Melody15914
MIS
I need to set up a query to show the users in a certain OU and what group/groups they are in.
Follow along with the video below to see how to install our site as a web app on your home screen.
Note: This feature may not be available in some browsers.
' DocumentGroups.vbs
' VBScript program to document all groups in Active Directory.
' Outputs group name, type of group, all members, and types of member.
' Lists all groups that are members, but does not list the nested group
' membership.
'----------------------------------------------------------------------
' Copyright (c) 2002 Richard L. Mueller
' Hilltop Lab web site - [URL unfurl="true"]http://www.rlmueller.net[/URL]
' Version 1.0 - November 10, 2002
' Version 1.1 - February 19, 2003 - Standardize Hungarian notation.
' Version 1.2 - March 11, 2003 - Remove SearchScope property.
' *** MODIFIED March 13, 2006 - Added HTML File Out, Addtional Group/User Properties
'
' This script is designed to be run at a command prompt, using the
' Cscript host. The output can be redirected to a text file.
' For example:
' cscript //nologo DocumentGroups.vbs > groups.txt
'
' You have a royalty-free right to use, modify, reproduce, and
' distribute this script file in any way you find useful, provided that
' you agree that the copyright owner above has no warranty,obligations,
' or liability for such use.
Option Explicit
Dim objConnection, objCommand, objRootDSE, strDNSDomain, strQuery
Dim objRecordSet, strDN, objGroup
Dim FileSystem, oFile
' Open Text File for Output
Set FileSystem = WScript.CreateObject("Scripting.FileSystemObject")
Set oFile = FileSystem.CreateTextFile("GroupMemebrshipNew.html", True)
oFile.writeLine "<HTML><HEAD><TITLE>Group Membership for MyDomain.com</TITLE><HEAD><BODY>"
oFile.writeLine "<h4><TABLE width=100% border=0 padding=0 cellspacing=0 valign=top>"
' Use ADO to search Active Directory.
Set objConnection = CreateObject("ADODB.Connection")
Set objCommand = CreateObject("ADODB.Command")
objConnection.Provider = "ADsDSOObject"
objConnection.Open "Active Directory Provider"
Set objCommand.ActiveConnection = objConnection
' Determine the DNS domain from the RootDSE object.
Set objRootDSE = GetObject("LDAP://RootDSE")
strDNSDomain = objRootDSE.Get("defaultNamingContext")
' Search for all groups, return the Distinguished Name of each.
strQuery = "<LDAP://" & strDNSDomain _
& ">;(objectClass=group);distinguishedName;subtree"
objCommand.CommandText = strQuery
objCommand.Properties("Page Size") = 100
objCommand.Properties("Timeout") = 30
objCommand.Properties("Cache Results") = False
Set objRecordSet = objCommand.Execute
If objRecordSet.EOF Then
Wscript.Echo "No groups found"
objConnection.Close
Set objRootDSE = Nothing
Set objConnection = Nothing
Set objCommand = Nothing
Set objRecordSet = Nothing
Wscript.Quit
End If
' Enumerate all groups, bind to each, and document group members.
Do Until objRecordSet.EOF
strDN = objRecordSet.Fields("distinguishedName")
Set objGroup = GetObject("LDAP://" & strDN)
' OUTPUT
oFile.writeLine "<TR>"
oFile.writeLine "<TD width=20% valign=top bgcolor=black><font color=white><strong><u>" & "Group Name:" &_
"</u></strong></font></TD><TD width=80% valign=top><strong>" &_
objGroup.SAMaccountName & "</strong></TD>"
oFile.writeLine "</TR><TR>"
oFile.writeLine "<TD valign=top bgcolor=black><font color=white><strong><u>" & "Distinguished Name:" &_
"</u></strong></font></TD><TD valign=top><strong>" &_
objGroup.distinguishedName & "</strong></TD>"
oFile.writeLine "</TR><TR>"
oFile.writeLine "<TD valign=top bgcolor=black><font color=white><strong><u>" & "Description:" &_
"</u></strong></font></TD><TD valign=top><strong>" &_
objGroup.description & "</strong></TD>"
oFile.writeLine "</TR><TR>"
oFile.writeLine "<TD valign=top bgcolor=black><font color=white><strong><u>" & "Type:" & "</u></strong></font></TD><TD valign=top><strong>" & GetType(objGroup.groupType) & "</strong></TD>"
oFile.writeLine "</TR>"
oFile.writeLine "<TR><TD valign=top bgcolor=black><font color=white><strong><u>Members:</font></TD><TD align=left valign=top>"
oFile.writeLine "<TABLE width=70% border=0 cellspacing=0 cellpadding=0>"
oFile.writeLine "<Tr>"
oFile.writeLine " <TD valign=top><strong><u> Name </u></strong></TD>"
oFile.writeLine " <TD valign=top><strong><u> Account </u></strong></TD>"
oFile.writeLine " <TD valign=top><strong><u> Type </u></strong></TD>"
oFile.writeLine "</Tr>"
Call GetMembers(objGroup)
oFile.writeLine "</TABLE>"
oFile.writeLine "</TD></TR>"
oFile.writeLine "<TR><TD COLSPAN=2><hr width=90%></TD></TR>"
objRecordSet.MoveNext
Loop
oFile.writeLine "</TABLE></BODY></HTML>"
msgBox "Done !!!"
' Clean up.
objConnection.Close
Set objRootDSE = Nothing
Set objGroup = Nothing
Set objConnection = Nothing
Set objCommand = Nothing
Set objRecordSet = Nothing
Function GetType(intType)
' Function to determine group type from the GroupType attribute.
If (intType And &h01) <> 0 Then
GetType = "Built-in"
ElseIf (intType And &h02) <> 0 Then
GetType = "Global"
ElseIf (intType And &h04) <> 0 Then
GetType = "Local"
ElseIf (intType And &h08) <> 0 Then
GetType = "Universal"
End If
If (intType And &h80000000) <> 0 Then
GetType = GetType & "/Security"
Else
GetType = GetType & "/Distribution"
End If
End Function
Sub GetMembers(objADObject)
' Subroutine to document group membership.
' Members can be users or groups.
Dim objMember, strType
For Each objMember In objADObject.Members
If UCase(Left(objMember.objectCategory, 8)) = "CN=GROUP" Then
strType = "Group"
Else
strType = "User"
End If
' OUTPUT
oFile.writeLine "<TR>"
oFile.writeLine "<TD valign=top>" & objMember.displayName & _
"</TD><TD valign=top>" & objMember.SAMaccountName & _
"</TD><TD valign=top>" & strType & "</TD>"
oFile.writeLine "</TR>"
' Wscript.Echo " Member: " & objMember.sAMAccountName & " (" & strType & ")"
Next
Set objMember = Nothing
End Sub