Does anyone have a script that will output to a file who has a Published Certificate in Active Directory and who does not? We are trying to find out without going thru 1500 users one by one who does not have a published certificate.
Thank you.
DSQuery / Script for Published Certificates
Forum rules
Do not post any licensing information in this forum.
Any code longer than three lines should be added as code using the 'Select Code' dropdown menu or attached as a file.
Do not post any licensing information in this forum.
Any code longer than three lines should be added as code using the 'Select Code' dropdown menu or attached as a file.
DSQuery / Script for Published Certificates
Does anyone have a script that will output to a file who has a Published Certificate in Active Directory and who does not? We are trying to find out without going thru 1500 users one by one who does not have a published certificate.
Thank you.
Thank you.
DSQuery / Script for Published Certificates
I'm not even familiar with where that info is *kept* in AD. If you can tell me that I could probably show how to get the info...
DSQuery / Script for Published Certificates
So you'd do a GetEx("userCertificate") with the user object.
DSQuery / Script for Published Certificates
Thank you for all of the replies. On the last reply where can I tell the script what OU to look under, if I wanted to drill it down to a specific OU? I do not have control over the entire AD structure and don't want to query the whole thing either.
Thank you in advance.
Thank you in advance.
DSQuery / Script for Published Certificates
We have users publish there certs with a 3rd party tool. We would want to use a script like this to query our OU and report back on who does or does not have a cert published. I could query and get a list of samAccountName but where would I put that in othman's script so that it would only look for those users?
DSQuery / Script for Published Certificates
Post your current script. I don't see what the issue is.
To get users from ou:
Set collectionUsers = GetObject(LDAP://ou=myou,dc=domain,dc=com)
This will get all of the objects in the specified OU. If it is in a hierarchy you would need to specifiy all of the elements of the hierarchy.
Posting your script would make this all a bit easier.
Othmans script look like it retrieves all users and their certs. That is what you asked for originally.
YOu could modify this variabel "varConfigNC " by adding teh OU at teh font like this: varConfigNC = "ou=myou," & varConfigNC
This would force the script to use only the specified OU. Hierarchy rules still apply.
To get users from ou:
Set collectionUsers = GetObject(LDAP://ou=myou,dc=domain,dc=com)
This will get all of the objects in the specified OU. If it is in a hierarchy you would need to specifiy all of the elements of the hierarchy.
Posting your script would make this all a bit easier.
Othmans script look like it retrieves all users and their certs. That is what you asked for originally.
YOu could modify this variabel "varConfigNC " by adding teh OU at teh font like this: varConfigNC = "ou=myou," & varConfigNC
This would force the script to use only the specified OU. Hierarchy rules still apply.
DSQuery / Script for Published Certificates
It might be...
cn=john smith,ou=hro,ou=users,ou=all,dc=smith,dc=com
But you need to understand how LDAP works and how AD is structured. I don't hink you have provided the correct information so this might not work.
cn=john smith,ou=hro,ou=users,ou=all,dc=smith,dc=com
But you need to understand how LDAP works and how AD is structured. I don't hink you have provided the correct information so this might not work.