimeZone”)

    With:
    Set colTimeZone = objWMIService.ExecQuery(“SELECT * FROM Win32_TimeZone”)

    The script now runs without a hitch. Now if I could only find out where to find how it was that added a user or computer.

  15. Don Barker says:

    I Love this Script. Nice work!

  16. Dale says:

    Thank you very much for this post, it was exactly what I needed!

    Dale

  17. jcran says:

    very helpful! thank you, you just gave me back 2+ hours of my weekend :)

  18. Andy Neale says:

    ..This is just what I needed…Had to make the changes as described by MRBOFH , but works great. Thnakyou so much for posting this.

    I just wish I understood VBS and how to write this stuff (I’m a Netwoking guy, not a programmer!)
    What I need now is someone to write one for notification if group membership changes……

  19. Dante says:

    My time is off by 4 hours how do i fix it

  20. Josh Groce says:

    I just wanted to say thank you. I was just looking into creating this script as my coworkers who constantly create vm’s do not alert me of new domain entries and now I have an email daily that will :). I simply used MRBOFH’s method and replaced line 91 but I eliminated lines 93-95 and it work’s fine on my Windows 7 box. Thanks again!

  21. Josh Groce says:

    Sorry but has anyone seen the change to make for the correct time? I’m looking an will post back if I find it.

  22. Clint says:

    Sme issue Here. Does anyone know how to make the time correct?

  23. Clint says:

    Here is the code that resolved my time issue. I am central, so i had to make this change and a few others for central time (strBias = strBias +60). You can add or take away time from the emailed report by changing the strBias value. Code is below.

    strSMTPServer = “”
    strEmailFrom = “”
    strEmailTo = “”
    Set objSWbemLocator = CreateObject(“WbemScripting.SWbemLocator”)
    Set objWMIService = objSWBemlocator.ConnectServer(strComputer,”\root\CIMV2″)
    Set colTimeZone = objWMIService.ExecQuery(“SELECT * FROM Win32_TimeZone”)

    For Each objTimeZone in colTimeZone
    strBias = objTimeZone.Bias
    Next

    strBias = strBias +60

    Set colTimeZone = Nothing
    Set objSWbemServices = Nothing

    strTimeInUTC = CompareDateUTCConvert(“h”,-24)

    On Error Resume Next
    numPersonCount = 0
    numComputerCount = 0

    Set objAdRootDSE = GetObject(“LDAP://RootDSE”)
    Set objRS = CreateObject(“adodb.recordset”)
    varConfigNC = objAdRootDSE.Get(“defaultNamingContext”)
    strConnstring = “Provider=ADsDSOObject”
    strWQL = “SELECT ADsPath FROM ‘LDAP://” & varConfigNC &_
    “‘ WHERE createTimeStamp > ‘” & strTimeInUTC &_
    “‘ and (objectCategory = ‘Person’ or objectCategory = ‘Computer’)”

    objRS.Open strWQL, strConnstring

    Do until objRS.eof
    Set objADUserOrComputer = GetObject(objRS.Fields.Item(0))
    strObjectCategory = ParseDN(objADUserOrComputer.objectCategory)

    Select Case strObjectCategory
    Case “Person”
    numPersonCount = numPersonCount + 1
    If Len(objADUserOrComputer.displayName) > 0 Then strUserMsg = strUserMsg & vbCrLf & “displayName = ” & objADUserOrComputer.displayName

    strUserMsg = strUserMsg & vbCrLf &_
    “sAMAccountName = ” & objADUserOrComputer.sAMAccountName &vbCrLf&_
    “sAMAccountType = ” & SAMAccountTypetoName(objADUserOrComputer.sAMAccountType) &vbCrLf&_
    “whenChanged = ” & convertFromGMT(objADUserOrComputer.whenChanged) &vbCrLf&_
    “whenCreated = ” & convertFromGMT(objADUserOrComputer.whenCreated)

    strUserGroups = ParseMemberOf(objADUserOrComputer.memberOf,objADUserOrComputer.PrimaryGroupID)
    strUserMsg = strUserMsg & vbCrLf & “Member Of: ” & strUserGroups

    If Len(objADUserOrComputer.userPrincipalName) > 0 Then strUserMsg = strUserMsg & vbCrLf & “userPrincipalName = ” & objADUserOrComputer.userPrincipalName
    strUserMsg = strUserMsg & vbCrLf

    Case “Computer”
    numComputerCount = numComputerCount + 1

    strCompMsg = strCompMsg & vbCrLf &_
    “dNSHostName = ” & objADUserOrComputer.dNSHostName &vbCrLf&_
    “isCriticalSystemObject = ” & objADUserOrComputer.isCriticalSystemObject &vbCrLf&_
    “operatingSystem = ” & objADUserOrComputer.operatingSystem &vbCrLf&_
    “operatingSystemServicePack = ” & objADUserOrComputer.operatingSystemServicePack &vbCrLf&_
    “operatingSystemVersion = ” & objADUserOrComputer.operatingSystemVersion

