This blog is by design...

Thursday, May 26, 2005

Search your entire Domain for a particular smtp email address, or 'proxyAddresses' attribute

I understand it can be pretty tricky to find an existing SMTP address, especially if that address is assigned to a group or Public Folder. Most of the solutions I've seen for this problem involve printing a list of all addresses in the domain and sorting through that by hand, or searching ONLY public folders, or only users, etc. Visit typepad for information on how to do these types of searches.

Although you might find these methods useful and not too time consuming if you're in a small domain, in a large domain this could take a while. And what if you only need to find what user/group/public folder a single address is assigned to? Who wants to wade through a ton of reports to find that single address? Anyways, I wrote a little vbscript to do it. To give you a little background, the email addresses you see listed under the E-mail addresses tab in the ADUC are stored in AD in what's called a 'multivalued' attribute. Meaning just what it says, this attribute can hold more than one value, meaning one user can have several different email addresses, or 'proxyAddresses'.

Anyways, to use the script just edit the first line so that it matches the address you're looking for (it's not case sensitive, and don't remove the SMTP portion!), save the file as search.vbs (or whatever.vbs) and double click. It may take a few minutes to run depending on how large your domain is, but if the address is assigned to a user, group or public folder, the script should find it.

strAddress = lcase("SMTP:anyone@domain.com")
strFound = FALSE

Set objRootDSE = GetObject("LDAP://rootDSE")
Set objDomainRoot = GetObject("LDAP://"& _
objRootDSE.Get("defaultNamingContext"))
wscript.Echo "Searching for address "& _
"SMTP:kris@norfolk.gov. Click OK to continue"

For Each objItem in objDomainRoot
If strFound = FALSE Then
'wscript.Echo objitem.Name
If objItem.Class="organizationalUnit" Then
'wscript.Echo objItem.ADSPath
OURecurse objItem.ADSPath
End If

If objItem.Class="user" Then
'wscript.Echo objItem.name
ProcessUsers objItem
End If

If objItem.Class="group" Then
ProcessUsers objItem
End If

'The below portion of code searches public folders
If objItem.cn ="Microsoft Exchange System Objects" then
'wscript.Echo objItem.Name
OURecurse objItem.ADSPath
End If
End If
Next

wscript.Echo "All Done"

Set objRootDSE = Nothing
Set objDomainRoot = Nothing


'*************************************************
Sub ProcessUsers(objUsers)
On Error Resume Next

'wscript.Echo objUsers.Name
set objProxy = GetObject("LDAP://"& objUsers.distinguishedName)
For Each proxyAddresses in objProxy.GetEx("proxyAddresses")
If lcase(proxyAddresses) = strAddress then
If objProxy.Class="publicFolder" then
wscript.Echo "Proxy address "& strAddress &" is assigned to a "& _
"Public Folder named '"& objProxy.displayName &"', "& _
"in Public Folder Path "& objProxy.folderPathname
Else
wscript.Echo "Proxy address "& strAddress &" is assigned "& _
"to the user or group with a samAccountName of '"& _
objProxy.saMAccountName &"' and a display name of "& _
objProxy.displayName
End If
strFound = TRUE
End If
Next

set objProxy = Nothing

End Sub


'**************************************************
Sub OURecurse(objFirst)

' This OU is responsible for going through the AD Structure

Dim objOrgUnit, objItem

Set objOrgUnit = GetObject(objFirst)
For Each objItem in objOrgUnit
If objItem.Class="user" Then
'wscript.Echo objItem.Name
ProcessUsers objItem
End If

If objItem.Class="group" Then
ProcessUsers objItem
End If

If objItem.Class="publicFolder" Then
ProcessUsers objitem
End If

If objItem.Class="organizationalUnit" Then
'wscript.Echo objItem.Name
OURecurse objItem.ADSPath
End If
Next

Set objOrgUnit = Nothing
Set objFirst = Nothing

End Sub
'**********************************************

2 Comments:

  • The article was very interesting and informative for me. weight loss Read a useful article about tramadol tramadol

    By Anonymous Anonymous, at 8:59 AM  

  • I have one very interesting notice.
    In a big environment using the recursive algorithm may be problematic.
    I try to use the algorithm in a not trivial environment and search an OpenLDAP with 11500+ objects.
    And my observation is that some OUs were enumerated wrong.
    In some cases only exact 100 objects were returned, while the OUs included for example 450 objects... I needed to change the recursive algorithm to the interactive one.

    By Anonymous Anonymous, at 7:41 AM  

Post a Comment

<< Home