Find an SPN in Active Directory using VBScript

Here's a VBScript that will find a servicePrincipalName (SPN) in Active Directory. The script searches Active Directory for users and computers that have the specified SPN associated with them. This is handy if you have duplicate SPN's you want to get rid of. Click here to find an SPN using a Perl script.

spn = "HTTP/myWebSite.myDomain.com"
set dse = GetObject("LDAP://RootDSE")
root = dse.Get("RootDomainNamingContext")
adpath = "GC://" & root
base = "<" & adpath & ">"
Set conn = CreateObject("ADODB.Connection")
Set comm = CreateObject("ADODB.Command")
conn.Provider = "ADsDSOObject"
conn.Open "Active Directory Provider"
Set comm.ActiveConnection = conn
comm.Properties("Page Size") = 1000
comm.CommandText = base & ";(servicePrincipalName=" & spn & ");cn,samAccountName;subtree"
Set rs = comm.Execute
Do Until rs.EOF
 cn = rs.Fields(0).Value
 sam = rs.Fields(1).Value
 Wscript.Echo spn & " is registered to " & cn & " (" & sam & ")"
 rs.MoveNext
Loop

0 comments:

Post a Comment

Related Posts Plugin for WordPress, Blogger...