|
server
newsgroups
|
|||||||||||||||||||||||
|
|||||||||||||||||||||||
List the users in a group
Hi,
I've looked for scripts that will retrieve me all the users that are in a specific group. i found that script but at the end i find that the script doesn't show me the users that the primary group is the group that i query. now i've 2 question. 1. is there a may in the same simple script for retrieve the users that are member of a specific group to bring also all the users that the primary group is the specific group the i query? on the same script. 2. if not is there a way to query an ou with all my users in it to show me each user what his primary group is , not one by one that i know how to do , i need it automatically on all users in my ou? Thanks
Show quote
"Avi G" <A***@discussions.microsoft.com> wrote in message Here is an example VBScript program that documents members of a group, even news:DC03FC04-1797-4AC4-897E-74BF8A55E291@microsoft.com... > Hi, > > I've looked for scripts that will retrieve me all the users that are in a > specific group. > i found that script but at the end i find that the script doesn't show me > the users that the primary group is the group that i query. > now i've 2 question. > 1. is there a may in the same simple script for retrieve the users that > are > member of a specific group to bring also all the users that the primary > group > is the specific group the i query? on the same script. > 2. if not is there a way to query an ou with all my users in it to show me > each user > what his primary group is , not one by one that i know how to do , i need > it > automatically on all users in my ou? if the group is the "primary" group: http://www.rlmueller.net/List%20Members%20of%20a%20Group.htm The program also reveals membership due to group nesting. The "primary" group of a user is specified by the primaryGroupID attribute
of the user object. This is an integer. It matches the primaryGroupToken attribute of the group that is the "primary" group for the user. For example, the primaryGroupToken attribute of the group "Domain Users" is 513. Any user whose primaryGroupID is 513 has "Domain Users" designated as their "primary" group. You could use ADO to retrieve all users that have 513 (or some other value) for primaryGroupID. You could restrict the query to one OU, by making that the base of the search. The query would be: (&(objectCategory=person)(objectClass=user)(primaryGroupID=513)) You could also use ADO to query for the primaryGroupID of all users in the OU, but the output will be the integers. The program could look up the primaryGroupToken attribute of all groups and output group names instead. For example: ============== Option Explicit Dim objRootDSE, strDNSDomain, adoCommand, adoConnection Dim strBase, strFilter, strAttributes, strQuery, adoRecordset Dim strNTName, strPrimary, objGroupList, strGroup ' Setup dictionary object, to track group names for each ' value of primaryGroupToken Set objGroupList = CreateObject("Scripting.Dictionary") ' Determine DNS domain name. Set objRootDSE = GetObject("LDAP://RootDSE") strDNSDomain = objRootDSE.Get("defaultNamingContext") ' Use ADO to search Active Directory. Set adoCommand = CreateObject("ADODB.Command") Set adoConnection = CreateObject("ADODB.Connection") adoConnection.Provider = "ADsDSOObject" adoConnection.Open "Active Directory Provider" adoCommand.ActiveConnection = adoConnection ' Search entire domain. strBase = "<LDAP://" & strDNSDomain & ">" ' Search for all groups. strFilter = "(objectCategory=group)" ' Comma delimited list of attribute values to retrieve. strAttributes = "sAMAccountName,primaryGroupToken" ' Construct the LDAP query. strQuery = strBase & ";" & strFilter & ";" & strAttributes & ";subtree" ' Run the query. adoCommand.CommandText = strQuery adoCommand.Properties("Page Size") = 100 adoCommand.Properties("Timeout") = 30 adoCommand.Properties("Cache Results") = False Set adoRecordset = adoCommand.Execute ' Enumerate the resulting recordset. Do Until adoRecordset.EOF ' Retrieve values. strNTName = adoRecordset.Fields("sAMAccountName").Value strPrimary = adoRecordset.Fields("primaryGroupToken").Value ' Keep track of group names in dictionary object. objGroupList.Add strPrimary, strNTName adoRecordset.MoveNext Loop adoRecordset.Close ' Filter on all users. strFilter = "(&(objectCategory=person)(objectClass=user))" ' Comma delimited list of attribute values to retrieve. strAttributes = "sAMAccountName,primaryGroupID" ' Construct