For 1/, try this one below. For 2/ I don't have one close but I'm sure some
folks here can feed you ...
The script doesn't dump in a text file, but that's an easy addition. HTH
' FindGPOLinks v1.04.vbs - Version 1.04 - Alain Lissoir
'
' WSH Script browsing the 'DefaultNamingContext' and the
'configurationNamingContext'
' to retrieve the Group Policies linked to AD objects.
' This should facilitate the search of created policies in the Active
Directory.
'
' The script is using a basic LDAP access in the current user context,
' so, you should have enough rights to access AD objects.
'
' Change in version 1.04
'
' - Add an error Handler in the "ShowMemberInfo" Private Sub
'
' Change in version 1.02
'
' - Query the schema to get the property list associated to the
'groupPolicyContainer' class.
' - Display only the defined properties for that class.
' - For the defined properties, the scripts shows the syntax to be used by
the property.
' - Take in account the fact that more than one policy can be defined at the
container level.
'
' Change in version 1.01
'
' - Add some code to bind to the GPLink LDAP Pointer to extract some
properties.
'
' Any comments or questions: EMail:[EMAIL PROTECTED]
Option Explicit
Dim ObjRoot
Dim Object
Dim ObjMember
'
----------------------------------------------------------------------------
-------
WScript.Echo
WScript.Echo "Looking inside 'configurationNamingContext'"
Set objRoot = GetObject("LDAP://RootDSE")
Object = objRoot.Get("configurationNamingContext")
Call LookInsideObject (Object)
Set Object = Nothing
Set objRoot = Nothing
'
----------------------------------------------------------------------------
-------
WScript.Echo
WScript.Echo "Looking inside 'DefaultNamingContext'"
Set objRoot = GetObject("LDAP://RootDSE")
Object = objRoot.Get("DefaultNamingContext")
Call LookInsideObject (Object)
Set Object = Nothing
Set objRoot = Nothing
WScript.Quit (0)
'
----------------------------------------------------------------------------
-------
Private Sub LookInsideObject (Object)
Dim objMember
Dim Member
Set objMember = GetObject ("LDAP://" & Object)
if objMember.Class <> "sitesContainer" And _
objMember.Class <> "container" And _
objMember.Class <> "configuration" _
Then Call ShowMemberInfo (objMember)
For Each Member in objMember
If Member.Class = "domainDNS" Or _
Member.Class = "organizationalUnit" Or _
Member.Class = "sitesContainer" Or _
Member.Class = "site" Or _
Member.Class = "container" _
Then Call LookInsideObject (Member.Name & "," & Object)
Next
Set objMember = Nothing
End Sub
'
----------------------------------------------------------------------------
-------
Private Sub ShowMemberInfo (Object)
Dim longStartPolicyPath
Dim longEndPolicyPath
Dim strPolicyPathSource
Dim strPolicyPath
Dim objPolicy
Dim objPolicyClassDef
Dim objPolicyProperty
Dim strPropertyName
Object.GetInfo
If Object.GPLink = "" Then
WScript.Echo Object.Name & " (" & Object.Class & ")"
WScript.Echo "(No Group Policy Defined)"
WScript.Echo
End If
strPolicyPathSource = Object.GPLink
While (strPolicyPathSource <> "")
WScript.Echo Object.Name & " (" & Object.Class & ")"
' Extract each LDAP pointer from the GPLink.
longStartPolicyPath = InStr(1, strPolicyPathSource, "[",
vbTextCompare)
longEndPolicyPath = InStr(1, strPolicyPathSource, "]", vbTextCompare)
strPolicyPath = Mid(strPolicyPathSource, longStartPolicyPath + 1,
longEndPolicyPath - 4)
strPolicyPathSource = Mid(strPolicyPathSource, longEndPolicyPath + 1)
Set objPolicy = GetObject(strPolicyPath)
objPolicy.GetInfo
WScript.Echo "Found an existing Policy: '" &
objPolicy.Get("displayName") & "' (" & objPolicy.Class & ")"
WScript.Echo " GPLink=" & strPolicyPath
Set objPolicyClassDef = GetObject (objPolicy.Schema)
On error Goto ErrorHandler
For Each strPropertyName In objPolicyClassDef.MandatoryProperties
Set objPolicyProperty = GetObject (objPolicyClassDef.Parent
+ "/" + strPropertyName)
WScript.Echo " " & strPropertyName & "=" &
objPolicy.Get(strPropertyName) & " (" & objPolicyProperty.Syntax & ")"
Set objPolicyProperty = Nothing
Next
For Each strPropertyName In objPolicyClassDef.OptionalProperties
Set objPolicyProperty = GetObject (objPolicyClassDef.Parent
+ "/" + strPropertyName)
WScript.Echo " " & strPropertyName & "=" &
objPolicy.Get(strPropertyName) & " (" & objPolicyProperty.Syntax & ")"
Set objPolicyProperty = Nothing
Next
Set objPolicyClassDef = Nothing
Set objPolicy = Nothing
WScript.Echo
Wend
Exit Sub
ErrorHandler:
WScript.Echo Err.Description & "(" & Err.Number & ")"
Resume Next
End Sub
-----Original Message-----
From: [EMAIL PROTECTED]
[mailto:[EMAIL PROTECTED] On Behalf Of Tom Kern
Sent: Wednesday, August 10, 2005 6:19 AM
To: activedirectory
Subject: [ActiveDir] 2 quick favors
Does anyone know of a tool to enumerate all GPO's in a domain listing all
the specific settings enabled that i can spit out to text file.
the enviorment i work in is all win2k pro/server so GPMC is out.
Also, gpotool doesn't seem to show specific links and what settings are
enabled.
Second question is, does anyone have a script that can enumerate all the
local accounts and groups on domain memeber servers and workstations?
Thanks a lot.
I apologize for being so needy.
List info : http://www.activedir.org/List.aspx
List FAQ : http://www.activedir.org/ListFAQ.aspx
List archive: http://www.mail-archive.com/activedir%40mail.activedir.org/
List info : http://www.activedir.org/List.aspx
List FAQ : http://www.activedir.org/ListFAQ.aspx
List archive: http://www.mail-archive.com/activedir%40mail.activedir.org/
