Reputation: 33
VBScript to export all members of multiple Active Directory groups?
Is there a way of exporting all the members of multiple Active Directory groups at once using a VBScript? Preferably the output would be the usernames listed under the group they are a member of.
I have the following which allows me to export the members of 1 AD Group at a time, but I am at a loss as to how to modify it to look at multiple groups.
On Error Resume Next
Set fso = CreateObject("Scripting.FileSystemObject")
Set outfile = fso.CreateTextFile("Members.csv")
Set objGroup = GetObject("LDAP://cn=*GROUPNAME*,OU=Groups,DC=domain,DC=local")
objGroup.GetInfo
arrMembersOf = objGroup.GetEx("member")
For Each GetObject in ObjGroup
outfile.WriteLine objGroup.Name
Next
For Each strMember in arrMembersOf
outfile.WriteLine strMember
Next
Any ideas?
Upvotes: 0
Views: 27106
Answers (2)
Reputation:
The best place to find scripts for Active Directory is Microsoft's Script Center Repository.
You can find a script listing all groups and all group members here ("List all groups in the domain and all members of the groups").
Upvotes: 0
Reputation: 797
Yeah, this is possible, but I think you might need to change your approach slightly. You need to write an LDAP query to query two groups at once, rather than just setting your scope to a particular group.
So, try reworking your script like this:
Set objRootDSE = GetObject("LDAP://RootDSE")
strDNSDomain = objRootDSE.Get("defaultNamingContext")
Set objRootDSE = Nothing
Set ad = CreateObject("ADODB.Command")
Set adoConnection = CreateObject("ADODB.Connection")
adoConnection.Provider = "ADsDSOObject"
adoConnection.Open "Active Directory Provider"
ad.ActiveConnection = adoConnection
'Put the distinguishedname of your two groups here:
strFilter = "(|(memberof=CN=Group Name,OU=....)(memberof=CN=Group Name 2,OU=....))"
'Chose what you want to return here:
strAttributes = "samaccountname,cn"
strQuery = "<LDAP://" & strDNSDomain & ">" & ";" & strFilter & ";" & strAttributes & ";subtree"
ad.CommandText = strQuery
ad.Properties("SearchScope") = 2
ad.Properties("Page Size") = 1000
ad.Properties("Cache Results") = False
Set objRS = ad.Execute
Now you've got all the results in a recordset, you can work your way through them writing each one to a file or whatever you want to do. So something like:
Do Until objRS.EOF
'Do something with each value
objRS.Fields("samaccountname")
objRS.MoveNext
Loop
Any use? I'm assuming here you know a little bit about writing LDAP queries
Upvotes: 4
Related Questions
- LDAP or VBscript to list all real users in AD
- Query Active Directory and Export using VBScript/WSH
- how do I get a list of all the members of a group using VBA?
- Export AD users with list of specific groups
- Get username from all users in specific group
- Retrieve all users from Active Directory (LDAP) using VBScript
- How to Show All Domain Users & Their Group Membership (Active Directory)
- How to retrieve All attributes of given user from given group in ActiveDirectory using VBScript?
- How to get a group or OU's active directory path in vbscript?
- Get SAMAccountNames for all users in AD group