the LDAP query. strQuery = strBase & ";" & strFilter & ";" & strAttributes & ";subtree" ' Run the query. adoCommand.CommandText = strQuery Set adoRecordset = adoCommand.Execute ' Enumerate the resulting recordset. Do Until adoRecordset.EOF ' Retrieve values. strNTName = adoRecordset.Fields("sAMAccountName").Value strPrimary = adoRecordset.Fields("primaryGroupID").Value ' Look up primary group name in dictionary object. strGroup = objGroupList(strPrimary) ' Display results. Wscript.Echo strNTName & ", " & strGroup adoRecordset.MoveNext Loop ' Clean up. adoRecordset.Close adoConnection.Close ============== This program outputs all users, but you could modify the base (the value of strBase above) of the search to only query for users in an OU. The base must be the Distinguished Name of an OU/container. However, the query for groups (the first query above) should use strDNSDomain as the base so you get all groups in the domain. For more on using ADO to search AD, see this link: http://www.rlmueller.net/ADOSearchTips.htm The primaryGroupToken attribute is constructed (operational), but ADO forces AD to calculate and return the value. this script is retrieve what i'm looking for but he give me the users logon
account name how i can view the users full name instead of logon name? Show quote "Richard Mueller [MVP]" wrote: > > "Avi G" <A***@discussions.microsoft.com> wrote in message > news:DC03FC04-1797-4AC4-897E-74BF8A55E291@microsoft.com... > > Hi, > > > > I've looked for scripts that will retrieve me all the users that are in a > > specific group. > > i found that script but at the end i find that the script doesn't show me > > the users that the primary group is the group that i query. > > now i've 2 question. > > 1. is there a may in the same simple script for retrieve the users that > > are > > member of a specific group to bring also all the users that the primary > > group > > is the specific group the i query? on the same script. > > 2. if not is there a way to query an ou with all my users in it to show me > > each user > > what his primary group is , not one by one that i know how to do , i need > > it > > automatically on all users in my ou? > > Here is an example VBScript program that documents members of a group, even > if the group is the "primary" group: > > http://www.rlmueller.net/List%20Members%20of%20a%20Group.htm > > The program also reveals membership due to group nesting. > > -- > Richard Mueller > Microsoft MVP Scripting and ADSI > Hilltop Lab - http://www.rlmueller.net > -- > > > Replace sAMAccountName with distinguishedName throughout. sAMAccountName is
the NT name of the user (pre-Windows 2000 logon name). distinguishedName is probably what you want. The displayName attribute is sometimes called "full name", but it is not required and there may be no value for many of your users. Show quote "Avi G" <A***@discussions.microsoft.com> wrote in message news:D8CC0CBB-A38D-4145-AF9B-2FDC69A29485@microsoft.com... > this script is retrieve what i'm looking for but he give me the users > logon > account name how i can view the users full name instead of logon name? > > > "Richard Mueller [MVP]" wrote: > >> >> "Avi G" <A***@discussions.microsoft.com> wrote in message >> news:DC03FC04-1797-4AC4-897E-74BF8A55E291@microsoft.com... >> > Hi, >> > >> > I've looked for scripts that will retrieve me all the users that are in >> > a >> > specific group. >> > i found that script but at the end i find that the script doesn't show >> > me >> > the users that the primary group is the group that i query. >> > now i've 2 question. >> > 1. is there a may in the same simple script for retrieve the users that >> > are >> > member of a specific group to bring also all the users that the primary >> > group >> > is the specific group the i query? on the same script. >> > 2. if not is there a way to query an ou with all my users in it to show >> > me >> > each user >> > what his primary group is , not one by one that i know how to do , i >> > need >> > it >> > automatically on all users in my ou? >> >> Here is an example VBScript program that documents members of a group, >> even >> if the group is the "primary" group: >> >> http://www.rlmueller.net/List%20Members%20of%20a%20Group.htm >> >> The program also reveals membership due to group nesting. >> >> -- >> Richard Mueller >> Microsoft MVP Scripting and ADSI >> Hilltop Lab - http://www.rlmueller.net >> -- >> >> >> i already fix this problem by changing the sAMAccountName value to CN value.
