查询GC得到森林里主域和子域的帐号

目前整个域内的帐号有近50万，10个子域，一个跟域，想导出账号出来不是件容易的事，并且LDAP查询策略的限制，只能一个OU一个OU的去导，因此写了这样的一个程序，便利GC的所有OU，逐层去读取帐户

Set rootDSE = GetObject("http://www.cnblogs.com/buyimozi/admin/ldap://rootDSE/")
BaseDN = rootDSE.Get("defaultNamingContext")
DC= replace(BaseDN,"DC=",",")
DC= replace(DC,",,",".")
DC=right(DC,len(DC)-1)

Set objConnection = CreateObject("ADODB.Connection")
objConnection.Provider = "ADsDSOObject"
objConnection.Open "Active Directory Provider"
Set objCommand = CreateObject("ADODB.Command")
Set objCommand.ActiveConnection = objConnection
Set objCommand1 = CreateObject("ADODB.Command")
Set objCommand1.ActiveConnection = objConnection
on error resume next
wscript.echo "Begin:"

objCommand.CommandText = "<GC:// "& DC & "/"    & BaseDN & ">;(&(|(objectclass=organizationalUnit)(objectclass=Container)(objectclass=domain)));name,distinguishedName,ADsPath;onelevel"
 Set objRecordSetTop = objCommand.Execute
 If Err.number<>0 Then
 MsgBox "没有找到ou"  & TARGET_OU
 End If

 If objRecordSetTop.RecordCount>0 Then'顶层OU
 Do Until objRecordSetTop.EOF
  objectname=objRecordSetTop.Fields("name")
  distinguishedName=objRecordSetTop.Fields("distinguishedName")
  ADsPath= objRecordSetTop.Fields("ADsPath")   
       searchChildOU  distinguishedName    
  objRecordSetTop.MoveNext
 Loop
Else
 wscript.echo "<GC:// "& DC & "/"    & BaseDN  & " IS NULL"
End If
 
wscript.echo "总计输出账号为:" & i

Function searchChildOU(OUdistinguishedName)
OUdistinguishedName=replace(OUdistinguishedName,"/","\/")'将“/”做转换
 objCommand.CommandText = "<GC://" & DC & "/" &   OUdistinguishedName  & ">;(&(|(objectclass=organizationalUnit)(objectclass=Container)));cn,distinguishedName,ADsPath;onelevel"
 outputInformation  "GC://" & DC & "/" & OUdistinguishedName,outputFilePath  '导出当前OU下的账户
    Set objRecordSet = objCommand.Execute
 If objRecordSet.RecordCount>0 Then
  Do Until objRecordSet.EOF
   searchChildOU  objRecordSet.Fields("distinguishedName")'此处用到递归查找OU的方法
   objRecordSet.MoveNext
  loop
 End If
End Function
Function outputInformation(adspath,outputFilePath)
'根据OU的adspath导出该OU下的所有账号信息
Set OU = GetObject(adspath)
OUdistinguishedName=OU.distinguishedName
OUdistinguishedName=replace(OUdistinguishedName,"/","\/")
Wscript.Echo    "导出:" & OUdistinguishedName    
    Set adoCommand = CreateObject("ADODB.Command")
                                Set adoConnection = CreateObject("ADODB.Connection")
                                adoConnection.Provider = "ADsDSOObject"
                                adoConnection.Open "Active Directory Provider"
                                adoCommand.ActiveConnection = adoConnection
                                strBase = "<GC://" & DC & "/" &   OUdistinguishedName  & ">"
                                strFilter = "(&(objectCategory=person)(objectClass=user))"
                                strAttributes = "distinguishedName,ADsPath,lastLogonTimeStamp" & ";onelevel"
                                strQuery = strBase & ";" & strFilter & ";" & strAttributes
                                adoCommand.CommandText = strQuery
                                adoCommand.Properties("Page Size") = 10000000
                                adoCommand.Properties("Timeout") = 60
                                adoCommand.Properties("Cache Results") = False
                                Set adoRecordset = adoCommand.Execute
                                Do Until adoRecordset.EOF
                                   On Error Resume Next
                                    adspath=adoRecordset.Fields("adspath")
                                    ShowMSG  adspath
                                 adoRecordset.MoveNext
        i=i+1
                                Loop
End function