Jump to content

Get Domain User's full name locally despite being removed from AD?


Recommended Posts

Hi all,

I'm currently writing a backup script to automate the process of storing and compressing data for any member leaving the firm I work at. Ideally I would like to pull the user's display name or full name, for instance, a WMI query selecting FullName WHERE Win32_NetworkLoginProfile Name equals "Domain\kefinnegan" would bring back "Kevin Finnegan" or whatever naming convention your company uses.

Although this solution seems ideal as long as you log in as a user with privileged access, it won't work if the domain user you wish to backup has been purged from the Active Directory system entirely as the WMIService seems to query it in some shape or form (thousands of members in our firm, need to trim the fat every now and then). I was wondering if it's possible to query an API, service or possibly even scan registry entries stored on the leaver's machine while logged in as the local administrator (can run the script with privileged domain credentials if needs be) that could give me a domain user's full name, who logged onto this machine, without the use of Active Directory?

Edited by Kevin Finnegan
for clarity
Link to comment
Share on other sites

Kevin Finnegan, welcome to AutoIt and to the forum!

once a user account is removed from AD, then not only the full name is removed - the entire record is lost. you won't be able to retrieve the email address, office address, or whatever other fields AD have that you use. what you can do is query the event log for login events to determine the account short name ("kefinnegan" in your example), and devise some other way of matching that to the full name. one likely way would involve HR - they can match the short name with a (hopefully not too long) list of recently departed users.

oh, and JohnOne does make a good point - do all that before removal from AD. you can disable the account in AD while you remove it from various systems in your firm, and remove it completely from AD once all other removal steps have been completed.

Signature - my forum contributions:

Spoiler

UDF:

LFN - support for long file names (over 260 characters)

InputImpose - impose valid characters in an input control

TimeConvert - convert UTC to/from local time and/or reformat the string representation

AMF - accept multiple files from Windows Explorer context menu

DateDuration -  literal description of the difference between given dates

Apps:

Touch - set the "modified" timestamp of a file to current time

Show For Files - tray menu to show/hide files extensions, hidden & system files, and selection checkboxes

SPDiff - Single-Pane Text Diff

 

Link to comment
Share on other sites

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!

Register a new account

Sign in

Already have an account? Sign in here.

Sign In Now
 Share

×
×
  • Create New...