For 1/, try this one below. For 2/ I don't have one close but I'm sure some folks here can feed you ...
The script doesn't dump in a text file, but that's an easy addition. HTH ' FindGPOLinks v1.04.vbs - Version 1.04 - Alain Lissoir ' ' WSH Script browsing the 'DefaultNamingContext' and the 'configurationNamingContext' ' to retrieve the Group Policies linked to AD objects. ' This should facilitate the search of created policies in the Active Directory. ' ' The script is using a basic LDAP access in the current user context, ' so, you should have enough rights to access AD objects. ' ' Change in version 1.04 ' ' - Add an error Handler in the "ShowMemberInfo" Private Sub ' ' Change in version 1.02 ' ' - Query the schema to get the property list associated to the 'groupPolicyContainer' class. ' - Display only the defined properties for that class. ' - For the defined properties, the scripts shows the syntax to be used by the property. ' - Take in account the fact that more than one policy can be defined at the container level. ' ' Change in version 1.01 ' ' - Add some code to bind to the GPLink LDAP Pointer to extract some properties. ' ' Any comments or questions: EMail:[EMAIL PROTECTED] Option Explicit Dim ObjRoot Dim Object Dim ObjMember ' ---------------------------------------------------------------------------- ------- WScript.Echo WScript.Echo "Looking inside 'configurationNamingContext'" Set objRoot = GetObject("LDAP://RootDSE") Object = objRoot.Get("configurationNamingContext") Call LookInsideObject (Object) Set Object = Nothing Set objRoot = Nothing ' ---------------------------------------------------------------------------- ------- WScript.Echo WScript.Echo "Looking inside 'DefaultNamingContext'" Set objRoot = GetObject("LDAP://RootDSE") Object = objRoot.Get("DefaultNamingContext") Call LookInsideObject (Object) Set Object = Nothing Set objRoot = Nothing WScript.Quit (0) ' ---------------------------------------------------------------------------- ------- Private Sub LookInsideObject (Object) Dim objMember Dim Member Set objMember = GetObject ("LDAP://" & Object) if objMember.Class <> "sitesContainer" And _ objMember.Class <> "container" And _ objMember.Class <> "configuration" _ Then Call ShowMemberInfo (objMember) For Each Member in objMember If Member.Class = "domainDNS" Or _ Member.Class = "organizationalUnit" Or _ Member.Class = "sitesContainer" Or _ Member.Class = "site" Or _ Member.Class = "container" _ Then Call LookInsideObject (Member.Name & "," & Object) Next Set objMember = Nothing End Sub ' ---------------------------------------------------------------------------- ------- Private Sub ShowMemberInfo (Object) Dim longStartPolicyPath Dim longEndPolicyPath Dim strPolicyPathSource Dim strPolicyPath Dim objPolicy Dim objPolicyClassDef Dim objPolicyProperty Dim strPropertyName Object.GetInfo If Object.GPLink = "" Then WScript.Echo Object.Name & " (" & Object.Class & ")" WScript.Echo "(No Group Policy Defined)" WScript.Echo End If strPolicyPathSource = Object.GPLink While (strPolicyPathSource <> "") WScript.Echo Object.Name & " (" & Object.Class & ")" ' Extract each LDAP pointer from the GPLink. longStartPolicyPath = InStr(1, strPolicyPathSource, "[", vbTextCompare) longEndPolicyPath = InStr(1, strPolicyPathSource, "]", vbTextCompare) strPolicyPath = Mid(strPolicyPathSource, longStartPolicyPath + 1, longEndPolicyPath - 4) strPolicyPathSource = Mid(strPolicyPathSource, longEndPolicyPath + 1) Set objPolicy = GetObject(strPolicyPath) objPolicy.GetInfo WScript.Echo "Found an existing Policy: '" & objPolicy.Get("displayName") & "' (" & objPolicy.Class & ")" WScript.Echo " GPLink=" & strPolicyPath Set objPolicyClassDef = GetObject (objPolicy.Schema) On error Goto ErrorHandler For Each strPropertyName In objPolicyClassDef.MandatoryProperties Set objPolicyProperty = GetObject (objPolicyClassDef.Parent + "/" + strPropertyName) WScript.Echo " " & strPropertyName & "=" & objPolicy.Get(strPropertyName) & " (" & objPolicyProperty.Syntax & ")" Set objPolicyProperty = Nothing Next For Each strPropertyName In objPolicyClassDef.OptionalProperties Set objPolicyProperty = GetObject (objPolicyClassDef.Parent + "/" + strPropertyName) WScript.Echo " " & strPropertyName & "=" & objPolicy.Get(strPropertyName) & " (" & objPolicyProperty.Syntax & ")" Set objPolicyProperty = Nothing Next Set objPolicyClassDef = Nothing Set objPolicy = Nothing WScript.Echo Wend Exit Sub ErrorHandler: WScript.Echo Err.Description & "(" & Err.Number & ")" Resume Next End Sub -----Original Message----- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of Tom Kern Sent: Wednesday, August 10, 2005 6:19 AM To: activedirectory Subject: [ActiveDir] 2 quick favors Does anyone know of a tool to enumerate all GPO's in a domain listing all the specific settings enabled that i can spit out to text file. the enviorment i work in is all win2k pro/server so GPMC is out. Also, gpotool doesn't seem to show specific links and what settings are enabled. Second question is, does anyone have a script that can enumerate all the local accounts and groups on domain memeber servers and workstations? Thanks a lot. I apologize for being so needy. List info : http://www.activedir.org/List.aspx List FAQ : http://www.activedir.org/ListFAQ.aspx List archive: http://www.mail-archive.com/activedir%40mail.activedir.org/ List info : http://www.activedir.org/List.aspx List FAQ : http://www.activedir.org/ListFAQ.aspx List archive: http://www.mail-archive.com/activedir%40mail.activedir.org/