Getting Email List from Windows Domain

David C.M. Weber david.weber at BACKBONESECURITY.COM
Fri Feb 25 15:20:25 GMT 2005


A day late, but I had problems w/ my configuration.

On the windows side, I have an ASP script which I installed on my
Exchange box, and made a virtual IIS directory.  I named the file,
default.asp.  Here are the contents:

---------Start File--------------
<%
' Written by David CM Weber (rotinom at gmail dot com)
' This code is freely distributable
'
' This script (when used with the appropriate client portion) will allow
a 
' sendmail/Linux box to retrieve all valid email addresses within an
Exchange
' organization.  It will then place them into a format appropriate for
sendmail
' to use as an access list

' Start of the "main" function

        ' All this does, is essentially access the Active Directory via
LDAP, and get
        ' a handle to the tree, so that objects can be examined and
iterated through.
        Dim rootDSE, domainObject
        Set rootDSE = GetObject("LDAP://RootDSE")
        domainContainer = rootDSE.Get("defaultNamingContext")
        Set domainObject = GetObject("LDAP://" & domainContainer)
	
        ' Export the users
        ExportEmail(domainObject)

' End of the "main" function


' This is the guts of the whole program. This will recursively 
' search the entire active directory tree, and print out emails
' which are associated with either user objects, or group objects

' oObject will either be an Organizational Unit (OU) or a Container
Sub ExportEmail(oObject)
        Dim oUser
	
        ' iterate through each sub-object in this object
        For Each oUser in oObject
                Select Case oUser.Class
        	
                        ' Is it a user object?
                        Case "user"
                	
                                ' Just verify that it is a user w/ an
email box
                                If oUser.mail <> "" then

                                        for each email in
oUser.proxyAddresses 
                                                print_email(email)
                                        next            	
                                End if 
                	
                        'Is it a group object?
                        Case "group"
                	
                                ' Verify whether it is a mail-enabled
group
                                If oUser.mailNickname <> "" then

                                        for each email in
oUser.proxyAddresses 
                                                print_email(email)
                                        next            	
                                End if
                	
                        ' If it is an OU or a container
                        Case "organizationalUnit" , "container"
                                ' Check to see if there are any users or
groups in the 
                                ' container
                                If UsersGroupsinOU (oUser) then 
                                        ' Call the ExportEmail function
recursively
                                        ExportEmail(oUser)
                                End if 
                End select
        Next
End Sub

' This function will print out an email address stored in an objects
"proxyAddresses" fields
Function print_email(email)
        ' We are only interested in SMTP email addresses. Not X400,
MSMail, etc.  
        ' So, we only parse the SMTP addresses
        if Instr(email, "SMTP:") <> 0  or Instr(email, "smtp:") <> 0
then
                dim n, e
                ' locate the ":"
                n = InStr(1, email, ":", 1)
        	
                ' Cut off everything to the right of the ":"
                e = Right(email, Len(email) - n)	
        	
                'Write the results to the HTML document.  The format is:
                ' email at address.com <tab> <tab> ACCEPT <LF>
                ' in an attempt to make it semi-legible.
                response.write("To:" & e & Chr(9) & Chr(9) & "RELAY" &
Chr(10))                        	
        end if
end function


' This function determines whether there is an object of interest within
a 
' container/OU object.  Objects of interest are:
'       OU's
'       Containers
'       Groups
'       Users
'
' OU's and Groups will cause a recursive call to the function, whereas a

' group or user will simply return an affirmative (true) result.
Function UsersGroupsinOU (oObject)
        Dim oUser
        UsersGroupsinOU = False
        for Each oUser in oObject 
                Select Case oUser.Class
                        Case "organizationalUnit" , "container"
                                UsersGroupsinOU = UsersGroupsinOU(oUser)
                        Case "user"
                                UsersGroupsinOU = True
                        Case "group"
                                UsersGroupsinOU = True
                End select
        Next
End Function

%>

----------End File--------------

This works with a linux bash script, which pulls this information down,
and formats it the way that the access file requires it.  It uses a
"access_header" file, to prepend any static information to the beginning
(such as the contents of your existing access file).  I set up a cron
job to run this script every 15 minutes.  See the defines at the
beginning of the script for any requirements that you may have.


-------Begin Linux Script------------

#gen_email.sh
#
# Written by David CM Weber (rotinom at gmail dot com)
# This code is freely distributable
#
# This will generate an access file based on email addresses
# found on an exchange "back end" server.
#
# Please see the companion script for the exchange
# server portion.


# The location of the companion asp script (on some windows domain
controller)
email_http_location="https://exchange_server_name/EmailList/default.asp"

# the name of the file that you are downloading
dl_filename="/etc/mail/update/default.asp"

# the name of the "old" file that you wish to use (for caching of email
addresses)
dl_filename_old="/etc/mail/update/default.asp.old"

# Location of the access file (usually /etc/mail/access)
access_file="/etc/mail/access"

# location of the access.db file (usually /etc/mail/access/access.db)
access_db="/etc/mail/access.db"

# Location of the old "real" access file.  Use this to add manual
"blacklists"
# and to make otherwise static changes to the access file
access_header="/etc/mail/access_header"

# Warning to put at the top of the created access file
header_warning="#*** WARNING! DO NOT EDIT THIS FILE DIRECTLY!
***\n#Instead, edit $access_header to make your changes\n\n\n"

# Separator to place between the static & dynamic content of the access
file
separator="\n\n# --- BEGIN ADDRESSES AUTOMATICALLY GATHERED FROM
EXCHANGE SERVER ---"


# ------------ Begin Script --------------

# Retrieve the asp results
wget -O $dl_filename $email_http_location &> /dev/null

# compare the old & new email list
cmp $dl_filename $dl_filename_old  &> /dev/null

if [ $? -eq 0 ]         # Test exit status of "cmp" command.
then
  # No changes to the email file
  exit
else
  # General note: > overwrites a current or createsa new file,
  # and >> appends an existing one

  # Insert the warning text
  echo -e $header_warning > $access_file

  # Insert the static content
  cat $access_header >> $access_file

  # Insert the separator
  echo -e $separator >> $access_file

  # Insert the dynamic content
  cat $dl_filename >> $access_file

  # Move the new content over the old content
  mv -f $dl_filename $dl_filename_old &> /dev/null

  # Create the access.db file based on the access file
  makemap hash $access_db < $access_file
Fi

----------End Linux Script---------------------

------------------------ MailScanner list ------------------------
To unsubscribe, email jiscmail at jiscmail.ac.uk with the words:
'leave mailscanner' in the body of the email.
Before posting, read the MAQ (http://www.mailscanner.biz/maq/) and
the archives (http://www.jiscmail.ac.uk/lists/mailscanner.html).

Support MailScanner development - buy the book off the website!




More information about the MailScanner mailing list