    If InStr(objADUserOrComputer.rIDSetReferences,”Domain Controller”) > 0 Then strCompMsg = strCompMsg & vbCrLf & “Domain Controller = Yes”
    If Len(objADUserOrComputer.description) > 0 Then strCompMsg = strCompMsg & vbCrLf & “description = ” & objADUserOrComputer.description
    If Len(objADUserOrComputer.machineRole) > 0 Then strCompMsg = strCompMsg & vbCrLf & “machineRole = ” & objADUserOrComputer.machineRole
    If Len(objADUserOrComputer.physicalLocationObject) > 0 Then strCompMsg = strCompMsg & vbCrLf & “physicalLocationObject = ” & ParseDN(objADUserOrComputer.physicalLocationObject)

    strCompMsg = strCompMsg & vbCrLf

    End Select

    objRS.movenext
    Set objADUserOrComputer = Nothing
    Loop

    objRS.close

    Set objRS = Nothing
    Set objAdRootDSE = Nothing

    If Len(strUserMsg) > 0 Then strEmailMessage = strEmailMessage & “——— USERS ———” & vbCrLf & strUserMsg & vbCrLf
    If Len(strCompMsg) > 0 Then strEmailMessage = strEmailMessage & “——— COMPUTERS ———” & vbCrLf & strCompMsg
    If Len(strUserMsg) = 0 And Len(strCompMsg) = 0 Then strEmailMessage = “No users or computers have been added in the last 24 hours.”

    Set objCDO = CreateObject(“CDO.Message”)
    objCDO.Subject = “Users Added: ” & numPersonCount & “. Computers Added: ” & numComputerCount & “.”
    objCDO.From = strEmailFrom
    objCDO.To = strEmailTo
    objCDO.TextBody = strEmailMessage
    objCDO.Configuration.Fields.Item(“http://schemas.microsoft.com/cdo/configuration/sendusing”) = 2 ‘cdoSendUsingPort (1 = local, 3 = Exchange)
    objCDO.Configuration.Fields.Item(“http://schemas.microsoft.com/cdo/configuration/smtpserver”) = strSMTPServer
    objCDO.Configuration.Fields.Item(“http://schemas.microsoft.com/cdo/configuration/smtpserverport”) = 25
    objCDO.Configuration.Fields.Update
    objCDO.Send
    set objCDO = Nothing

    Function CompareDateUTCConvert(dateAddInterval,compareNumber)
    strCompareDate = dateAdd(dateAddInterval,compareNumber,now())
    strUTCCompare = DateAdd(“n”,strBias*(-1),strCompareDate)
    CurrentUTC = Year(strUTCCompare) & Right(“0” & Month(strUTCCompare),2) & Right(“0” & Day(strUTCCompare),2)
    CurrentUTC = CurrentUTC & Right(“0” & Hour(strUTCCompare),2) & Right(“0” & Minute(strUTCCompare),2) & Right(“0” & Second(strUTCCompare),2) & “.0Z”
    CompareDateUTCConvert = CurrentUTC
    End Function

    function convertFromGMT(convertDate)
    convertFromGMT = DateAdd(“n”,strBias,convertDate)
    end function

    Function ParseDN(strDN)
    arrDN = split(strDN,”,”) ‘CN=Example-Thing,CN=Whatever,CN=Etc
    strDN = right(arrDN(0),len(arrDN(0))-3) ‘CN=Example-Thing -> Example-Thing
    strDN = replace(strDN,”-“,” “) ‘Example Thing
    ParseDN = strDN
    End Function

    Function ParseMemberOf(memberof,primarygroupid)
    Select Case TypeName(memberof)
    Case “String” ParseMemberOf = ParseDN(memberof)
    Case “Empty” ParseMemberOf = PrimaryGroupIDtoName(primarygroupid,varConfigNC)
    Case “Variant()”
    For each groupDN in memberof
    strUserGroups = strUserGroups & vbCrLf & ParseDN(groupDN)
    Next
    ParseMemberOf = strUserGroups
    Case Else ParseMemberOf = “Unknown”
    End Select
    End Function

    Function SAMAccountTypetoName(theType)
    Select Case theType
    Case 268435456 SAMAccountTypetoName = “Group Object”
    Case 268435457 SAMAccountTypetoName = “Non-Security Group Object”
    Case 536870912 SAMAccountTypetoName = “Alias Object”
    Case 536870913 SAMAccountTypetoName = “Non-Security Alias Object”
    Case 805306368 SAMAccountTypetoName = “Normal User Account”
    Case 805306369 SAMAccountTypetoName = “Machine Account”
    Case 805306370 SAMAccountTypetoName = “Trust Account”
    Case 1073741824 SAMAccountTypetoName = “App Basic Group”
    Case 1073741825 SAMAccountTypetoName = “App Query Group”
    Case 2147483647 SAMAccountTypetoName = “Account Type Max”
    Case Else SAMAccountTypetoName = “Unknown”
    End Select
    End Function

