A recent email stated: “My computer isn’t working!” I had several immediate thoughts. First, no one ever emails just to say hi. Second, what computer is this person using?[note]It’s not like we support several thousand machines…[/note] So I modified a script that David Lee provided me many years ago. It now queries AD for the username and current computer of any internal person when they email me. This information appears between the full name and subject of the email when using Office Outlook.
To get this information into Outlook, we have to do two things. First, we need to know the computer that a user is using. Second, we need to add a custom field to Outlook and query Active Directory.
Writing the Current Logged in Computer to an AD User Attribute
When an email arrives from an internal user, an Outlook macro looks at an AD user attribute to see the current computer name. I have written about this method a few times before, specifically where a logon script writes the current username to the ManagedBy (or Description) attribute of a computer account. In this case, we will write to an attribute on the user’s account instead of the computer’s account.
First, download this .vbs text file and remove the .txt extension. Open the SetextensionAttribute2.vbs file in notepad. On the second to last line, you will see that the Computername value is written to extensionAttribute2 of the current user. This is sometimes called Custom Attribute 2. If you already use this attribute, change this line and replace any extensionAttribute2 references in the macro that is attached in the next section.
You can test this script by running it manually on your computer. After running it, open Active Directory Administrative Center – find your user – click Extensions – click on Attribute Editor. Scroll down to extensionAttribute2. You should see your computer name listed.
Next, create/edit a GPO that is linked to your staff. Set this script to run as a logon script.
Finally, we need to allow staff to edit their extensionAttribute2 value. Right click on your staff OU in Active Directory Administrative Center and select Properties. Select Security – Advanced. Press Add.
- For the Principal value, enter SELF
- For the Type, leave it at Allow
- For Applies to, change this to Descendant User objects
- Scroll to the very bottom of the Permission Entry screen and press Clear all
- Scroll back up and find Read Custom Attribute 2 and Write Custom Attribute 2. Place a check next to both boxes. Press Ok and apply the permissions. When staff logon to their computer again, their computer name should appear under extensionAttribute2.
Using an Outlook Macro to Import Additional AD Information
Grab this .txt file and copy the contents. In Microsoft Office Outlook, press ALT + F11. This should open the Microsoft Visual Basic for Applications window. In the left side of the window, expand Project1 – expand Microsoft Outlook Object – double click on This Outlook Session. A new blank project window should open. Paste in the contents of the text file. Select File – Save. Your screen should now look like this picture:
Close the Microsoft Visual Basic for Applications window and then go to File – Options – Trust Center – Trust Center Settings. Select Macro Settings and select Notifications for all macros. Press ok and close Outlook Options.
Close Outlook and re-open it. You will receive a warning that you are loading the thisoutlooksession macro. Press enable macros.[note]You can also sign your macro with an internal code signing certificate for a bit more security.[/note]
In Outlook, select View – Add Columns. In the Show Columns window, change the Maximum number of lines in compact mode to 3. Still in the Show Columns window, change from Frequently-used fields to User-defined fields. Select Username and add it to the list on the right. Finally, move the Username column so that it is between the From column and Subject column. Press Ok.
New emails from internal addresses will now show a username value and a computer name value if the user is logged in.[note]If the user has logged out, this value is their last used computer.[/note] Office Outlook does need to be open when the email is received, or those values will not appear. If you have any questions, comments, or improvements – let me know!