Kevin Finnegan Posted December 10, 2015 Posted December 10, 2015 (edited) Hi all,I'm currently writing a backup script to automate the process of storing and compressing data for any member leaving the firm I work at. Ideally I would like to pull the user's display name or full name, for instance, a WMI query selecting FullName WHERE Win32_NetworkLoginProfile Name equals "Domain\kefinnegan" would bring back "Kevin Finnegan" or whatever naming convention your company uses.Although this solution seems ideal as long as you log in as a user with privileged access, it won't work if the domain user you wish to backup has been purged from the Active Directory system entirely as the WMIService seems to query it in some shape or form (thousands of members in our firm, need to trim the fat every now and then). I was wondering if it's possible to query an API, service or possibly even scan registry entries stored on the leaver's machine while logged in as the local administrator (can run the script with privileged domain credentials if needs be) that could give me a domain user's full name, who logged onto this machine, without the use of Active Directory? Edited December 10, 2015 by Kevin Finnegan for clarity
JohnOne Posted December 10, 2015 Posted December 10, 2015 Silly question, would it not be prudent to back this stuff up before purging a user from the system? AutoIt Absolute Beginners Require a serial Pause Script Video Tutorials by Morthawt ipify Monkey's are, like, natures humans.
orbs Posted December 10, 2015 Posted December 10, 2015 Kevin Finnegan, welcome to AutoIt and to the forum!once a user account is removed from AD, then not only the full name is removed - the entire record is lost. you won't be able to retrieve the email address, office address, or whatever other fields AD have that you use. what you can do is query the event log for login events to determine the account short name ("kefinnegan" in your example), and devise some other way of matching that to the full name. one likely way would involve HR - they can match the short name with a (hopefully not too long) list of recently departed users.oh, and JohnOne does make a good point - do all that before removal from AD. you can disable the account in AD while you remove it from various systems in your firm, and remove it completely from AD once all other removal steps have been completed. Signature - my forum contributions: Spoiler UDF: LFN - support for long file names (over 260 characters) InputImpose - impose valid characters in an input control TimeConvert - convert UTC to/from local time and/or reformat the string representation AMF - accept multiple files from Windows Explorer context menu DateDuration - literal description of the difference between given dates Apps: Touch - set the "modified" timestamp of a file to current time Show For Files - tray menu to show/hide files extensions, hidden & system files, and selection checkboxes SPDiff - Single-Pane Text Diff
Recommended Posts
Create an account or sign in to comment
You need to be a member in order to leave a comment
Create an account
Sign up for a new account in our community. It's easy!
Register a new accountSign in
Already have an account? Sign in here.
Sign In Now