now another question i need a script that show me every user what his primary group is. what i mean is that i've an ou with all my users in it and i need the script that will go over every user and tell me what his primary group is. how i do that? Show quote "Richard Mueller [MVP]" wrote: > Replace sAMAccountName with distinguishedName throughout. sAMAccountName is > the NT name of the user (pre-Windows 2000 logon name). distinguishedName is > probably what you want. The displayName attribute is sometimes called "full > name", but it is not required and there may be no value for many of your > users. > > -- > Richard Mueller > Microsoft MVP Scripting and ADSI > Hilltop Lab - http://www.rlmueller.net > -- > > "Avi G" <A***@discussions.microsoft.com> wrote in message > news:D8CC0CBB-A38D-4145-AF9B-2FDC69A29485@microsoft.com... > > this script is retrieve what i'm looking for but he give me the users > > logon > > account name how i can view the users full name instead of logon name? > > > > > > "Richard Mueller [MVP]" wrote: > > > >> > >> "Avi G" <A***@discussions.microsoft.com> wrote in message > >> news:DC03FC04-1797-4AC4-897E-74BF8A55E291@microsoft.com... > >> > Hi, > >> > > >> > I've looked for scripts that will retrieve me all the users that are in > >> > a > >> > specific group. > >> > i found that script but at the end i find that the script doesn't show > >> > me > >> > the users that the primary group is the group that i query. > >> > now i've 2 question. > >> > 1. is there a may in the same simple script for retrieve the users that > >> > are > >> > member of a specific group to bring also all the users that the primary > >> > group > >> > is the specific group the i query? on the same script. > >> > 2. if not is there a way to query an ou with all my users in it to show > >> > me > >> > each user > >> > what his primary group is , not one by one that i know how to do , i > >> > need > >> > it > >> > automatically on all users in my ou? > >> > >> Here is an example VBScript program that documents members of a group, > >> even > >> if the group is the "primary" group: > >> > >> http://www.rlmueller.net/List%20Members%20of%20a%20Group.htm > >> > >> The program also reveals membership due to group nesting. > >> > >> -- > >> Richard Mueller > >> Microsoft MVP Scripting and ADSI > >> Hilltop Lab - http://www.rlmueller.net > >> -- > >> > >> > >> > > > The script I posted in this thread 3/1/2007 at 5:07 pm does this. That
script runs two queries. The first queries for all group names. The base of that query should be strDNSDomain, the DNS name of the domain. The second query is for users and the value of their primaryGroupID attribute. The base of this query can be changed to restrict the output to users in a hardcoded OU. In place of (in my post): ============== ' Filter on all users. strFilter = "(&(objectCategory=person)(objectClass=user))" ' Comma delimited list of attribute values to retrieve. strAttributes = "sAMAccountName,primaryGroupID" ' Construct the LDAP query. strQuery = strBase & ";" & strFilter & ";" & strAttributes & ";subtree" =========== use something like: ============== ' Filter on all users. strFilter = "(&(objectCategory=person)(objectClass=user))" ' Comma delimited list of attribute values to retrieve. strAttributes = "sAMAccountName,primaryGroupID" ' Search only the specified OU, and child OU's. strBase = "<LDAP://ou=Sales,dc=MyDomain,dc=com>" ' Construct the LDAP query. strQuery = strBase & ";" & strFilter & ";" & strAttributes & ";subtree" ============ I added a statement to assign a new value to the variable strBase. You must specify the Distinguished Name of the OU that will be the base of this second query. The program will display the NT name of the