none
Listas Todos os SIDs de Grupos de uma conta de usuário RRS feed

  • Pergunta

  • Bom dia Pessoal,

    Alguém sabe me dizer se é possível a criação de um script que liste todas os SIDs dos grupos que fazem parte da aba de "Membros de" de uma conta de usuário?

    Obrigado!

    Abs!
    sexta-feira, 13 de novembro de 2009 11:37

Respostas

  • Olá,

    Verifique o script abaixo:

    Set FileSystem = WScript.CreateObject("Scripting.FileSystemObject")

    Set OutPutFile = FileSystem.CreateTextFile("Lista_de_Grupos.txt", True)

    Set objDSE = GetObject("LDAP://rootDSE")

    strDefaultDN =  objDSE.Get("defaultNamingContext")

     

    strDN =     InputBox("Coloque o Caminho da OU" & _
        vbCrLf & "(Exemplo: " & "CN=Users," & strDefaultDN & ")", , "CN=Users," & strDefaultDN)

     

    If strDN = "" Then WScript.Quit(1)        '

     

    Set objContainer = GetObject("LDAP://" & strDN)

     

    objContainer.Filter = Array("user")

     

    For Each objChild In objContainer

        set UserObj = GetObject("LDAP://" & objChild.Name & "," & strDN)

        if err.number<>0 then

             if ChkEngine = "cscript.exe" then

              wscript.echo "Erro conectando ao " & strDN & " ou usuário não encontrado."

              wscript.quit

           else

              wscript.quit

           end if

        end if

     

        List= "Grupos do usuário: " & UserObj.cn & " (" & objChild.Name & ") in " & UCASE(strDN) & VBCRLF & VBCRLF

        OutPutFile.WriteLine LiST & VBCRLF
        For Each GroupObj In UserObj.Groups
           SIDGrupo = buscaGrupo(GroupObj.name)
           OutPutFile.WriteLine GroupObj.Name & " ; " & TRIM(SIDGRUPO)
        Next
    '    OutPutFile.WriteLine List
        OutPutFile.WriteLine "===================================================="

    Next

     

    OutPutFile.Close
    wscript.quit


    Function ChkEngine()
    ON ERROR RESUME NEXT

    strEngine=Wscript.FullName

    if Err.Number <>0 then
       wscript.echo "Error!"
       wscript.echo "Erro (" & Err.Number & ") Descrição: " & Err.Description
       wscript.quit
    end if

     

    PosX=InStrRev(strEngine,"\",-1,vbTextCompare)

    ChkEngine=Mid(strEngine,PosX+1)

     

    End Function


    Function BuscaGrupo(nome)

    Const ADS_SCOPE_SUBTREE = 2

    Set objConnection = CreateObject("ADODB.Connection")
    Set objCommand =   CreateObject("ADODB.Command")
    objConnection.Provider = "ADsDSOObject"
    objConnection.Open "Active Directory Provider"
    Set objCommand.ActiveConnection = objConnection

    objCommand.Properties("Page Size") = 1000
    objCommand.Properties("Searchscope") = ADS_SCOPE_SUBTREE

    objCommand.CommandText = _
        "SELECT distinguishedname,name FROM 'LDAP://" & strDefaultDN & "'"  & _
            "WHERE objectCategory='group'" 

    Set objRecordSet = objCommand.Execute

    objRecordSet.MoveFirst

    Do Until objRecordSet.EOF

        if objRecordSet.Fields("name") = MID(nome,4,Len(nome)) Then
           set objGrupo = GetObject("LDAP://" & objRecordSet.Fields("distinguishedname"))
           arrSid = objGrupo.objectSid
           strSidHex = OctetToHexStr(arrSid)
    '       strSidDec = HexStrToDecStr(strSidHex)

           BuscaGrupo = HexStrToDecStr(strSidHex)


        End if
        objRecordSet.MoveNext
    Loop

    End Function



    Function OctetToHexStr(arrbytOctet)
      ON ERROR RESUME NEXT
      Dim k
      OctetToHexStr = ""
      For k = 1 To Lenb(arrbytOctet)
        OctetToHexStr = OctetToHexStr _
          & Right("0" & Hex(Ascb(Midb(arrbytOctet, k, 1))), 2)
      Next
    End Function

