Show and list members (display name) of ADUC Global Security Groups

[EricSnijders1]

Hi,

To start with, im new in here so i hope i'm asking the right question(s) in the right place.

Allso, i'm not a programmar. Which is allso the reason i came here.

What i would like is the following:
- A VBscript that could list names of Global Security groups, and allso list the members (in Display Names) of that group.

To be more specific. The Global Security groups are all build in the same structure. The name of the groups are as followed: GL-<IdentifierName>-<Variable>.

Example:
GL-XX-Folder1
GL-YY-Folder2
GL-ZZ-Folder3

What i would like is a script that asks me for the "IdentifierName" (XX, YY, ZZ, etc.) and lists all the Variables of the GL group of this Identity (but not showing the GL-<IdentifierName> part.
I'm not sure how i can explain it exactly, but maybe with the following Example it will be more clear:

- I start the script
- Script asks me for the "IdentifierName", in which i'll type something like "XX", "YY", "ZZ" etc.
- The script will look in Active Directory for all Global Security groups starting with GL-XX.
- The script will only list the last part (Variable) of the security group
- The script will list the members (in display names) of that Security Group.

Is this possible?
I hope i provided enough information, and i would be glad to provide more info if needed.

 

[MasterRacker]

This is one I did to list groups and the number of members in each group. Shouldn't be to hard to modify for what you need.

'===============================================================================
' NAME: ListSecGroups.vbs
' AUTHOR: Ano Nymous
' DATE: 05/22/2009
' DESCRIPTION: 
'     Connect to ActiveDirectory and list security groups
'     The information is logged to the specified file in CSV format.
' Based on code originally found at:
' [URL unfurl="true"]http://windowsitpro.com/article/articleid/94040/how-can-i-use-vbscript-to-return-all-the-groups-in-my-domain-returning-distinguishedname-samaccountname-group-scope-and-type-in-csv-format.html[/URL]
'===============================================================================

On Error Resume Next
Dim objConnection, objCommand, objRootDSE, strDNSDomain
Dim strFilter, strQuery, objRecordSet, groupType
Dim FSO, outFQN, memCnt

'----- Check command line for output file
if Wscript.Arguments.Count < 1 then
	Wscript.echo ("USAGE: ListSecGroups <logfile>")
	Wscript.Quit
end if

'========================= Logfile Initialization	- Start
outFQN  = Wscript.Arguments(0)
set FSO = WScript.CreateObject("Scripting.FileSystemObject")

'----- If the output file does not exist, create it
if not FSO.FileExists(outFQN) then
   set outFile = FSO.CreateTextFile(outFQN)
end if
set outFile = nothing

'----- Open file for append
const ForAppending = 8
set outFile = FSO.OpenTextFile (outFQN, ForAppending, true)
'========================= Logfile Initialization	- End

'----- Set up AD Connection
Set objConnection = CreateObject("ADODB.Connection")
objConnection.Provider = "ADsDSOOBject"
objConnection.Open "Active Directory Provider"

Set objRootDSE = GetObject("LDAP://RootDSE")

'----- Build LDAP Query
strDNSDomain = objRootDSE.Get("defaultNamingContext")
strBase = "<LDAP://" & strDNSDomain & ">"
strFilter = "(&(objectCategory=group))"
strAttributes = "distinguishedName,sAMAccountName,groupType"
strQuery = strBase & ";" & strFilter & ";" & strAttributes & ";subtree"

'----- Build ADO Command 
Set objCommand = CreateObject("ADODB.Command")
Set objCommand.ActiveConnection = objConnection
objCommand.CommandText = strQuery
objCommand.Properties("Page Size") = 99999
objCommand.Properties("Timeout") = 300
objCommand.Properties("Cache Results") = False

'----- Execute query and process result set
Set objRecordSet = objCommand.Execute
objRecordSet.MoveFirst
Do Until objRecordSet.EOF
    strDN = objRecordSet.Fields("distinguishedName")
    strSA = objRecordSet.Fields("sAMAccountName")
	
    groupType = objRecordSet.Fields("groupType")
    If (groupType And &h80000000) <> 0 Then
		dName = objRecordSet.Fields("distinguishedName")
		if InStr (dName, "OU=Security Groups") <> 0 then
			memCnt = CountMembers(strDN)
			outFile.WriteLine ( """" & dName & """," & objRecordSet.Fields("sAMAccountName") & "," & memCnt )
		end if
	End If
    objRecordSet.MoveNext
Loop

'----- Clean up.
objConnection.Close
Set objConnection = Nothing
Set objCommand = Nothing
Set objRootDSE = Nothing
Set objRecordSet = Nothing
outFile.Close
Wscript.Quit

Function CountMembers(gDN)
dim mCnt
    Set objGroup = GetObject("LDAP://" & gDN)
    objGroup.GetInfo
    arrMemberOf = objGroup.GetEx("member")
    
    For Each strMember in arrMemberOf
		mCnt = mCnt + 1
    Next
	CountMembers = mCnt -1     ' built-ins may show a member that the ad tool does not.
End Function
'================================= END OF FILE =================================

Jeff
[small][purple]It's never too early to begin preparing for [/purple]International Talk Like a Pirate Day
"The software I buy sucks, The software I write sucks. It's time to give up and have a beer..." - Me[/small]