primary group of every user in the OU. If you run the script at a command prompt with the cscript host, you can redirect the output to a text file. Show quote "Avi G" <A***@discussions.microsoft.com> wrote in message news:94C746F2-0AAE-4A3E-8746-AD1DFD0EE574@microsoft.com... >i already fix this problem by changing the sAMAccountName value to CN >value. > now another question i need a script that show me every user what his > primary group is. > what i mean is that i've an ou with all my users in it and i need the > script > that will go over every user and tell me what his primary group is. > how i do that? > > "Richard Mueller [MVP]" wrote: > >> Replace sAMAccountName with distinguishedName throughout. sAMAccountName >> is >> the NT name of the user (pre-Windows 2000 logon name). distinguishedName >> is >> probably what you want. The displayName attribute is sometimes called >> "full >> name", but it is not required and there may be no value for many of your >> users. >> >> -- >> Richard Mueller >> Microsoft MVP Scripting and ADSI >> Hilltop Lab - http://www.rlmueller.net >> -- >> >> "Avi G" <A***@discussions.microsoft.com> wrote in message >> news:D8CC0CBB-A38D-4145-AF9B-2FDC69A29485@microsoft.com... >> > this script is retrieve what i'm looking for but he give me the users >> > logon >> > account name how i can view the users full name instead of logon name? >> > >> > >> > "Richard Mueller [MVP]" wrote: >> > >> >> >> >> "Avi G" <A***@discussions.microsoft.com> wrote in message >> >> news:DC03FC04-1797-4AC4-897E-74BF8A55E291@microsoft.com... >> >> > Hi, >> >> > >> >> > I've looked for scripts that will retrieve me all the users that are >> >> > in >> >> > a >> >> > specific group. >> >> > i found that script but at the end i find that the script doesn't >> >> > show >> >> > me >> >> > the users that the primary group is the group that i query. >> >> > now i've 2 question. >> >> > 1. is there a may in the same simple script for retrieve the users >> >> > that >> >> > are >> >> > member of a specific group to bring also all the users that the >> >> > primary >> >> > group >> >> > is the specific group the i query? on the same script. >> >> > 2. if not is there a way to query an ou with all my users in it to >> >> > show >> >> > me >> >> > each user >> >> > what his primary group is , not one by one that i know how to do , i >> >> > need >> >> > it >> >> > automatically on all users in my ou? >> >> >> >> Here is an example VBScript program that documents members of a group, >> >> even >> >> if the group is the "primary" group: >> >> >> >> http://www.rlmueller.net/List%20Members%20of%20a%20Group.htm >> >> >> >> The program also reveals membership due to group nesting. >> >> >> >> -- >> >> Richard Mueller >> >> Microsoft MVP Scripting and ADSI >> >> Hilltop Lab - http://www.rlmueller.net >> >> -- >> >> >> >> >> >> >> >> >> thanks for the script, but where is the output code in this script like
"Wscript.echo show all users" or something like that Show quote "Richard Mueller [MVP]" wrote: > The script I posted in this thread 3/1/2007 at 5:07 pm does this. That > script runs two queries. The first queries for all group names. The base of > that query should be strDNSDomain, the DNS name of the domain. The second > query is for users and the value of their primaryGroupID attribute. The base > of this query can be changed to restrict the output to users in a hardcoded > OU. In place of (in my post): > ============== > ' Filter on all users. > strFilter = "(&(objectCategory=person)(objectClass=user))" > > ' Comma delimited list of attribute values to retrieve. > strAttributes = "sAMAccountName,primaryGroupID" > > ' Construct the LDAP query. > strQuery = strBase & ";" & strFilter & ";" & strAttributes & ";subtree" > =========== > use something like: > ============== > ' Filter on all users. > strFilter = "(&(objectCategory=person)(objectClass=user))" > > ' Comma delimited list of attribute values to retrieve. > strAttributes = "sAMAccountName,primaryGroupID" > > ' Search only the specified OU, and child OU's. > strBase = "<LDAP://ou=Sales,dc=MyDomain,dc=com>" > > ' Construct the LDAP query. > strQuery = strBase & ";" & strFilter & ";" & strAttributes & ";subtree" > ============ > I added a statement to assign a new value to the variable strBase. You must > specify the Distinguished Name of the OU that will be the base of this > second query. The program will display the NT name of the primary group of > every user in the OU. If you run the script at a command prompt with the > cscript host, you can redirect the output to a text file. > > -- > Richard Mueller > Microsoft MVP Scripting and ADSI > Hilltop Lab - http://www.rlmueller.net > -- > > "Avi G" <A***@discussions.microsoft.com> wrote in message > news:94C746F2-0AAE-4A3E-8746-AD1DFD0EE574@microsoft.com... > >i already fix this problem by changing the sAMAccountName value to CN > >value. > > now another question i need a script that show me every user what his > > primary group is. > > what i mean is that i've an ou with all my users in it and i need the > > script > > that will go over every user and tell me what his primary group is. > > how i do that? > > > > "Richard Mueller [MVP]" wrote: > > > >> Replace sAMAccountName with distinguishedName throughout. sAMAccountName > >> is > >> the NT name of the user (pre-Windows 2000 logon name). distinguishedName > >> is > >> probably what you want. The displayName attribute is sometimes called > >> "full > >> name", but it is not required and there may be no value for many of your > >> users. > >> > >> -- > >> Richard Mueller > >> Microsoft MVP Scripting and ADSI > >> Hilltop Lab - http://www.rlmueller.net > >> -- > >> > >> "Avi G" <A***@discussions.microsoft.com> wrote in message > >> news:D8CC0CBB-A38D-4145-AF9B-2FDC69A29485@microsoft.com... > >> > this script is retrieve what i'm looking for but he give me the users > >> > logon > >> > account name how i can view the users full name instead of logon name? > >> > > >> > > >> > "Richard Mueller [MVP]" wrote: > >> > > >> >> > >> >> "Avi G" <A***@discussions.microsoft.com> wrote in message > >> >> news:DC03FC04-1797-4AC4-897E-74BF8A55E291@microsoft.com... > >> >> > Hi, > >> >> > > >> >> > I've looked for scripts that will retrieve me all the users that are > >> >> > in > >> >> > a > >> >> > specific group. > >> >> > i found that script but at the end i find that the script doesn't > >> >> > show > >> >> > me > >> >> > the users that the primary group is the group that i query. > >> >> > now i've 2 question. > >> >> > 1. is there a may in the same simple script for retrieve the users > >> >> > that > >> >> > are > >> >> > member of a specific group to bring also all the users that the > >> >> > primary > >> >> > group > >> >> > is the specific group the i query? on the same script. > >> >> > 2. if not is there a way to query an ou with all my users in it to > >> >> > show > >> >> > me > >> >> > each user > >> >> > what his primary group is , not one by one that i know how to do , i > >> >> > need > >> >> > it > >> >> > automatically on all users in my ou? > >> >> > >> >> Here is an example VBScript program that documents members of a group, > >> >> even > >> >> if the group is the "primary" group: > >> >> > >> >> http://www.rlmueller.net/List%20Members%20of%20a%20Group.htm > >> >> > >> >> The program also reveals membership due to group nesting. > >> >> > >> >> -- > >> >> Richard Mueller > >> >> Microsoft MVP Scripting and ADSI > >> >> Hilltop Lab - http://www.rlmueller.net > >> >> -- > >> >> > >> >> > >> >> > >> > >> > >> > > > In the last loop, the statement:
