Re: Get User with Group membership in a file.
I use a variant of that when terminating an employee to document the
group memberships so that I can quickly populate the groups for the
replacement:
adfind -b dc=example,dc=com -f "samaccountname=joeuser" memberof > out.txt
On Wed, May 19, 2010 at 12:10, David W. McSpadden wrote:
> Thanks
>
> -Original Message-
> From: Kurt Buff [mailto:kurt.b...@gmail.com]
> Sent: Wednesday, May 19, 2010 3:07 PM
> To: NT System Admin Issues
> Subject: Re: Get User with Group membership in a file.
>
> adfind -b ou=users,dc=imcu,dc=local -f "objectcategory=person" -csv
> -nodn displayname memberof > out.txt
>
> On Wed, May 19, 2010 at 10:57, David McSpadden wrote:
>>
>> I have to get all my ad users and their group membership to a file and I
> have them in two CN’s
>>
>>
>>
>> On Error Resume Next
>>
>>
>>
>> Const E_ADS_PROPERTY_NOT_FOUND = &h8000500D
>>
>>
>>
>> Set objOU = GetObject _
>>
>> ("LDAP://cn=Users,dc=imcu,dc=local")
>>
>>
>>
>> ObjOU.Filter= Array("user")
>>
>>
>>
>> For Each objUser in objOU
>>
>> WScript.Echo objUser.cn & " is a member of: "
>>
>> WScript.Echo vbTab & "Primary Group ID: " & _
>>
>> objUser.Get("primaryGroupID")
>>
>>
>>
>> arrMemberOf = objUser.GetEx("memberOf")
>>
>>
>>
>> If Err.Number <> E_ADS_PROPERTY_NOT_FOUND Then
>>
>> For Each Group in arrMemberOf
>>
>> WScript.Echo vbTab & Group
>>
>> Next
>>
>> Else
>>
>> WScript.Echo vbTab & "memberOf attribute is not set"
>>
>> Err.Clear
>>
>> End If
>>
>> Wscript.Echo
>>
>> Next
>>
>>
>>
>> I also have a Cn No ScreenSaver Personnel. But when I put it into the
> above I get 0.
>>
>>
>>
>> “Please consider the environment before printing this email.”
>>
>>
>>
>>
>>
>>
>
> ~ Finally, powerful endpoint security that ISN'T a resource hog! ~
> ~ <http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/> ~
>
>
>
>
>
> ~ Finally, powerful endpoint security that ISN'T a resource hog! ~
> ~ <http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/> ~
>
>
~ Finally, powerful endpoint security that ISN'T a resource hog! ~
~ <http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/> ~
RE: Get User with Group membership in a file.
Thanks
-Original Message-
From: Kurt Buff [mailto:kurt.b...@gmail.com]
Sent: Wednesday, May 19, 2010 3:07 PM
To: NT System Admin Issues
Subject: Re: Get User with Group membership in a file.
adfind -b ou=users,dc=imcu,dc=local -f "objectcategory=person" -csv
-nodn displayname memberof > out.txt
On Wed, May 19, 2010 at 10:57, David McSpadden wrote:
>
> I have to get all my ad users and their group membership to a file and I
have them in two CNs
>
>
>
> On Error Resume Next
>
>
>
> Const E_ADS_PROPERTY_NOT_FOUND = &h8000500D
>
>
>
> Set objOU = GetObject _
>
> ("LDAP://cn=Users,dc=imcu,dc=local")
>
>
>
> ObjOU.Filter= Array("user")
>
>
>
> For Each objUser in objOU
>
> WScript.Echo objUser.cn & " is a member of: "
>
> WScript.Echo vbTab & "Primary Group ID: " & _
>
> objUser.Get("primaryGroupID")
>
>
>
> arrMemberOf = objUser.GetEx("memberOf")
>
>
>
> If Err.Number <> E_ADS_PROPERTY_NOT_FOUND Then
>
> For Each Group in arrMemberOf
>
> WScript.Echo vbTab & Group
>
> Next
>
> Else
>
> WScript.Echo vbTab & "memberOf attribute is not set"
>
> Err.Clear
>
> End If
>
> Wscript.Echo
>
> Next
>
>
>
> I also have a Cn No ScreenSaver Personnel. But when I put it into the
above I get 0.
>
>
>
> Please consider the environment before printing this email.
