The following script tells you who has registered for PM in AD. I wrote this many years ago, but should still work. Also if you use the ADSI Edit tool you will find other values related to each user for PM. vb script: 'usage: wscript pmfind.vbs c:\userlist.txt Dim objConnection, objCommand, OU Dim strFilter, strQuery, objRecordSet, objArgs strExportFile = wscript.arguments(0) set fso = CreateObject("Scripting.FileSystemObject") set output = fso.CreateTextFile(strExportFile, True) OU = "DC=YOURSITE,DC=LOCAL" 'repalce with your LDAP path sam = "*" Set objConnection = CreateObject("ADODB.Connection") Set objCommand = CreateObject("ADODB.Command") objConnection.Provider = "ADsDSOOBject" objConnection.Open "Active Directory Provider" Set objCommand.ActiveConnection = objConnection strBase = "<LDAP://" & OU & ">" 'Define the filter elements strFilter = "(&(objectCategory=person)(objectClass=user)(sAMAccountName=" & sam & "))" 'List all attributes you will require strAttributes = "distinguishedName,sAMAccountName,givenName,sn,userPrincipalName" 'compose query strQuery = strBase & ";" & strFilter & ";" & strAttributes & ";subtree" objCommand.CommandText = strQuery objCommand.Properties("Page Size") = 99999 objCommand.Properties("Timeout") = 600 objCommand.Properties("Cache Results") = False Set objRecordSet = objCommand.Execute objRecordSet.MoveFirst Do Until objRecordSet.EOF strDN = objRecordSet.Fields("distinguishedName") 'write user DN to screen for debug purpose 'Wscript.StdOut.WriteLine strDN 'part from original script set ObjUser = GetObject("LDAP://" & strDN) Set objsd = objUser.Get("ntSecurityDescriptor") Set dacl = objsd.DiscretionaryAcl Flag = 0 For Each ace In dacl strObjectType = "" 'to find out if YOURDOMAIN\passman_proxy has been assigned to the user if (ace.Trustee = "YOURDOMAIN\passman_proxy") Then 'output.WriteLine strDN Flag = 1 'Exit For End if Next 'if the QUF\passman_proxy was never found in the security of the user, write the user to the file if (flag=0) then output.WriteLine strDN End if objRecordSet.MoveNext Loop ' Clean up. objConnection.Close Set objConnection = Nothing Set objCommand = Nothing Set objRecordSet = Nothing -- Warren Simondson Ctrl-Alt-Del IT Consultancy Pty Ltd Website: http://www.ctrl-alt-del.com.au On Fri, Jan 14th, 2011 at 10:11 PM, James Scanlon <James.Scanlon@xxxxxxxxxxxxxxxx> wrote: > Anyone got a quick way to see who has signed up / registered for the > password manager self service? > Im assuming its some kind of script to see if the data exists in the AD > Account or something? > > Any assistance always very much appreciated :) > > James > > ______________________________________ > > C. Hoare & Co. is authorised and regulated by the Financial Services > Authority with registration no. 122093. The FSAâ??s address is 25, The > North Colonnade, Canary Wharf, London E14 5HS. > Registered in England no. 240822. Registered office 37 Fleet St, London, > EC4P 4DQ > > Confidentiality Disclaimer: > This message and attachments are confidential and may be privileged, and > are sent for the personal attention of the addressee(s). If you are not > the intended addressee, any use, disclosure or copying of this document is > unauthorised. Information transmitted by email may be intercepted, lost, > destroyed, corrupted or delayed and as a result, C. Hoare & Co. do not > accept responsibility for any errors or omissions in the contents of this > message. If you would like to confirm the contents of this email, please > request a hard copy version. > > If the contents of this message are of a personal nature, the email will > have been sent in a personal capacity and not on behalf of C. Hoare & Co. > > Monitoring/Viruses: > C. Hoare & Co. may monitor all incoming and outgoing emails in line with > current legislation. Although emails are screened for viruses, C. Hoare & > Co. cannot guarantee that any transmissions will be virus free. > ________________________________________ > > ************************************************ For Archives, RSS, to Unsubscribe, Subscribe or set Digest or Vacation mode use the below link: //www.freelists.org/list/thin Follow ThinList on Twitter http://twitter.com/thinlist ************************************************