    Function HexStrToDecStr(strSid)

      Dim arrbytSid, lngTemp, j

      ReDim arrbytSid(Len(strSid)/2 - 1)
      For j = 0 To UBound(arrbytSid)
        arrbytSid(j) = CInt("&H" & Mid(strSid, 2*j + 1, 2))
      Next

      HexStrToDecStr = "S-" & arrbytSid(0) & "-" _
        & arrbytSid(1) & "-" & arrbytSid(8)

      lngTemp = arrbytSid(15)
      lngTemp = lngTemp * 256 + arrbytSid(14)
      lngTemp = lngTemp * 256 + arrbytSid(13)
      lngTemp = lngTemp * 256 + arrbytSid(12)
      HexStrToDecStr = HexStrToDecStr & "-" & CStr(lngTemp)
      if lngTemp > 600 Then
         lngTemp = arrbytSid(19)
         lngTemp = lngTemp * 256 + arrbytSid(18)
         lngTemp = lngTemp * 256 + arrbytSid(17)
         lngTemp = lngTemp * 256 + arrbytSid(16)
         HexStrToDecStr = HexStrToDecStr & "-" & CStr(lngTemp)
         lngTemp = arrbytSid(23)
         lngTemp = lngTemp * 256 + arrbytSid(22)
         lngTemp = lngTemp * 256 + arrbytSid(21)
         lngTemp = lngTemp * 256 + arrbytSid(20)
         HexStrToDecStr = HexStrToDecStr & "-" & CStr(lngTemp)
         lngTemp = arrbytSid(25)
         lngTemp = lngTemp * 256 + arrbytSid(24)
         HexStrToDecStr = HexStrToDecStr & "-" & CStr(lngTemp)
       End if
    End Function



    Até mais,

    Jesiel

    Obs.: Se útil, classifique


    sexta-feira, 13 de novembro de 2009 12:28

Todas as Respostas

  • Bom dia Isac.

    Veja esse thread te atende.

    http://social.technet.microsoft.com/forums/pt-BR/scriptadminpt/thread/a6508372-c791-46a7-aa54-e9e69c93eb10/

    []s,

    Marcellus Bockorny

    " Qm tem boca vai a roma, meu fogão tem 6 e não saiu da cozinha ainda"
    sexta-feira, 13 de novembro de 2009 11:45
  • Olá,

    Verifique o script abaixo:

    Set FileSystem = WScript.CreateObject("Scripting.FileSystemObject")

    Set OutPutFile = FileSystem.CreateTextFile("Lista_de_Grupos.txt", True)

    Set objDSE = GetObject("LDAP://rootDSE")

    strDefaultDN =  objDSE.Get("defaultNamingContext")

     

    strDN =     InputBox("Coloque o Caminho da OU" & _
        vbCrLf & "(Exemplo: " & "CN=Users," & strDefaultDN & ")", , "CN=Users," & strDefaultDN)

     

    If strDN = "" Then WScript.Quit(1)        '

     

    Set objContainer = GetObject("LDAP://" & strDN)

     

    objContainer.Filter = Array("user")

     

    For Each objChild In objContainer

        set UserObj = GetObject("LDAP://" & objChild.Name & "," & strDN)

        if err.number<>0 then

             if ChkEngine = "cscript.exe" then

              wscript.echo "Erro conectando ao " & strDN & " ou usuário não encontrado."

              wscript.quit

           else

              wscript.quit

           end if

        end if

     

        List= "Grupos do usuário: " & UserObj.cn & " (" & objChild.Name & ") in " & UCASE(strDN) & VBCRLF & VBCRLF

        OutPutFile.WriteLine LiST & VBCRLF
        For Each GroupObj In UserObj.Groups
           SIDGrupo = buscaGrupo(GroupObj.name)
           OutPutFile.WriteLine GroupObj.Name & " ; " & TRIM(SIDGRUPO)
        Next
    '    OutPutFile.WriteLine List
        OutPutFile.WriteLine "===================================================="

