Populating the address book

**SoCi0pAtH** · 06-14-2018, 05:38 PM

Re: Populating the address book

Softterra LDAP browser is free and a great quick way to GUI browse a LDAP server. Its a easy way to see what attributes you can query and what you can expect as an output. It also comes populated with some free test ldap servers.

Softerra LDAP Browser

**SoCi0pAtH** · 06-14-2018, 05:41 PM

Re: Populating the address book

Working code

Code:

echocls
Taskkill /IM Excel.exe /F
setlocal enabledelayedexpansion


for /f "delims=" %%i in ('adfind ^-nodn ^-list ^-s one ^-soao ^-f objectclass^=OrganizationalUnit ^-b ^"OU^=Users^-Corporate^,OU^=UserAccounts^,DC^=mycompany^,DC^=int^" OU') do (
	echo =============================Processing OU %%i========================================
	echo Abbreviated name,E-Mail: E-Mail Address,SMB: Host Address,SMB: File Path,SMB: User ID,SMB: Password,WellUse> "%%i.csv"
	for /f "delims=" %%j in ('adfind ^-soao -b "OU=%%i,OU=Users-Corporate,OU=UserAccounts,DC=mycompany,DC=int" ^-f objectclass^=person ^-list sAMAccountName') do (
		set abbreviated=
		set first=
		set last=
		set destination=SMB
		set mail=
		set password="XXXXXXX"
		set smbhost=myserver
		set smbpath=users\
		set smbid=CRP-PRT
		echo  Adding %%j to site %%i
		for /f "delims=" %%k in ('adfind -b ^"OU^=Users^-Corporate^,OU^=UserAccounts^,DC^=mycompany^,DC^=int^" ^-nodn ^-nocsvheader ^-list ^-f ^"sAMAccountName^=%%j^" displayName') do set abbreviated=%%k
		for /f "delims=" %%m in ('adfind -b ^"OU^=Users^-Corporate^,OU^=UserAccounts^,DC^=mycompany^,DC^=int^" ^-nodn ^-nocsvheader ^-list ^-f ^"sAMAccountName^=%%j^" givenname') do set first=%%m
		for /f "delims=" %%q in ('adfind -b ^"OU^=Users^-Corporate^,OU^=UserAccounts^,DC^=mycompany^,DC^=int^" ^-nodn ^-nocsvheader ^-list ^-f ^"sAMAccountName^=%%j^" sn') do set last=%%q
		for /f "delims=" %%r in ('adfind -b ^"OU^=Users^-Corporate^,OU^=UserAccounts^,DC^=mycompany^,DC^=int^" ^-nodn ^-nocsvheader ^-list ^-f ^"sAMAccountName^=%%j^" mail') do set mail=%%r
        	echo !abbreviated!,!mail!,!smbhost!,!smbpath!!first!.!last!\scans,!smbid!,!password!
		Echo
	        echo !abbreviated!,!mail!,!smbhost!,!smbpath!!first!.!last!\scans,!smbid!,!password!>> "%%i.csv"
		)
	rem "C:\Program Files\Microsoft Office 15\root\Office15\excel.exe" "c:\scripts\%%i.csv"      
	)

**NeoMatrix** · 06-14-2018, 09:43 PM

Re: Populating the address book

Originally posted by SoCi0pAtH

[snip]

The script is working now, I'm having an issue with OU's that have spaces in the name that I havent had time to workout. IF the OU has spaces in the name the second ADFIND fails

Example of how to remove spaces.

--------------------------------
echo off
cls
setlocal ENABLEDELAYEDEXPANSION

set OU_Text= The Cat Sat On The Mat

rem remove spaces here with ": ="
set NoSpaces=!OU_Text: =!

echo !NoSpaces!
--------8<------------------------

c:\> TheCatSatOnTheMat

**SoCi0pAtH** · 06-15-2018, 12:17 AM

Re: Populating the address book

Originally posted by NeoMatrix

Example of how to remove spaces.

--------------------------------
echo off
cls
setlocal ENABLEDELAYEDEXPANSION

set OU_Text= The Cat Sat On The Mat

rem remove spaces here with ": ="
set NoSpaces=!OU_Text: =!

echo !NoSpaces!
--------8<------------------------

c:\> TheCatSatOnTheMat

The spaces need to be there for Distinguished name (cant be modified) or it wont work. I have to figure out how to get CMD to ignore the spaces in the command while its running.

**NeoMatrix** · 06-15-2018, 12:26 PM

Re: Populating the address book

Some sample batch code using the public debian LDAP server.

Cut and paste the below batch code.

Should people decide to run this code, it will load the debian public LDAP server OU=users, all 1.4MB of user data.
The final filtered output will only output the first random 50 lines, for the sake of keeping it simple.