>
>
>
>
>
>
~ Finally, powerful endpoint security that ISN'T a resource hog! ~
~ <http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/> ~
~ Finally, powerful endpoint security that ISN'T a resource hog! ~
~ <http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/> ~
Re: Get User with Group membership in a file.
adfind -b ou=users,dc=imcu,dc=local -f "objectcategory=person" -csv
-nodn displayname memberof > out.txt
On Wed, May 19, 2010 at 10:57, David McSpadden wrote:
>
> I have to get all my ad users and their group membership to a file and I have
> them in two CN’s
>
>
>
> On Error Resume Next
>
>
>
> Const E_ADS_PROPERTY_NOT_FOUND = &h8000500D
>
>
>
> Set objOU = GetObject _
>
> ("LDAP://cn=Users,dc=imcu,dc=local")
>
>
>
> ObjOU.Filter= Array("user")
>
>
>
> For Each objUser in objOU
>
> WScript.Echo objUser.cn & " is a member of: "
>
> WScript.Echo vbTab & "Primary Group ID: " & _
>
> objUser.Get("primaryGroupID")
>
>
>
> arrMemberOf = objUser.GetEx("memberOf")
>
>
>
> If Err.Number <> E_ADS_PROPERTY_NOT_FOUND Then
>
> For Each Group in arrMemberOf
>
> WScript.Echo vbTab & Group
>
> Next
>
> Else
>
> WScript.Echo vbTab & "memberOf attribute is not set"
>
> Err.Clear
>
> End If
>
> Wscript.Echo
>
> Next
>
>
>
> I also have a Cn No ScreenSaver Personnel. But when I put it into the above
> I get 0.
>
>
>
> “Please consider the environment before printing this email.”
>
>
>
>
>
>
~ Finally, powerful endpoint security that ISN'T a resource hog! ~
~
RE: Get User with Group membership in a file.
Got it.
Thansk
_
From: Michael B. Smith [mailto:mich...@smithcons.com]
Sent: Wednesday, May 19, 2010 2:27 PM
To: NT System Admin Issues
Subject: RE: Get User with Group membership in a file.
Anywhere the ds* tools are installed.
Regards,
Michael B. Smith
Consultant and Exchange MVP
http://TheEssentialExchange.com
From: David W. McSpadden [mailto:dav...@imcu.com]
Sent: Wednesday, May 19, 2010 2:13 PM
To: NT System Admin Issues
Subject: RE: Get User with Group membership in a file.
Ran from the DC?
_
From: Michael B. Smith [mailto:mich...@smithcons.com]
Sent: Wednesday, May 19, 2010 2:11 PM
To: NT System Admin Issues
Subject: RE: Get User with Group membership in a file.
Dunno why it fails for you, but this is much easier:
dsquery * forestroot -filter objectcategory=user -attr cn memberOf
Regards,
Michael B. Smith
Consultant and Exchange MVP
http://TheEssentialExchange.com
From: David McSpadden [mailto:dav...@imcu.com]
Sent: Wednesday, May 19, 2010 1:58 PM
To: NT System Admin Issues
Subject: Get User with Group membership in a file.
I have to get all my ad users and their group membership to a file and I
have them in two CN's
On Error Resume Next
Const E_ADS_PROPERTY_NOT_FOUND = &h8000500D
Set objOU = GetObject _
("LDAP://cn=Users,dc=imcu,dc=local")
ObjOU.Filter= Array("user")
For Each objUser in objOU
WScript.Echo objUser.cn & " is a member of: "
WScript.Echo vbTab & "Primary Group ID: " & _
objUser.Get("primaryGroupID")
arrMemberOf = objUser.GetEx("memberOf")
If Err.Number <> E_ADS_PROPERTY_NOT_FOUND Then
For Each Group in arrMemberOf
WScript.Echo vbTab & Group
Next
Else
WScript.Echo vbTab & "memberOf attribute is not set"
Err.Clear
End If
Wscript.Echo
Next
I also have a Cn No ScreenSaver Personnel. But when I put it into the above
I get 0.
"Please consider the environment before printing this email."
~ Finally, powerful endpoint security that ISN'T a resource hog! ~
~ <http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/> ~<>
RE: Get User with Group membership in a file.
Anywhere the ds* tools are installed...
Regards,
Michael B. Smith
Consultant and Exchange MVP
http://TheEssentialExchange.com
From: David W. McSpadden [mailto:dav...@imcu.com]
Sent: Wednesday, May 19, 2010 2:13 PM
To: NT System Admin Issues
Subject: RE: Get User with Group membership in a file.
Ran from the DC?
From: Michael B. Smith [mailto:mich...@smithcons.com]
Sent: Wednesday, May 19, 2010 2:11 PM
To: NT System Admin Issues
Subject: RE: Get User with Group membership in a file.
