List of Local/Domain grp members

Discussion in 'Scripting' started by nothing_zero, Aug 29, 2003.

  1. nothing_zero

    nothing_zero Guest

    Hi Experts, appr if you are able to help. I am in need of
    a tool that can help me to list all members in a grp. My
    servers are NT 4 & WIn2k. TQ
     
    nothing_zero, Aug 29, 2003
    #1
    1. Advertisements

  2. Here you go.

    Might be more than you want, but I just copied and pasted
    the script I wrote. Copy and paste it into an text editor
    before trying to read it.

    On Error Resume Next


    'Set Log File Name
    LogFileName = "c:\EnumGroup.log"

    'Set File Constants
    Const ForReading = 1
    Const ForWriting = 2
    Const ForAppending = 8

    'Setting the Arguments
    Set objArgs = Wscript.Arguments
    If ObjArgs.Count = 1 Then
    Arg1 = objArgs(0)
    Else
    wscript.echo "Please specify all required arguments.
    Run this script again "
    wscript.echo "with a /? as the first argument to see
    the help file"
    Wscript.Quit
    End If


    'Dictionary object to track group membership.
    Set objMemberList = CreateObject("Scripting.Dictionary")
    objMemberList.CompareMode = vbTextCompare


    'Checking if Help file is needed
    HELP = 0

    If Arg1 = "help" Then HELP = 1
    If Arg1 = "/?" Then HELP = 1
    If Arg1 = "?" Then HELP = 1

    ' Doubles as Help document and Purpose of script REMARKS
    If HELP = 1 then

    wscript.echo " ******************************"
    wscript.echo " * Script: EnumGroup.vbs"
    wscript.echo " * Creation Date: 4-7-2003"
    wscript.echo " * Author: Ron Rosenkoetter"
    wscript.echo " * E-mail:
    "
    wscript.echo " *"
    wscript.echo " * Description: This script will take
    a group as"
    wscript.echo " * as an argument and will list its
    members "
    wscript.echo " * including sub groups and their
    members"
    wscript.echo " *"
    wscript.echo " * Note: Group name must match
    exactly. Use"
    wscript.echo " * FindGroup.vbs to find a group
    name using"
    wscript.echo " * a string fragment"
    wscript.echo " *"
    wscript.echo " * Usage: EnumGroup.vbs [groupname]"
    wscript.echo " *"
    wscript.echo " * Example: EnumGroup.vbs -LKSOVE-0001-
    D-HelpDesk"
    wscript.echo " *"
    wscript.echo " ******************************"

    Wscript.Quit
    End If


    'Set Option Variables
    GroupName = Arg1

    'Set text file to hold the list of all user names
    UserListFile = "c:\" & GroupName & ".txt"

    'Create the File System Object
    Set objFSO = CreateObject("Scripting.FileSystemObject")

    'Open a log file for printing results
    Wscript.Echo "Opening Log File for writing"
    Set LogFile = objFSO.OpenTextFile
    (LogFileName,ForWriting,True)
    If Err.Number <> 0 then
    Wscript.Echo "Unable to open the " & LogFileName
    Wscript.Quit
    End If

    'Open a text file to hold the final list of user names
    Wscript.Echo "Opening User List File for writing"
    Set objUserList = objFSO.OpenTextFile
    (UserListFile,ForWriting,True)
    If Err.Number <> 0 then
    Message "Unable to open the " & UserListFile
    Wscript.Quit
    End If

    'Get Domain name
    Set RootDSE = GetObject("LDAP://rootDSE")
    Domain = RootDSE.Get("DefaultNamingContext")

    'Searching Active Directory
    'Create the Connection object and open it
    Set objConnection = CreateObject("ADODB.Connection")
    objConnection.Open "Provider=ADsDSOObject;"

    'Create the Command object and set its ActiveConnection
    to the Connection object
    Set objCommand = CreateObject("ADODB.Command")
    objCommand.ActiveConnection = objConnection

    'Set the CommandText property of the Command object.
    Start at the domain level, and
    'pull back a list of every group's name and distinguished
    name
    objCommand.CommandText = _
    "<LDAP://" & Domain & ">;(&(objectCategory=Group)
    (name=" & GroupName & "));" & _
    "name,ADsPath;subtree"

    'To search for more than 1000 records, add the following
    line. This will return ALL objects
    'in the search.
    objCommand.Properties("Page Size")=1000

    'Sort the Record Set
    objCommand.Properties("Sort On") = "Name"


    'Execute the Command and place the results in the
    RecordSet object
    Message vbCrLf & "===================="
    Message "Group Name: " & GroupName
    Set objRecordSet = objCommand.Execute
    CheckForErrorQuit


    'Check to see if the Group Name was found (If the
    RecordSet is empty, it will
    'already be at the EndOfFile. If not, then there must be
    a record inside).
    If objRecordSet.EOF Then
    Message " " & GroupName & " was not found in " &
    Domain

    'we must have a RecordSet containing the Name, ADsPath,
    MemberOf, and member properties
    'of the single group specified.
    Else
    Do Until objRecordSet.EOF

