This is what happened to me on one fine day. An Executive Admin complaints that she was getting Exchange mail delivery notices and bounced mails (NDRs) from an unknown user.
She said it’s pretty annoying that she sends mails to bunch of users and gets bounced mails from some unknown (or long gone) users. I assured her that I will find out the issue and solution.
I laid back with my tea and thinking about the issue. If she sends mails to someone, but she gets NDRs (delivery notices in other cases) from a user who was not in TO or CC or BCC list. I know that Outlook Delegates are gets mails and meeting requests behalf of whoever delegated. I finished my last sip of tea and said myself, That is it. "Delegates".
I started wondering about how to find out if anyone is delegated to someone else or not. After a few Live and Google search, I found out Active Directory stores the delegates and delegated users list in User properties. The following properties has the list of delegates,
publicDelegates
publicDelegatesBL
I wrote a script to find out who’s delegated to whom. I ran my script against the "bunch of users" given by Admin. Voila!!! I found the list of delegates, made some phone calls and fixed the issue. I informed the admin with the details and she praised "IT is great!!!" as always.
If you are the guy who is sipping your coffee or tea like me thinking about the same issue, Help is on the way here in this blog.
1. Manual Lookup of delegates
1. Open the ADSIEdit.msc by typing it in Start –> Run.
2. Expand Domain [domain name] container and find the user you want to check
3. Right click on the User and select "Properties"
4. Find publicDelegates and publicDelegatesBL properties and check the value
2. Use my Script to find out the delegates
Copy and Paste the following script in Notepad and save as "Delegates.vbs" to an known location.
Open Command prompt, go the directory where you saved the Delegates.vbs file.
Run "CScript Delegates.vbs <UserAccountName>"
e.g., CScript Delegates.vbs JDoe
CScript Delegates.vbs BGates
If you find what you looking for, Thank me.
‘*****************************************************************************
‘*****************************************************************************
‘********* DELEGATES.VBS **********
‘********* Parameters: Active Directory User Account Name **********
‘********* **********
‘********* This script displayes User X’s Delegates and who else is **********
‘********* delegated to User X in Exchagne 2000/2003 via Outlook. **********
‘********* **********
‘********* Usage: Cscript Delegagtes.vbs JDoe **********
‘********* **********
‘********* Written By: Anand Venkatachalapathy **********
‘*****************************************************************************
‘*****************************************************************************
Dim rootDSE ‘LDAP Direcotry Services Object
Dim DomainContainer ‘Currently logged On Domain
Dim conn ‘ADODB connection object
Dim sUID ‘Account Name from command line parameter
Dim ldapStrUsers ‘LDAP Query
Dim rs1 ‘LDAP Query Result Set
Dim FoundObject ‘LDAP Query Result value
Dim objArgs ‘Commmand line Arguments
‘Find the local logged on AD Domain name
Set rootDSE=GetObject("LDAP://RootDSE")
DomainContainer = rootDSE.Get("defaultNamingContext")
‘If you know your domain name, you may comment the above two lines and
‘Assign your domain name yourself. Uncomment the below line and change
‘the Domain name as below format
‘DomainContainer = "DC=local,DC=company,DC=com"
‘ Connect to Active Service Connection provder
Set conn = CreateObject("ADODB.Connection")
conn.Provider = "ADSDSOObject"
conn.Open "ADs Provider"
‘Get the command line parameter
Set objArgs = WScript.Arguments
If objArgs.Count = 0 Then
WScript.Echo "Invalid Arguments!! provide a user account name as below…"
WScript.Echo
WScript.Echo "CScript Delegates.vbs jdoe"
WScript.Quit
End If
sUID = objArgs(0)
‘Make a LDAP query string
ldapStrUsers = "<LDAP://" & DomainContainer & ">;(&(&(& (sAMAccountName=" & _
sUID & ") (| (&(objectCategory=*)(objectClass=*)) ))));adspath;subtree"
‘Run the Query
Set rs1 = conn.Execute(ldapStrUsers)
‘Loop through the result set
While Not rs1.EOF
Set FoundObject = GetObject (rs1.Fields(0).Value)
WScript.Echo FoundObject.CN
WScript.Echo "—————————————-"
‘Call the ListDelegates sub routine
ListDelegates "LDAP://" & FoundObject.distinguishedName, FoundObject.CN
rs1.MoveNext ‘Move to next result
Wend
‘Free up the memory
Set rs1=Nothing
Set conn = Nothing
Set rootDSE = Nothing
‘*****************************************************************************
‘********** Sub Routine: ListDelegates **********
‘********** Parameters: User’s AD Distinguished Name, Common Name **********
‘********** **********
‘********** This sub find the provided user’s delegates and others **********
‘********** delegated to the same user. Technically, it displays **********
‘********** PublicDelegates and PublicDelegatesBL values from the **********
‘********** Active Directory User Properties **********
‘*****************************************************************************
Sub ListDelegates(sDN, sCN)
Dim oUser ‘User Object
Dim objRecip ‘Dummy User Object
Set oUser = GetObject (sDN)
Set objRecip = oUser
WScript.Echo "Users Delegated to " & sCN
vDelegates = objRecip.publicDelegates
nDelegates = UBound(vDelegates)
If nDelegates > 0 Then
i = 0
Do While i <= nDelegates
WScript.Echo vDelegates(i)
i = i + 1
Loop
End If
WScript.Echo sCN & " delegated to these users "
vDelegates = objRecip.publicDelegatesBL
nDelegates = UBound(vDelegates)
If nDelegates > 0 Then
i = 0
Do While i <= nDelegates
WScript.Echo vDelegates(i)
i = i + 1
Loop
End If
objRecip = Nothing
oUser = Nothing
End Sub
Anand, the Architect 