The purpose of posting this code is give those interested a start point within the LDAP topic.
Apology for the broken CTN text formatting when posting. People will have to fix the text over wrapping format themselves.
----------------------------------------------------------------------------------

echo off
setlocal ENABLEDELAYEDEXPANSION ENABLEEXTENSIONS
cls
echo ************* LDAP Server Query. ********************
echo This batch file Querys a public internet LDAP server.
echo Output is limited to 50 lines of formatted text.
echo This is a totally random LDAP filter demonstration.
echo Author:Neomatrix, www.copytechnet.com
echo ***********************************[Ver 1.1]*********
echo.
echo Running...... please wait....

rem -------------------- Main --------------
rem Debian host is anonymous login, no password required.
set LDAP_Host=db.debian.org:389
set datafile="_ldaphost.txt"
set csvfile="outfile.txt"
set "T= "
for /L %%i in (1,1,70) do set "Bar=!Bar!="
rem set maxlines high value to output all lines.
set /a maxlines=50
rem matching fields to output
set /a matching=4

call :Init !LDAP_Host! !datafile!
call :Header !csvfile!
call :Body !datafile! !csvfile!
call :Footer !csvfile!
call :CRT_Display !csvfile!
goto End

rem ----------------- Init -----------------
:Init LDAP_Host datafile
set host=-h %1 -simple -up
rem set sw=-list -s one -soao
set "sw="
set params=-b ou=users,dc=debian,dc=org

(adfind %host% %sw% %params%) > %2
echo Host query done...

exit /b

rem ---------------- Header ----------------
:Header outfile
echo !Bar! > %1
echo First!T!Last!T!!T!PGP Key!T!!T!URL >>%1
echo !Bar! >> %1
exit /b

rem ------------------ Filter -------------
:Body datafile csvfile
set /a max=0
set /a block=0
set /a sameblock=1
set /a seeklines=0

for /f "tokens=1* delims=:" %%i in (%~1) do (
set id=%%i:
set value=%%j

rem *** filter values from datafile ***
rem add more search and output fields here.
rem must increment the "matching" variable to suite.

if "!id!"=="dn:" set /a block=!block!+1
set /a seeklines=!seeklines!+1

if !block!==!sameblock! (
if "!id!"==">cn:" (set cname=!value!
set /a cnt=!cnt!+1)
if "!id!"==">sn:" (set sname=!value!
set /a cnt=!cnt!+1)
if "!id!"==">labeledURI:" (set aUrl=!value!
set /a cnt=!cnt!+1)
if "!id!"==">keyFingerPrint:" (set Pgp=!value!
set /a cnt=!cnt!+1)

) else (

rem *** Output valid user block. Limit to 50 users while testing***
rem *** Only output user values greater equal to above 4 matching fields
set /a sameblock=!block!

if !cnt! GEQ !matching! (
echo !cname!,!sname!,!Pgp:~0,16!,!aUrl!>> %2
set /a cnt=0
rem **limit max lines output**
set /a max=!max!+1
if !max!==!maxlines! exit /b

)))
exit /b

rem ---------------- Footer ----------------
:Footer outfile
echo !Bar! >> %1
echo Search lines: !seeklines! truncated at : !maxlines! >> %1
exit /b

rem ---------------- CRT Display ----------------
:CRT_Display outfile
type %1
exit /b

:End
endlocal
timeout /t 15

-----------8<--------------------------------------------------------------------

Sample output from the above batch file.

First----Last--------- PGP Key-------- WEB
=================================================
Klaus, Kettner, 556054EA47665DE, die-kettners.de
Yasuhiro, Araki, BADAB1EEB153F41, profile of yasu/Ar
Mark, Howard, 7DDF975E73435AC, http://www.tildemh.com
Zhao, Way, 7DDF975E73435AC, http://www.tildemh.com
Massimo, Dal Zotto, F9AB00C13E3A812, http://people.debian.org/~dz/
Thomas, Bushnell, A7676E0D4B855C1, http://www.mit.edu/~tb
Mark, Ng, A7676E0D4B855C1, http://www.mit.edu/~tb http://people.debian.org/~rb/
Michael, Schiansky, F369DA7EB08B032, http://www.dummdoof.de
Chris, Davis, F369DA7EB08B032, http://www.lrtw.org

**NeoMatrix** · 06-16-2018, 12:49 PM

Re: Populating the address book

echo off
setlocal ENABLEDELAYEDEXPANSION ENABLEEXTENSIONS
cls
echo ************* LDAP Server Query. ********************
echo This batch file Querys a public internet LDAP server.
echo Output is limited to 50 lines of formatted text.
echo This is a totally random LDAP filter demonstration.
echo Author:Neomatrix, Copytechnet Home
echo ***********************************[Ver 1.1]*********
echo.

echo Running...... please wait....

snip

The above "ad.bat" version 1.1 has an output bug....

The lastest: Ver1.3 has the bug fixed plus a couple of optimisation tweaks, it executes a lot faster...
I made the search field filter set easier for people to understand and modify to suite.

If anybody is interested I will post the updated version 1.3 to the forum.

Otherwise people can PM me an I will email the update code in private...

**NeoMatrix** · 07-15-2018, 11:54 PM

Re: Populating the address book

Originally posted by SoCi0pAtH

Working code

Code:

echocls
Taskkill /IM Excel.exe /F
setlocal enabledelayedexpansion

{random snip}

        )
    rem "C:\Program Files\Microsoft Office 15\root\Office15\excel.exe" "c:\scripts\%%i.csv"      
    )

How'd you go with your latest LDAP address book program code....?

I'm interested to see what you finished up with....

Populating the address book

Comment

Comment

Comment

Comment

Comment

Comment

Comment