    'Create a Group object
    Set objGroup = GetObject(objRecordSet.Fields
    ("ADsPath"))


    'Echo the Group's location in AD. ADsPath is
    LDAP://CN=<GroupName>,OU=<OU Name>, etc
    'To find the location, just remove the
    LDAP://CN=<GroupName> part. The 10 in the equation
    'below represents the LDAP://CN= part and the comma after
    the GroupName (11 characters)
    ADsPathLength = Len(objGroup.ADsPath)
    GroupNameLength = Len(objGroup.name)
    ADLocation = Right(objGroup.ADsPath,ADsPathLength -
    GroupNameLength - 11)
    Message "Location in AD: " & ADLocation & VbCrLf

    'Grab the list of groups this group is a member OF. These
    are returned as Distinguished
    'Names. Use split and drop the leading CN= to get just
    the name of each group. Use IsArray
    'to make sure the collection set isn't empty.
    Message " Member OF the following groups:"

    If IsArray(objGroup.memberof) Then
    For each ParentGroup in objGroup.memberof
    arrTemp = split(ParentGroup,",")
    TempLength = Len(arrTemp(0))
    Message " " & Right(arrTemp(0),TempLength -
    3)
    Next
    ElseIf objGroup.memberof = "" Then
    Message " None"
    Else
    arrTemp = split(objGroup.memberof,",")
    TempLength = Len(arrTemp(0))
    Message " " & Right(arrTemp(0),TempLength - 3)
    End If



    'Now get the members of the group using the
    EnumerateGroup subroutine
    Message vbCrLf & "Members: " & vbCrLf
    EnumerateGroup objGroup, " "

    'The subroutine returns a list of usernames in the
    Dictionary object.
    'Loop through the Dictionary object and write those names
    to the
    'objUserList text file.
    For Each Key in objMemberList.Keys
    objUserList.WriteLine Key
    Next


    objRecordSet.MoveNext
    Loop

    End If


    QuitProgram



    '#####################

    'Subroutine EnumerateGroup

    'Variables
    'objGroup - Group Object
    'strOffSet - Start with " ", and this script will
    indent
    ' all subgroups and users with
    additional " "

    'Returns
    'a list of all user names in the parent group and ALL
    'subgroups inside a Dictionary object called
    objMemberList.
    'This particular subroutine also outputs it's finding.
    'Modify the subroutine if you don't want that.

    'Requirements
    ' Dictionary object to track group membership.

    'objMemberList must be globally Dimensioned and created as
    'a Dictionary object in the parent script, and must not
    be used
    'anywhere else in the parent script or its other
    subrountines

    'Set objMemberList = CreateObject("Scripting.Dictionary")
    'objMemberList.CompareMode = vbTextCompare



    Sub EnumerateGroup(objADGroup, strOffset)

    For Each objMember In objADGroup.Members

    If UCase(Left(objMember.objectCategory, 8))
    = "CN=GROUP" Then
    Message strOffset & objMember.sAMAccountName
    & " (Group)"
    Call EnumerateGroup(objMember, strOffset & " ")
    Else
    If Not objMemberList(objMember.sAMAccountName)
    Then
    objMemberList(objMember.sAMAccountName) = True
    Message strOffset & objMember.DisplayName
    Else
    Message strOffset & objMember.DisplayName & "
    (Duplicate)"
    End If
    End If

    Next


    End Sub


    '#####################











    '#############################

    'Function CheckForErrorQuit

    Function CheckForErrorQuit()
    If Err.Number <> 0 then
    Message "Error #" & Err.Number & " - " &
    Err.Description
    CheckForErrorQuit = Err.Description
    QuitProgram
    End If
    End Function

    '#############################

    'Function CheckForErrorClear

    Function CheckForErrorClear()
    If Err.Number <> 0 then
    Message "Error # " & Err.Number & " - " &
    Err.Description
    CheckForErrorClear = Err.Description
    Err.Clear
    End If
    End Function

    '#############################

    'Subroutine Message

    Sub Message (Text)
    Wscript.Echo Text
    LogFile.WriteLine Text
    End Sub

    '#############################

    'Subrountine QuitProgram

    Sub QuitProgram

    LogFile.Close

    Wscript.Echo " "

    Wscript.Echo "********************************************
    ********"
    Wscript.Echo "* Use notepad " & LogFileName & " to
    see a log of these results"

    Wscript.Echo "********************************************
    ********"

    Wscript.Echo " "

    Wscript.Echo "********************************************
    ********"
    Wscript.Echo "* Use notepad " & UserListFile & " to
    see a list of all"
    Wscript.Echo "* user names associated with this group
    and its subgroups"

    Wscript.Echo "********************************************
    ********"

    Wscript.Quit

    End Sub

    '############################
     
    Ron Rosenkoetter, Aug 30, 2003
    #2
    1. Advertisements

Ask a Question

Want to reply to this thread or ask your own question?

You'll need to choose a username for the site, which only take a couple of moments (here). After that, you can post your question and our members will help you out.