Tente o código abaixo, na linha "SELECT ... " coloque o caminho LDAP de seu domínio.
salve o código num arquivo VBS e execute-o em umprompt de comando utilizando o comando CSCRIPT arquivo.vbs se quiser jogar para um txt adicione >C:\ARQUIVO.TXT , acho que já ajuda.
'************************
On Error Resume Next
Const ADS_SCOPE_SUBTREE = 2
Set objConnection = CreateObject("ADODB.Connection")
Set objCommand = CreateObject("ADODB.Command")
objConnection.Provider = "ADsDSOObject"
objConnection.Open "Active Directory Provider"
Set objCommand.ActiveConnection = objConnection
objCommand.Properties("Page Size") = 1000
objCommand.Properties("Searchscope") = ADS_SCOPE_SUBTREE
objCommand.CommandText = _
"SELECT distinguishedName FROM 'LDAP://DC=zi,DC=if,DC=atcsg,DC=net' WHERE objectCategory='Computer'"
Set objRecordSet = objCommand.Execute
objRecordSet.MoveFirst
Do Until objRecordSet.EOF
strPath = objRecordSet.Fields("distinguishedName").Value
x=("LDAP://"&strpath)
Set objComp = GetObject(x)
strComputer = (objcomp.cn)
Set colGroups = GetObject("WinNT://" & strComputer & "")
colGroups.Filter = Array("group")
wscript.echo (objcomp.cn)
For each objGroup In colGroups
if Cstr(objGroup.Name) = "Administrators" then
Wscript.Echo objGroup.Name
For Each objUser in objGroup.Members
Wscript.Echo vbTab & objUser.Name
Next
End if
Next
objRecordSet.MoveNext
Loop
