How Can I Convert a DN to this Format: finance.fabrikam.com/Users?

How Can I Convert a DN to this Format: finance.fabrikam.com/Users?

  • Comments 1
  • Likes
Hey, Scripting Guy! Question

Hey, Scripting Guy! How can I convert a DN to this format: finance.fabrikam.com/Users?

-- CW

SpacerHey, Scripting Guy! AnswerScript Center

Hey, CW. You know, this is a pretty good question; in fact, we should have used it for the Winter Scripting Games. Ah, but, on second thought, maybe it’s a good thing we didn’t use it. Why not? Well, because all the Scripting Games competitors could find the answer right here:

On Error Resume Next

Set objSysInfo = CreateObject("ADSystemInfo")

strUser = objSysInfo.UserName
Set objUser = GetObject("LDAP://" & strUser)

strDN = objUser.distinguishedName

arrDN = Split(strDN, ",")

For i = 0 to UBound(arrDN)
    intLength = Len(arrDN(i))
    intCounter = intLength - 3
    arrDN(i) = Right(arrDn(i), intCounter)
Next

For i = 1 to UBound(arrDN) - 1
    strNewName = strNewName & arrDN(i) & "."
Next

intLastItem = UBound(arrDN)
strNewName = strNewName & arrDN(intLastItem) & "/" & arrDN(0)

Wscript.Echo strNewName

OK, yes: it’s a little complicated. But really, it’s not as bad as it first looks, something you’ll soon see for yourself.

To begin with, CW, it appears your example referenced an OU, something with a DN (distinguished name) like this:

ou=Users,ou=finance,dc=fabrikam,dc=com

We thought we should point out that we’re using a user account as our example. However, that shouldn’t matter: this technique will work with any DN, regardless of the underlying object type. We went with the user account simply because it provided a way for us to offer up a sample script that anyone could use as-is, without having to change a thing.

You’re welcome.

The script starts off by creating an instance of the ADSystemInfo object; this is an ADSI object that returns information about the logged-on user. We grab the value of the UserName property and store it in a variable named strUser, then use that value to bind to the actual user account in Active Directory. All that takes just two lines of code:

strUser = objSysInfo.UserName
Set objUser = GetObject("LDAP://" & strUser)

Once we’ve made a connection to the user account we can then get the value of the distinguishedName attribute, something we store in a variable named strDN. That DN will look something like this:

cn=KenMyer,ou=finance,dc=fabrikam,dc=com

OK, that part was easy. But now what do we do?

Here’s what we do. First, we issue this command:

arrDN = Split(strDN, ",")

What this does is split our DN into an array named arrDN. By splitting the DN on the comma we end up with an array that looks like this:

cn=KenMyer
ou=finance
dc=fabrikam
dc=com

In turn, that brings us to this block of code:

For i = 0 to UBound(arrDN)
    intLength = Len(arrDN(i))
    intCounter = intLength - 3
    arrDN(i) = Right(arrDn(i), intCounter)
Next

At the moment, arrDN consists of all the items we need to construct our new name format. However, there’s a problem: the first three characters in each of these elements (e.g., cn=KenMyer) are characters we don’t want in our new name. (In other words, we want to chop the cn= off cn=KenMyer). That’s what the preceding block of code does. For each item in the array we:

Use the Length function to determine the length of the item (that is, the number of characters in the string).

Subtract 3 from the length. Why 3? Because that’s the number of characters we want to get rid of.

Use the Right function to extract all but the first three letters of the string. That means that, working backwards, we take the characters KenMyer but don’t take the characters cn=. We then assign this truncated value to the value of the array item.

That should make more sense when you see what our array looks like now:

KenMyer
finance
fabrikam
com

As you can see, we’re getting closer.

Next we take the middle items in the array (excluding the first and last items) and construct a string that looks like this:

finance.fabrikam.

Here’s how we do that:

For i = 1 to UBound(arrDN) - 1
    strNewName = strNewName & arrDN(i) & "."
Next

Notice that in this For Next loop we start with the second item in the array (remember, the first item in an array is always item 0, making the second item item 2). Inside the loop we build up a string value named strNewName that consists of the value of each array item plus a period tacked on to the end. Note again that we’re not using all the array items: in addition to starting with item 2 we also stop before we get to the last item. Why? Well, we don’t want to append a period to the very last item; working with all the items except the last one makes it easy to avoid putting a period at the end of that last item. When this block of code finishes we’ll have a string that looks like this:

finance.fabrikam.

We’re now so close we can taste it. To finish this off all we have to do is add three things to the end of the string:

The last item in the array (we can easily determine the item number of the last item by using the UBound function).

The / character.

The user’s CN (which happens to be the first item in our array).

Sounds hard, doesn’t it? And yet, all those chores can be achieved with just two lines of code:

intLastItem = UBound(arrDN)
strNewName = strNewName & arrDN(intLastItem) & "/" & arrDN(0)

And then we simply echo back our new name and call it a day:

finance.fabrikam.com/KenMyer

Cool, huh?

Your comment has been posted.   Close
Thank you, your comment requires moderation so it may take a while to appear.   Close
Leave a Comment
  • here is my script , i am useing excel to do some domain user analysis, so the script is different to your request the input is a dn, output is a organizational structure without user CN, like : input: CN=USER01,OU=USERS,DC=CONTOSO,DC=COM,DC=CN output: DC=CN,DC=COM,DC=CONTOSO,OU=USERS, Function dn2cn(DNstr) DNarray = Split(DNstr, ",") CNstr = "" For i = 1 To UBound(DNarray) - 1 'if you want user CN, just change i=0 CNstr = DNarray(i) & "," & CNstr Next dn2cn = CNstr End Function