    Function PrimaryGroupIDtoName(PGID,varConfigNC)
    ‘Ugh.. the alternative to this function can be found here:
    ‘http://support.microsoft.com/kb/297951
    ‘both are kinda nasty.
    Set objRSPGID = CreateObject(“adodb.recordset”)
    Connstring = “Provider=ADsDSOObject”
    strSQL = “;(objectCategory=group);distinguishedName,primaryGroupToken,name;subtree”
    objRSPGID.Open strSQL, Connstring
    If not objRSPGID.eof and not objRSPGID.bof Then
    Do until objRSPGID.eof Or Len(strGroupName) > 0
    If PGID = objRSPGID(“primaryGroupToken”) Then strGroupName = objRSPGID(“name”)
    objRSPGID.movenext
    Loop
    End If
    objRSPGID.close
    Set objRSPGID = Nothing
    If Len(strGroupName) = 0 Then strGroupName = “Unknown”
    PrimaryGroupIDtoName = strGroupName
    End Function

  24. Jay says:

    great script. does anyone know if it’s possible to have the script display the user who created the new user account or joined the computer to the domain as part of the report?

  25. Shawn P. says:

    So has anyone had this script working in 08R2? This is exactly what I need but it's not working. I'm getting an error on line 91, similar to above, but the fixes don't help.
    Clint's script is all broken and I'm no programmer (network guy) so I have no clue what's what in it.

    Any help….. Thx in advance.

  26. dave p says:

    Fix is easy. Change this line:

    Set objSWbemServices = GetObject("winmgmts:" & "{impersonationLevel=impersonate}!.
    ootcimv2")

    to this:

    Set objSWbemServices = GetObject("winmgmts:" & "{impersonationLevel=impersonate}!.
    ootcimv2")

    (note additional slash)

  27. Rob Benedit says:

    Your the best! Thank you for making this vb script !

  28. lampoz says:

    Guy i nedd fix for error at line 91 i have replace the string but again got error on 2008R2 nay fix pls?

  29. Vikram Barkataky says:

    Hi All,

    I am getting an error. Can someone please let me know what to put in which line for Eastern Time(US and Canada) ?

    Thanks
    Vikram

  30. justin ryan says:

    Hi, firstly thanks for a great script.
    However is there a way to make it more specific with regards to when in a domain it scrapes the new users from.
    Reason for asking, is that we are in the uk, we are part of a european domain schema. We don't want to scrape objects for other countries.
    Can this be done.

    e.g.

  31. Justin Ryan says:

    Also how do I go about adding objSecurityDescriptor.Owner so we can keep a audit of who created the account/resource

  32. Ray says:

    Hi Everyone, I used the same script and I received an error

    Line: 91
    Char: 1
    Error: 0x80041021
    Code: 80041021
    Source: (Null)

    Line 91 is:
    Set objSWbemServices = GetObject("winmgmts:" & "{impersonationLevel=impersonate}!.rootcimv2")

    The Windows i am using is 7 X64

    Any advise how to fix this error?

    Thanks,

  33. Hartmanos says:

    For those running this script on W2k8 / W2k8 R2 or Windows 7 or others and are experiencing the issue :
    Line: 91
    Char: 1
    Error: 0x80041021
    Code: 80041021
    Source: (Null)

    Kindly go to line 91 and before the dot ". " correct the alone " " to 2 slashes " \ " and then you must have your correct line's end looking like below :
    {impersonationLevel=impersonate}!\.rootcimv2")

    so the error came from missing 2 slashes " \ " after the exclamation symbol " ! "

    Much thanks to the owner of this great script, i'm not a programmer or VBS script guy, i've asked help to my programmers team to fix this.

  34. BMCD says:

    Great script! I ended up using Ray’s edit and it works great. I need a modification and i’m not sure how to do it myself.

    I would like to point it to a specific people ou and a specific computer ou and only report back on those rather than the whole org. Is this possible?

  35. BenD says:

    I did what Hartmanos suggested by inserting the line 91 but now I get error on line 92. Any help would be appreciated.

    Set objSWbemServices = GetObject(“winmgmts:” & “{impersonationLevel=impersonate}!\.rootcimv2”)

    Line: 92
    Char: 1
    Error 0x80041021
    code: 80041021
    Source (null)

  36. BenD says:

    Update:
    Had a programmer friend take a look and he fixed it by adding a slash. Script work like a charm.

    Set objSWbemServices = GetObject(“winmgmts:” & “{impersonationLevel=impersonate}!\\.\root\cimv2”)

  37. raja says:

    Please help me to get details about adding objSecurityDescriptor (Objects creators) with this script result?

    Thanks in advances

  38. Fahru says:

    i have tray this script and no error but when double klik i’m not have something else, how to runing this script, whats wrong, please help

  39. Rene says:

    Nice script !!
    Best regards

  40. Lakshman says:

    Nice Script.

    Please let me know how to modify this script to search from child domains as well.

    Parent.com
    Child1.parent.com
    Child2.parent.com

    I have tried to modify the string like
    strWQL = “SELECT ADsPath FROM ‘LDAP://Parent.com/DC=child1,” & varConfigNC &

    But nothing was returned. Can you please help me.

Leave a Reply

Your email address will not be published. Required fields are marked *

*