Wscript.Echo strNTName & ", " & strGroup outputs the user sAMAccountName and the name of the "primary" group. I ran the script in my test network. Show quote "Avi G" <A***@discussions.microsoft.com> wrote in message news:BC77E46A-07E9-430E-B616-952216334B29@microsoft.com... > thanks for the script, but where is the output code in this script like > "Wscript.echo show all users" or something like that > > "Richard Mueller [MVP]" wrote: > >> The script I posted in this thread 3/1/2007 at 5:07 pm does this. That >> script runs two queries. The first queries for all group names. The base >> of >> that query should be strDNSDomain, the DNS name of the domain. The second >> query is for users and the value of their primaryGroupID attribute. The >> base >> of this query can be changed to restrict the output to users in a >> hardcoded >> OU. In place of (in my post): >> ============== >> ' Filter on all users. >> strFilter = "(&(objectCategory=person)(objectClass=user))" >> >> ' Comma delimited list of attribute values to retrieve. >> strAttributes = "sAMAccountName,primaryGroupID" >> >> ' Construct the LDAP query. >> strQuery = strBase & ";" & strFilter & ";" & strAttributes & ";subtree" >> =========== >> use something like: >> ============== >> ' Filter on all users. >> strFilter = "(&(objectCategory=person)(objectClass=user))" >> >> ' Comma delimited list of attribute values to retrieve. >> strAttributes = "sAMAccountName,primaryGroupID" >> >> ' Search only the specified OU, and child OU's. >> strBase = "<LDAP://ou=Sales,dc=MyDomain,dc=com>" >> >> ' Construct the LDAP query. >> strQuery = strBase & ";" & strFilter & ";" & strAttributes & ";subtree" >> ============ >> I added a statement to assign a new value to the variable strBase. You >> must >> specify the Distinguished Name of the OU that will be the base of this >> second query. The program will display the NT name of the primary group >> of >> every user in the OU. If you run the script at a command prompt with the >> cscript host, you can redirect the output to a text file. >> >> -- >> Richard Mueller >> Microsoft MVP Scripting and ADSI >> Hilltop Lab - http://www.rlmueller.net >> -- >> >> "Avi G" <A***@discussions.microsoft.com> wrote in message >> news:94C746F2-0AAE-4A3E-8746-AD1DFD0EE574@microsoft.com... >> >i already fix this problem by changing the sAMAccountName value to CN >> >value. >> > now another question i need a script that show me every user what his >> > primary group is. >> > what i mean is that i've an ou with all my users in it and i need the >> > script >> > that will go over every user and tell me what his primary group is. >> > how i do that? >> > >> > "Richard Mueller [MVP]" wrote: >> > >> >> Replace sAMAccountName with distinguishedName throughout. >> >> sAMAccountName >> >> is >> >> the NT name of the user (pre-Windows 2000 logon name). >> >> distinguishedName >> >> is >> >> probably what you want. The displayName attribute is sometimes called >> >> "full >> >> name", but it is not required and there may be no value for many of >> >> your >> >> users. >> >> >> >> -- >> >> Richard Mueller >> >> Microsoft MVP Scripting and ADSI >> >> Hilltop Lab - http://www.rlmueller.net >> >> -- >> >> >> >> "Avi G" <A***@discussions.microsoft.com> wrote in message >> >> news:D8CC0CBB-A38D-4145-AF9B-2FDC69A29485@microsoft.com... >> >> > this script is retrieve what i'm looking for but he give me the >> >> > users >> >> > logon >> >> > account name how i can view the users full name instead of logon >> >> > name? >> >> > >> >> > >> >> > "Richard Mueller [MVP]" wrote: >> >> > >> >> >> >> >> >> "Avi