|
server
newsgroups
|
|||||||||||||||||||||||
|
|||||||||||||||||||||||
List Group Memberships for users in a group
I need a list of members of a group and the list of group membership for every user in this group :-) I tried this script but it didnt work for me :-( On Error Resume Next Set objGroup = GetObject _ ("LDAP://cn=groupName,ou=organisation,dc=test,dc=com") arrMemberOf1 = objGroup.GetEx("member") WScript.Echo "Members:" For Each objUser in arrMemberOf1 WScript.echo objUser.cn & " member of:" arrMemberOf2 = objUser.GetEx("memberOf") For Each Group in arrMemberOf2 WScript.Echo Group Next Next ------------ I tried this one too, with no result : On Error Resume Next Set objGroup = GetObject _ ("LDAP://cn=groupName,ou=organisation,dc=test,dc=com") arrMemberOf1 = objGroup.GetEx("member") WScript.Echo "Members:" For Each objUser in arrMemberOf1 WScript.echo objUser.cn & " member of:" DSQUERY USER -samid objUser | DSGET USER -memberof Next ------------------------------ Could any guru help me with this problem??? thanks in advanced Pecad00 pecad00 wrote:
Show quote > I need a list of members of a group and the list of group membership for I would suggest:> every user in this group :-) > > I tried this script but it didnt work for me :-( > > On Error Resume Next > > Set objGroup = GetObject _ > ("LDAP://cn=groupName,ou=organisation,dc=test,dc=com") > > arrMemberOf1 = objGroup.GetEx("member") > > WScript.Echo "Members:" > > For Each objUser in arrMemberOf1 > WScript.echo objUser.cn & " member of:" > arrMemberOf2 = objUser.GetEx("memberOf") > For Each Group in arrMemberOf2 > WScript.Echo Group > Next > Next > ------------ > > I tried this one too, with no result : > > On Error Resume Next > > Set objGroup = GetObject _ > ("LDAP://cn=groupName,ou=organisation,dc=test,dc=com") > > arrMemberOf1 = objGroup.GetEx("member") > > WScript.Echo "Members:" > > For Each objUser in arrMemberOf1 > WScript.echo objUser.cn & " member of:" > DSQUERY USER -samid objUser | DSGET USER -memberof > Next > > ------------------------------ > > Could any guru help me with this problem??? =========== ' Bind to specified group. Set objGroup = GetObject _ ("LDAP://cn=groupName,ou=organisation,dc=test,dc=com") ' Enumerate direct members of the group. For Each objMember In objGroup.Members ' Output NT name of member and class of object (user, computer, group). Wscript.Echo "Member: " & objMember.sAMAccountName _ & " (" & objMember.Class & ")" ' Skip members that are groups. If (objMember.Class <> "group") Then Wscript.Echo " -- Groups this member is a member of:" ' Enumerate groups this object is a direct member of: For Each objMemberGroup In objMember.Groups Wscript.Echo " Group: " & objMemberGroup.sAMAccountName Next End If Next ============ The above outputs sAMAccountName, which is the NT names of the objects (pre-Windows 2000 logon names). These values are unique in the domain. If you output the value of the cn attribute (Common Name) remember that these are not unique (except in each container/OU) - it does not uniquely identify the object. You could also output the Distinguished Names, which uniquely identify the objects and reveal where in the hierarchy of AD the objects reside. Hello Richard !!
Thank you very mucho !! your script worked out of the box. :-) regards Pedro  |
|||||||||||||||||||||||
Other interesting topics