Dunno why it fails for you, but this is much easier:
dsquery * forestroot -filter objectcategory=user -attr cn memberOf
Regards,
Michael B. Smith
Consultant and Exchange MVP
http://TheEssentialExchange.com
From: David McSpadden [mailto:dav...@imcu.com]
Sent: Wednesday, May 19, 2010 1:58 PM
To: NT System Admin Issues
Subject: Get User with Group membership in a file.
I have to get all my ad users and their group membership to a file and I have
them in two CN's
On Error Resume Next
Const E_ADS_PROPERTY_NOT_FOUND = &h8000500D
Set objOU = GetObject _
("LDAP://cn=Users,dc=imcu,dc=local")
ObjOU.Filter= Array("user")
For Each objUser in objOU
WScript.Echo objUser.cn & " is a member of: "
WScript.Echo vbTab & "Primary Group ID: " & _
objUser.Get("primaryGroupID")
arrMemberOf = objUser.GetEx("memberOf")
If Err.Number <> E_ADS_PROPERTY_NOT_FOUND Then
For Each Group in arrMemberOf
WScript.Echo vbTab & Group
Next
Else
WScript.Echo vbTab & "memberOf attribute is not set"
Err.Clear
End If
Wscript.Echo
Next
I also have a Cn No ScreenSaver Personnel. But when I put it into the above I
get 0.
"Please consider the environment before printing this email."
[cid:image001.gif@01CAF75F.5EE63760]
~ Finally, powerful endpoint security that ISN'T a resource hog! ~
~ <http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/> ~<>
RE: Get User with Group membership in a file.
Ran from the DC?
_
From: Michael B. Smith [mailto:mich...@smithcons.com]
Sent: Wednesday, May 19, 2010 2:11 PM
To: NT System Admin Issues
Subject: RE: Get User with Group membership in a file.
Dunno why it fails for you, but this is much easier:
dsquery * forestroot -filter objectcategory=user -attr cn memberOf
Regards,
Michael B. Smith
Consultant and Exchange MVP
http://TheEssentialExchange.com
From: David McSpadden [mailto:dav...@imcu.com]
Sent: Wednesday, May 19, 2010 1:58 PM
To: NT System Admin Issues
Subject: Get User with Group membership in a file.
I have to get all my ad users and their group membership to a file and I
have them in two CN's
On Error Resume Next
Const E_ADS_PROPERTY_NOT_FOUND = &h8000500D
Set objOU = GetObject _
("LDAP://cn=Users,dc=imcu,dc=local")
ObjOU.Filter= Array("user")
For Each objUser in objOU
WScript.Echo objUser.cn & " is a member of: "
WScript.Echo vbTab & "Primary Group ID: " & _
objUser.Get("primaryGroupID")
arrMemberOf = objUser.GetEx("memberOf")
If Err.Number <> E_ADS_PROPERTY_NOT_FOUND Then
For Each Group in arrMemberOf
WScript.Echo vbTab & Group
Next
Else
WScript.Echo vbTab & "memberOf attribute is not set"
Err.Clear
End If
Wscript.Echo
Next
I also have a Cn No ScreenSaver Personnel. But when I put it into the above
I get 0.
"Please consider the environment before printing this email."
~ Finally, powerful endpoint security that ISN'T a resource hog! ~
~ <http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/> ~<>
RE: Get User with Group membership in a file.
Dunno why it fails for you, but this is much easier:
dsquery * forestroot -filter objectcategory=user -attr cn memberOf
Regards,
Michael B. Smith
Consultant and Exchange MVP
http://TheEssentialExchange.com
From: David McSpadden [mailto:dav...@imcu.com]
Sent: Wednesday, May 19, 2010 1:58 PM
To: NT System Admin Issues
Subject: Get User with Group membership in a file.
I have to get all my ad users and their group membership to a file and I have
them in two CN's
On Error Resume Next
Const E_ADS_PROPERTY_NOT_FOUND = &h8000500D
Set objOU = GetObject _
("LDAP://cn=Users,dc=imcu,dc=local")
ObjOU.Filter= Array("user")
For Each objUser in objOU
WScript.Echo objUser.cn & " is a member of: "
WScript.Echo vbTab & "Primary Group ID: " & _
objUser.Get("primaryGroupID")
arrMemberOf = objUser.GetEx("memberOf")
If Err.Number <> E_ADS_PROPERTY_NOT_FOUND Then
For Each Group in arrMemberOf
WScript.Echo vbTab & Group
Next
Else
WScript.Echo vbTab & "memberOf attribute is not set"
Err.Clear
End If
Wscript.Echo
Next
I also have a Cn No ScreenSaver Personnel. But when I put it into the above I
get 0.
"Please consider the environment before printing this email."
[cid:image001.gif@01CAF75D.132D3730]
~ Finally, powerful endpoint security that ISN'T a resource hog! ~
~
