Showing posts with label vbscript. Show all posts
Showing posts with label vbscript. Show all posts

Wednesday, December 4, 2013

Give me the info for the people of a group.

I started to get where I wanted to go with a previous post of getting user information so I decided to break down some information.

So I ended up with this nice little chunk of code that gave the members of a group.

The Code
dsquery group -samid "AdminsGroup" | dsget group -members

This gives a decent amount of info, but it's basically unusable for normal readable information.

It gives back information something like this "CN=c-hean,OU=USERS,OU=ESF,OU=EN,OU=BIGOU,DC=STUPIDOMAIN,DC=COM".

So I dug into things a little more and came up with this. Let's use the information from the previous script and add  " | dsget user -display" to get the users information.
Read more about  dsget user by going here. http://technet.microsoft.com/en-us/library/cc732535.aspx

The Code
dsquery group -samid "AdminsGroup" | dsget group -members | dsget user -display

Now it cleans it up and displays the names of the users instead of the full Distinguished Name, like "Smith, Smith".

There is a lot of other information you can get from your script by just changing a couple of the parameters. So for example if you want First Name, Middle Intial and Last Name just change it to this " -fn -mi -ln" instead of "-display". Now it shows "Bob    R    Smith".

The Code

dsquery group -samid "AdminsGroup" | dsget group -members | dsget user  -fn -mi -ln


NOTES:

Please note somethings that this might give you is an error if one of the "users" is  actually a "group" in the group you searched. You will get something like this "dsget failed:CN=Service Desk,OU=GROUPS,OU=ESF,OU=EN,OU=BIGOU,DC=STUPIDOMAIN,DC=COM".
:The object class of the target does not match the one specified on the command
line.".
This tells us that the groups "Service Desk" failed to give us the information you are looking for because it is a "group" not a "user".

I am sure there is a way around this but thats for another time.
Posted by at No comments:
Labels: , , , , ,

Monday, December 2, 2013

Gimme all the Groups and their users

Issue:

I need a list of  all of the user groups from a system and what users are inside of them.

Now I notice that there are not just users, there are users both local and domain, and also possible other groups. The domain part is interesting. Also the groups in a group poses a problem. It doesn't give me the user.

Problems?

Well of course there were problems.
a. The servers i needed to talk to are locked down tighter than Uncle Scrooges coin purse. So no getting the information remotely. 

The resolution 1:

Make a script to export this information. I ultimately ended up using VBScript as i usually end up doing for these types of scripts. After some googling and stitching together of some code I ended up with this. It is a script that dumps a tab delimited text file to your desktop of all the groups with their users/groups listed. 

The Code 1:

'Set the var objShell to run shell commands against
Set objShell    = CreateObject("WScript.Shell")



'Set the var userProfilePath using previous shell variable to get the users profile path
userProfilePath = objShell.ExpandEnvironmentStrings("%UserProfile%")



'Set the var wshNetwork to equal the network object
Set wshNetwork  = WScript.CreateObject"WScript.Network" )



'Set the var strComputerName as the computers name using the previous network object var
strComputerName = wshNetwork.ComputerName



'Set where to dump th txt file too.
outFile  = userProfilePath & "\desktop\output1.txt"



'Create the file the "true" flag is there to overwrite the file if it exists.
Set objFile = objFSO.CreateTextFile(outFile,True)



'Create variables to be used later
Dim host
Dim group
Dim member



'Set the host, computer name, to be used to look up the. Since i do not have network access I just use localhost.
host = "localhost"



'Loop through the results of GetObject to get all the "groups"

For Each group In GetObject("WinNT://" & host)



'Self-explanatory
If group.Class = "Group" Then
  


'Loop through the members of that group to get a list of the members
  For Each member In group.members
  


'write the computer name, group and its members to the txt file. 
   objFile.Write strComputerName & vbTab & group.name & vbTab & member.name & vbCrLf
  


'Go to the next member till no more members in that group
  Next
  


'End the if statement if  the group class is not a group class type.
End If




'End the loop of  all the class objects.
Next

Problems #2?

I need the FULL list of users. Lets see if we can get a list of users from the groups of the groups we just pulled from.. umm.. could this turn into an infinite loop?

Info finding:

So after the "For Each member In group.members" i did some digging after finding some other properties i could dig into.

I am using WScript.Echo member.? to get the information.. so like WScript.Echo member.class

class =  the class of the object, such as; user and group

AdsPath = gives the path of the object..
Formatted like: WinNT://pathName/objectName
Example: WinNT://MyComputer21/Bob

Name = the name of the object.. like the name: Bob

Parent = This one gives where the object comes from.. this i want..
Formated like WinNT://location
Example: Domain = WinNT://MICROSOFT
               Machine = WinNT://MyComputer21
Posted by at No comments:
Labels: , , ,
Subscribe to: Posts (Atom)