    Next

     

    OutPutFile.Close
    wscript.quit


    Function ChkEngine()
    ON ERROR RESUME NEXT

    strEngine=Wscript.FullName

    if Err.Number <>0 then
       wscript.echo "Error!"
       wscript.echo "Erro (" & Err.Number & ") Descrição: " & Err.Description
       wscript.quit
    end if

     

    PosX=InStrRev(strEngine,"\",-1,vbTextCompare)

    ChkEngine=Mid(strEngine,PosX+1)

     

    End Function


    Function BuscaGrupo(nome)

    Const ADS_SCOPE_SUBTREE = 2

    Set objConnection = CreateObject("ADODB.Connection")
    Set objCommand =   CreateObject("ADODB.Command")
    objConnection.Provider = "ADsDSOObject"
    objConnection.Open "Active Directory Provider"
    Set objCommand.ActiveConnection = objConnection

    objCommand.Properties("Page Size") = 1000
    objCommand.Properties("Searchscope") = ADS_SCOPE_SUBTREE

    objCommand.CommandText = _
        "SELECT distinguishedname,name FROM 'LDAP://" & strDefaultDN & "'"  & _
            "WHERE objectCategory='group'" 

    Set objRecordSet = objCommand.Execute

    objRecordSet.MoveFirst

    Do Until objRecordSet.EOF

        if objRecordSet.Fields("name") = MID(nome,4,Len(nome)) Then
           set objGrupo = GetObject("LDAP://" & objRecordSet.Fields("distinguishedname"))
           arrSid = objGrupo.objectSid
           strSidHex = OctetToHexStr(arrSid)
    '       strSidDec = HexStrToDecStr(strSidHex)

           BuscaGrupo = HexStrToDecStr(strSidHex)


        End if
        objRecordSet.MoveNext
    Loop

    End Function



    Function OctetToHexStr(arrbytOctet)
      ON ERROR RESUME NEXT
      Dim k
      OctetToHexStr = ""
      For k = 1 To Lenb(arrbytOctet)
        OctetToHexStr = OctetToHexStr _
          & Right("0" & Hex(Ascb(Midb(arrbytOctet, k, 1))), 2)
      Next
    End Function

    Function HexStrToDecStr(strSid)

      Dim arrbytSid, lngTemp, j

      ReDim arrbytSid(Len(strSid)/2 - 1)
      For j = 0 To UBound(arrbytSid)
        arrbytSid(j) = CInt("&H" & Mid(strSid, 2*j + 1, 2))
      Next

      HexStrToDecStr = "S-" & arrbytSid(0) & "-" _
        & arrbytSid(1) & "-" & arrbytSid(8)

      lngTemp = arrbytSid(15)
      lngTemp = lngTemp * 256 + arrbytSid(14)
      lngTemp = lngTemp * 256 + arrbytSid(13)
      lngTemp = lngTemp * 256 + arrbytSid(12)
      HexStrToDecStr = HexStrToDecStr & "-" & CStr(lngTemp)
      if lngTemp > 600 Then
         lngTemp = arrbytSid(19)
         lngTemp = lngTemp * 256 + arrbytSid(18)
         lngTemp = lngTemp * 256 + arrbytSid(17)
         lngTemp = lngTemp * 256 + arrbytSid(16)
         HexStrToDecStr = HexStrToDecStr & "-" & CStr(lngTemp)
         lngTemp = arrbytSid(23)
         lngTemp = lngTemp * 256 + arrbytSid(22)
         lngTemp = lngTemp * 256 + arrbytSid(21)
         lngTemp = lngTemp * 256 + arrbytSid(20)
         HexStrToDecStr = HexStrToDecStr & "-" & CStr(lngTemp)
         lngTemp = arrbytSid(25)
         lngTemp = lngTemp * 256 + arrbytSid(24)
         HexStrToDecStr = HexStrToDecStr & "-" & CStr(lngTemp)
       End if
    End Function



    Até mais,

    Jesiel

    Obs.: Se útil, classifique


    sexta-feira, 13 de novembro de 2009 12:28