none
Script To Pull MemberOf & List The Group Type RRS feed

  • Question

  • So this is my first script, i need it to get a list of all the groups that the target is a member of and what the group type is.

    What actually happens is the group type for the target gets repeated after every line instead of the MemberOf group

    It would be nice to get the group name without the full LDAP name as well if possible, but that is not necessary

    ----------

    On Error Resume Next

    Dim fso
    Set objFSO = CreateObject("Scripting.FileSystemObject")
    Set objFile = objFSO.CreateTextFile("C:\Users\%USERNAME%\Desktop\output.csv", True)

    Set objGroup = GetObject _
      ("LDAP://LDAP NAME")
    objGroup.GetInfo

    arrMembersOf = objGroup.GetEx("memberOf")

    objfile.writeline "MembersOf"
    For Each strMemberOf in arrMembersOf
    objfile.write strMemberOf
    Select Case objGroup.GroupType
        Case 2
            objfile.writeline ",Global Distribution"
        Case 4
            objfile.writeline ",Domain Local Distribution"
        Case 8
            objfile.writeline ",Universal Distribution"
        Case -2147483646
            objfile.writeline ",Global Security"
        Case -2147483644
            objfile.writeline ",Domain Local Security"
        Case -2147483640
            objfile.writeline ",Universal Security"
    End Select
    next

    f.Close

    -----------
    Can anyone help

    Thanks in advance

    Brian

    Friday, July 11, 2014 12:49 PM

Answers

  • Hi Brian,

    adding to jrv's response - and I fully agree: If you are starting to learn scripting, start with Powershell - there's a simple command in Powershell that will get you what you want:

    Get-ADPrincipalGroupMembership

    You can check out how it works by opening a Powershell console on a computer that has the Active Directory module installed (Any modern DC, any Windows 7+ Client with remote server admin tools installed, any Server with the ad administration tools feature activated), and typing this command:

    Get-Help Get-ADprincipalGroupMembership -Detailed

    Cheers,
    Fred


    There's no place like 127.0.0.1

    Friday, July 11, 2014 1:16 PM

All replies

  • Since you know no scripting or programming I recommend skipping VBScript (it is obsolete) and learn PowerShell.

    The question you are asking is kind of hard to figure out.  THe code wil output the member name and the group type for every member.

    What is it you are trying to do?

    Remove the "On Error Resume Next" to see what errors you are hiding.  We never start a script with that line.


    ¯\_(ツ)_/¯

    Friday, July 11, 2014 12:57 PM
  • How to get members of a group:

    Set objGroup = GetObject("LDAP://cn=mytest,ou=testou,dc=TESTNET,dc=local")
    
    arrMembersOf = objGroup.GetEx("member")
    For Each strMemberOf in arrMembersOf
         WScript.Echo strMemberOf
    next
    
    

    Start here:

    http://technet.microsoft.com/en-us/scriptcenter/dd772284

    http://technet.microsoft.com/en-us/magazine/2006.03.scriptingguy.aspx


    ¯\_(ツ)_/¯

    Friday, July 11, 2014 1:13 PM
  • Hi Brian,

    adding to jrv's response - and I fully agree: If you are starting to learn scripting, start with Powershell - there's a simple command in Powershell that will get you what you want:

    Get-ADPrincipalGroupMembership

    You can check out how it works by opening a Powershell console on a computer that has the Active Directory module installed (Any modern DC, any Windows 7+ Client with remote server admin tools installed, any Server with the ad administration tools feature activated), and typing this command:

    Get-Help Get-ADprincipalGroupMembership -Detailed

    Cheers,
    Fred


    There's no place like 127.0.0.1

    Friday, July 11, 2014 1:16 PM