G" <A***@discussions.microsoft.com> wrote in message >> >> >> news:DC03FC04-1797-4AC4-897E-74BF8A55E291@microsoft.com... >> >> >> > Hi, >> >> >> > >> >> >> > I've looked for scripts that will retrieve me all the users that >> >> >> > are >> >> >> > in >> >> >> > a >> >> >> > specific group. >> >> >> > i found that script but at the end i find that the script doesn't >> >> >> > show >> >> >> > me >> >> >> > the users that the primary group is the group that i query. >> >> >> > now i've 2 question. >> >> >> > 1. is there a may in the same simple script for retrieve the >> >> >> > users >> >> >> > that >> >> >> > are >> >> >> > member of a specific group to bring also all the users that the >> >> >> > primary >> >> >> > group >> >> >> > is the specific group the i query? on the same script. >> >> >> > 2. if not is there a way to query an ou with all my users in it >> >> >> > to >> >> >> > show >> >> >> > me >> >> >> > each user >> >> >> > what his primary group is , not one by one that i know how to do >> >> >> > , i >> >> >> > need >> >> >> > it >> >> >> > automatically on all users in my ou? >> >> >> >> >> >> Here is an example VBScript program that documents members of a >> >> >> group, >> >> >> even >> >> >> if the group is the "primary" group: >> >> >> >> >> >> http://www.rlmueller.net/List%20Members%20of%20a%20Group.htm >> >> >> >> >> >> The program also reveals membership due to group nesting. >> >> >> >> >> >> -- >> >> >> Richard Mueller >> >> >> Microsoft MVP Scripting and ADSI >> >> >> Hilltop Lab - http://www.rlmueller.net >> >> >> -- >> >> >> >> >> >> >> >> >> >> >> >> >> >> >> >> >> >> can you plz update the script with the right code and posted it again?
Show quote "Richard Mueller [MVP]" wrote: > In the last loop, the statement: > > Wscript.Echo strNTName & ", " & strGroup > > outputs the user sAMAccountName and the name of the "primary" group. I ran > the script in my test network. > > -- > Richard Mueller > Microsoft MVP Scripting and ADSI > Hilltop Lab - http://www.rlmueller.net > -- > > "Avi G" <A***@discussions.microsoft.com> wrote in message > news:BC77E46A-07E9-430E-B616-952216334B29@microsoft.com... > > thanks for the script, but where is the output code in this script like > > "Wscript.echo show all users" or something like that > > > > "Richard Mueller [MVP]" wrote: > > > >> The script I posted in this thread 3/1/2007 at 5:07 pm does this. That > >> script runs two queries. The first queries for all group names. The base > >> of > >> that query should be strDNSDomain, the DNS name of the domain. The second > >> query is for users and the value of their primaryGroupID attribute. The > >> base > >> of this query can be changed to restrict the output to users in a > >> hardcoded > >> OU. In place of (in my post): > >> ============== > >> ' Filter on all users. > >> strFilter = "(&(objectCategory=person)(objectClass=user))" > >> > >> ' Comma delimited list of attribute values to retrieve. > >> strAttributes = "sAMAccountName,primaryGroupID" > >> > >> ' Construct the LDAP query. > >> strQuery = strBase & ";" & strFilter & ";" & strAttributes & ";subtree" > >> =========== > >> use something like: > >> ============== > >> ' Filter on all users. > >> strFilter = "(&(objectCategory=person)(objectClass=user))" > >> > >> ' Comma delimited list of attribute values to retrieve. > >> strAttributes = "sAMAccountName,primaryGroupID" > >> > >> ' Search only the specified OU, and child OU's. > >> strBase = "<LDAP://ou=Sales,dc=MyDomain,dc=com>" > >> > >> ' Construct the LDAP query. > >> strQuery = strBase & ";" & strFilter & ";" & strAttributes & ";subtree" > >> ============ > >> I added a statement to assign a new value to the variable strBase. You > >> must > >> specify the Distinguished Name of the OU that will be the base of this > >> second query. The program will display the NT name of the primary group > >> of > >> every user in the OU. If you run the script at a command prompt with the > >> cscript host, you can redirect the output to a text file. > >> > >> -- > >> Richard Mueller > >> Microsoft MVP Scripting and ADSI > >> Hilltop Lab - http://www.rlmueller.net > >> -- > >> > >> "Avi G" <A***@discussions.microsoft.com> wrote in message > >> news:94C746F2-0AAE-4A3E-8746-AD1DFD0EE574@microsoft.com... > >> >i already fix this problem by changing the sAMAccountName value to CN > >> >value. > >> > now another question i need a script that show me every user what his > >> > primary group is. > >> > what i mean is that i've an ou with all my users in it and i need the > >> > script > >> > that will go over every user and tell me what his primary group is. > >> > how i do that? > >> > > >> > "Richard Mueller [MVP]" wrote: > >> > > >> >> Replace sAMAccountName with distinguishedName throughout. > >> >> sAMAccountName > >> >> is > >> >> the NT name of the user (pre-Windows 2000 logon name). > >> >> distinguishedName > >> >> is > >> >> probably what you want. The displayName attribute is sometimes called > >> >> "full > >> >> name", but it is not required and there may be no value for many of > >> >> your > >> >> users. > >> >> > >> >> -- > >> >> Richard Mueller > >> >> Microsoft MVP Scripting and ADSI > >> >> Hilltop Lab - http://www.rlmueller.net > >> >> -- > >> >> > >> >> "Avi G" <A***@discussions.microsoft.com> wrote in message > >> >> news:D8CC0CBB-A38D-4145-AF9B-2FDC69A29485@microsoft.com... > >> >> > this script is retrieve what i'm looking for but he give me the > >> >> > users > >> >> > logon > >> >> > account name how i can view the users full name instead of logon > >> >> > name? > >> >> > > >> >> > > >> >> > "Richard Mueller [MVP]" wrote: > >> >> > > >> >> >> > >> >> >> "Avi G" <A***@discussions.microsoft.com> wrote in message > >> >> >> news:DC03FC04-1797-4AC4-897E-74BF8A55E291@microsoft.com... > >> >> >> > Hi, > >> >> >> > > >> >> >> > I've looked for scripts that will retrieve me all the users that > >> >> >> > are > >> >> >> > in > >> >> >> > a > >> >> >> > specific group. > >> >> >> > i found that script but at the end i find that the script doesn't > >> >> >> > show > >> >> >> > me > >> >> >> > the users that the primary group is the group that i query. > >> >> >> > now i've 2 question. > >> >> >> > 1. is there a may in the same simple script for retrieve the > >> >> >> > users > >> >> >> > that > >> >> >> > are > >> >> >> > member of a specific group to bring also all the users that the > >> >> >> > primary > >> >> >> > group > >> >> >> > is the specific group the i query? on the same script. > >> >> >> > 2. if not is there a way to query an ou with all my users in it > >> >> >> > to > >> >> >> > show > >> >> >> > me > >> >> >> > each user > >> >> >> > what his primary group is , not one by one that i know how to do > >> >> >> > , i > >> >> >> > need > >> >> >> > it > >> >> >> > automatically on all users in my ou? > >> >> >> > >> >> >> Here is an example VBScript program that documents members of a > >> >> >> group, > >> >> >> even > >> >> >> if the group is the "primary" group: > >> >> >> > >> >> >> http://www.rlmueller.net/List%20Members%20of%20a%20Group.htm > >> >> >> > >> >> >> The program also reveals membership due to group nesting. > >> >> >> > >> >> >> -- > >> >> >> Richard Mueller > >> >> >> Microsoft MVP Scripting and ADSI > >> >> >> Hilltop Lab - http://www.rlmueller.net > >> >> >> -- > >> >> >> > >> >> >> > >> >> >> > >> >> > >> >> > >> >> > >> > >> > >> > > >  |
|||||||||||||||||||||||
Other interesting topics