I had what I thought was a simple VBscript to search AD for a user and see if they were part of an AD group. But. so far, I have been unsuccessfully trying to adapt it to see if a computer is part of an AD group. Our AD structure is pretty flat so I'm not worried about nested groups but I am concerned about finding the machine as its account can be in one of two very different places off the root of AD. The current script I have to search for a user and see if they're in a group (and which works very well) is:
Option Explicit
Dim domainName,userName,groupName,ADSPath,grouplistD,objRecordSet,objConnection,objCommand
Dim objUser,objGroup,scriptTitle
scriptTitle = "Check if User has Lab Access Enabled v.1"
domainName = "win.global.production.com"
groupName = "Legacy_Access_NA"
userName = InputBox ("== Check if User has Lab Access Enabled ==" & vbCrLf & vbCrLf & "Enter username to see if user has Lab access enabled, then press the OK button:" & vbCrLf,scriptTitle)
userName=trim(userName)
If userName = "" then Wscript.Quit
If IsMember(domainName,userName,groupName) Then
MsgBox "User '" & userName & "' DOES have Lab Access enabled.",,scriptTitle
Else
MsgBox "User '" & userName & "' DOES NOT have Lab Access enabled.",, scriptTitle
End If
WScript.quit
' *****************************************************
'This function checks if the given AD user is member of the given group.
Function IsMember(domainName,userName,groupName)
Set groupListD = CreateObject("Scripting.Dictionary")
groupListD.CompareMode = 1
ADSPath = domainName & "/" & userName
Set objUser = GetObject("WinNT://" & ADSPath & ",user")
For Each objGroup in objUser.Groups
groupListD.Add objGroup.Name, "-"
Next
IsMember = CBool(groupListD.Exists(groupName))
End Function
' *****************************************************
Is there any tweak I'm missing to make this search for a computer and see if it's in a group rather than doing the same for a user account like it's doing now?
Thanks for any insight you can provide. I've been going in circles for weeks now, trying every script I can find on the internet to do this and having little luck.
Option Explicit
Dim domainName,userName,groupName,ADSPath,grouplistD,objRecordSet,objConnection,objCommand
Dim objUser,objGroup,scriptTitle
scriptTitle = "Check if User has Lab Access Enabled v.1"
domainName = "win.global.production.com"
groupName = "Legacy_Access_NA"
userName = InputBox ("== Check if User has Lab Access Enabled ==" & vbCrLf & vbCrLf & "Enter username to see if user has Lab access enabled, then press the OK button:" & vbCrLf,scriptTitle)
userName=trim(userName)
If userName = "" then Wscript.Quit
If IsMember(domainName,userName,groupName) Then
MsgBox "User '" & userName & "' DOES have Lab Access enabled.",,scriptTitle
Else
MsgBox "User '" & userName & "' DOES NOT have Lab Access enabled.",, scriptTitle
End If
WScript.quit
' *****************************************************
'This function checks if the given AD user is member of the given group.
Function IsMember(domainName,userName,groupName)
Set groupListD = CreateObject("Scripting.Dictionary")
groupListD.CompareMode = 1
ADSPath = domainName & "/" & userName
Set objUser = GetObject("WinNT://" & ADSPath & ",user")
For Each objGroup in objUser.Groups
groupListD.Add objGroup.Name, "-"
Next
IsMember = CBool(groupListD.Exists(groupName))
End Function
' *****************************************************
Is there any tweak I'm missing to make this search for a computer and see if it's in a group rather than doing the same for a user account like it's doing now?
Thanks for any insight you can provide. I've been going in circles for weeks now, trying every script I can find on the internet to do this and having little luck.