VBScript to extract users group membership to Excel 1

[JayIT]

The subject line says it all, I need a quick way to find out what users are members of in AD.

To go a step further, if it's all possible, I would like to be able to select specific groups and export that to an Excel doc.

Can I run a query against an entire OU and only get the names of those that that members specific groups?

In other words, if Bob Marley and Michael Jackson are is member of administrators group, sales group, IT group and HR group, and I want to know who is member of IT and HR the results should only show Bob and Michael names and those 2 groups.

Any help would save me days of work every 2 months… ?

 

[Geates]

Are you echoing strGroups?

-Geates

"I hope I can chill and see the change - stop the bleed inside and feel again. Cut the chain of lies you've been feeding my veins; I've got nothing to say to you!"
-Infected Mushroom

"I do not offer answers, only considerations."
- Geates's Disclaimer

 

[JayIT]

function getOUMembers(strDN)
    'Default return value
    getOUMembers = "None"
    
    'Prepare to query LDAP for a User's memberships (.MemberOf property)
    set objCommand = CreateObject("ADODB.Command")
    set objConnection = CreateObject("ADODB.Connection")
    objConnection.Provider = "ADsDSOObject"
    objConnection.Open "Active Directory Provider"
    objCommand.ActiveConnection = objConnection

    strQuery = "SELECT memberOf FROM 'LDAP://" & strDN & "'"
   msgbox strQuery  
    'Execute query
    objCommand.CommandText = strQuery

    set objRecordSet = objCommand.Execute

    'Traverse returned memberships
    'Depending on how 'clean' your LDAP is, the query may return null values
    objRecordSet.MoveFirst
    do until objRecordSet.EOF
        obj = objRecordSet.Fields(0)
        'if the object is an array of strings (8192 + 8) then traverse those items
        if (vartype(obj) = 8204) then
            arrMembers = obj
            for i = 0 to ubound(arrMembers)
                strMembers = strMembers & arrMembers(i) & vbNewLine
            next
        end if
        objRecordSet.moveNext
    loop
    getOUMembers = strMembers
end function

set objRootDSE = GetObject("LDAP://RootDSE")
strDNSDomain = objRootDSE.Get("defaultNamingContext")

strOU = inputBox ("Enter complete OU name (eg. Users\GroupA): ")
arrOUs = split(strOU, "\")
strDN = "CN=" & arrOUs(ubound(arrOUs))


for i = 0 to ubound(arrOUs) - 1
    strDN = strDN & ",OU=" & arrOUs(i)
next
strDN = strDN & "," & strDNSDomain 'CN=xxx,DC=xxx,DC=xxx,DC=xxx 
'wscript.echo getOUMembers(strDN)

strMembers = getOUMembers(strDN)

intGroupA = instr(strMembers, "julestest")
'intGroupB = instr(strMembers, "GroupB")

if (intGroupA > 0) then strGroups = strGroups & "julestest" & vbNewLine
'if (intGroupB > 0) then strGroups = strGroups & "GroupB" & vbNewLine

 

[JayIT]

Nevermind, I got it to work. Thanks you so much for your help, you just saved us about 20 hrs of week every 3 months. You are our hero!