Nested Groups ... multiple domains

Discussion in 'Active Directory' started by Mark, Nov 10, 2005.

  1. Mark

    Mark Guest

    Hi All,

    I need to find something that will show me the members and nested members of
    distribution groups in AD. I found a script that does this here
    http://www.windowsitpro.com/WindowsScripting/Article/ArticleID/41500/41500.html
    Don't think any of my users know what a distinguished name is so I have
    modified the script a little bit so that they just have to type in the CN of
    the group ... see below. My problem is that this works fine for one domain
    but we have 5 domains in our tree. Can someone help me get this script to
    check for the group in one; If it fails ... to then move onto the next
    domain. Either that or if you now an app\script that connects to Outlook and
    does a similar thing. Any help would be very much appreciated.

    Thanks,

    Mark

    -----------------------------------------------------------------------

    option explicit
    Dim objRootDSE, strGroupDN, GroupMembers
    Dim strGroup, strSearchDN, objFs, Txtfile
    Set objFs = CreateObject("Scripting.FileSystemObject")
    Set Txtfile = objFs.CreateTextFile("c:\Nested_Group_Members.txt", True)
    set objRootDSE = GetObject("LDAP://RootDSE")
    strSearchDN = ",OU=Groups," & objRootDSE.Get("defaultNamingContext")
    strGroup = InputBox("Enter the Group Name you would like to audit", "Nested
    Groups Audit", "Group Name Here")
    If strGroup = "" or strGroup = "Group Name Here" Then
    Msgbox "You have not entered a value or Cancelled ... Bye !! ", vbOKonly +
    vbcritical, strTitle
    Wscript.Quit
    End If
    strGroupDN = "CN=" & strGroup & strSearchDN
    Txtfile.WriteLine "Members of " & strGroupDN
    Txtfile.WriteBlankLines 1
    set GroupMembers = CreateObject("Scripting.Dictionary")
    DisplayMembers "LDAP://" & strGroupDN, " ", GroupMembers
    Wscript.Echo "Done !!"

    Function DisplayMembers (strGroupDN, strSpaces, GroupMembers)
    Dim objGroup, objMember
    set objGroup = GetObject(strGroupDN)
    for each objMember In objGroup.Members
    Txtfile.WriteLine "" & objMember.Get("cn")
    if objMember.Class = "group" then
    if GroupMembers.Exists(objMember.ADsPath) then
    'Wscript.Echo strSpaces & " ^ already seen group member " & "(stopping to
    avoid loop)"
    else
    GroupMembers.Add objMember.ADsPath, 1
    DisplayMembers objMember.ADsPath, strSpaces & " ", GroupMembers
    end if
    end if
    next
    End Function

    -----------------------------------------------------------------------
     
    Mark, Nov 10, 2005
    #1
    1. Advertisements

  2. Mark

    Mark Guest

    Used Outlook Object model to connect to the GAL ... sorted !

    -----------------------------------------------------------------------

    Option Explicit
    Dim Outlook, objNS, objGAL, objFS, Txtfile, dicSeenMember
    Dim strTitle, strDL
    Set Outlook = CreateObject("Outlook.Application")
    Set objNS = Outlook.GetNameSpace("Mapi")
    Set objGAL = objNS.Addresslists("Global Address List")
    Set objFs = CreateObject("Scripting.FileSystemObject")
    Set Txtfile = objFs.CreateTextFile("c:\DL_Nested_Group_Members.txt", True)
    set dicSeenMember = CreateObject("Scripting.Dictionary")
    strTitle = "Nested Group Audit"

    strDL = InputBox("Please Enter the Distribution Group you would like to
    audit", strTitle, "RSA Group Name Here")
    If strDL = "" or strDL = "Group Name Here" Then
    Msgbox "You have not entered a value or Cancelled ... Bye !! ", vbOKonly +
    vbcritical, strTitle
    Wscript.Quit
    End If

    Export strDL, dicSeenMember
    wscript.echo "Done !!"
    wscript.quit

    Function Export (strDL, dicSeenMember)
    Dim objEntry, objMember, strExchDNold, x, y, strExchDN
    For Each objEntry in objGAL.AddressEntries
    if objEntry.Name = strDL then
    'wscript.echo "Found it and Processing " & strDL
    if objEntry.displaytype = 0 then
    Msgbox "You have not typed the name of a Group ... Bye !! " & vbcrlf &
    vbcrlf & _
    objEntry.Name & " has a displaytype of " & objEntry.displaytype, vbOKonly +
    vbcritical, strTitle
    Wscript.Quit
    End If
    for each objMember in objEntry.Members
    if objMember.displaytype = 1 then
    if dicSeenMember.Exists(objMember.address) then
    ' If statement to avoid loop
    else
    dicSeenMember.Add objMember.address, 1
    Export objMember.name, dicSeenMember
    end if
    else
    strExchDNold = objmember.address
    x = 0
    Do While true
    y=instr(x+1, strExchDNold, "=")
    if y=0 then
    exit do
    end if
    x=y
    Loop
    strExchDN = Right(strExchDNOld, Len(strExchDNOld)-x)
    strExchDN = strExchDN & "@<smtp-domain-here>"
    Txtfile.WriteLine "" & strExchDN
    end if
    next
    end if
    next
    End Function

    -----------------------------------------------------------------------
     
    Mark, Jan 7, 2006
    #2
    1. Advertisements

Ask a Question

Want to reply to this thread or ask your own question?

You'll need to choose a username for the site, which only take a couple of moments (here). After that, you can post your question and our members will help you out.