→ 🚀What's New? Explore Lansweeper's Fall 2024 Updates! Fall Launch Blog !

cancel
Showing results for 
Show  only  | Search instead for 
Did you mean: 
Arron
Engaged Sweeper II
Hello,

I would like to know is it possible to pull custom attributes from AD, we plan on using Microsoft LAPS. This will ultimately store the computers local admin password in AD under 2 attributes. I would like to have these appear in LanSweeper against the asset?

Thanks,
Arron.
4 REPLIES 4
dhoward
Engaged Sweeper III
We are implementing LAPS over here as well, and would love to see the ability to have Lansweeper scan arbitrary attributes of computer objects within AD.
Gyorvari
Engaged Sweeper
Create a custom action, and use the following code to get LAPS password for your asset.







objToFind = WScript.Arguments.Item(0)
Set objShell = Wscript.CreateObject("Wscript.Shell")

ExecuteSearch = SearchDistinguishedName(objToFind)

Public Function SearchDistinguishedName(ByVal vSAN)

Const ADS_SCOPE_SUBTREE = 2
Dim oRootDSE, oConnection, oCommand, oRecordSet

Set oRootDSE = GetObject("LDAP://rootDSE")
Set oConnection = CreateObject("ADODB.Connection")
oConnection.Open "Provider=ADsDSOObject;"
Set objCommand = CreateObject("ADODB.Command")
objCommand.ActiveConnection = oConnection

ldstring = "'LDAP://" & oRootDSE.get("defaultNamingContext") & "'"

objCommand.CommandText = "Select Name, distinguishedName from "& ldstring & " where objectClass='computer'"

objCommand.Properties("Page Size") = 1000
objCommand.Properties("Timeout") = 30
objCommand.Properties("Searchscope") = ADS_SCOPE_SUBTREE
objCommand.Properties("Cache Results") = False
Set objRecordSet = objCommand.Execute
objRecordSet.MoveFirst
Do Until objRecordSet.EOF
If lcase(objRecordSet.Fields("Name").Value) = lcase(vSan) Then


Set objComputer = GetObject _
("LDAP://" & objRecordSet.Fields("distinguishedName").Value )

objProperty = objComputer.Get("ms-Mcs-AdmPwd")
If IsNull(objProperty) Then
objShell.Popup "The ms-Mcs-AdmPwd has not been set."
Else
objShell.Popup "Password sent to clipboard " & objToFind & ": " & objProperty
QuickClip(objProperty)
End If
'Wscript.Quit
End If
objRecordSet.MoveNext
Loop
End Function



Function QuickClip(input)
If IsNull(input) Then
With CreateObject("HTMLFile")
QuickClip = .parentWindow.clipboardData.getData("Text")
If IsNull(clip) Or IsEmpty(clip) Then : clip = "" : End If : End With
Else : With CreateObject("WScript.Shell")
.Run "mshta javascript:eval(""document.parentWindow.clipboardData.setData('text','" _
& Replace(Replace(input,"'","\\u0027"),"""", "\\u0022") & "');window.close()"")",0,True
End With : End If
End Function





Bruce_B
Lansweeper Alumni
We would indeed not recommend modifying the database by adding tables or fields as this can break your installation and prevent you from updating this installation in the future.

We currently have an active item on our customer wishlist for scanning more AD attributes, and will be scanning more AD attributes in a future Lansweeper release, at this moment we cannot yet provide an estimated release date for this.

As far as custom attribute scanning goes though, this is not yet planned to be added.
SouthySuper
Engaged Sweeper III
If you go to create a report and do not see those attributes available in tbladobjects then the answer is not yet. I have the same issue with other attributes not seen by LS. One post suggested modifying the database, but I think that is a bad idea as the next update will hose that work if not break lansweeper itself. Plus support would not be able to help you if you monkey with the DB.