I have a text file listing some userID's. I need to read the users from this
list and check if they are a member of a specifc group in Active Directory.
I checked and checked but cant seem to find anything to do what i need. Can
anyone help?
|
|
0
|
|
|
|
Reply
|
 Utf
|
11/20/2009 1:34:05 AM |
|
"Gunna" <Gunna@discussions.microsoft.com> wrote in message
news:6280D449-FAE3-47DF-A284-1731FD9FB248@microsoft.com...
>I have a text file listing some userID's. I need to read the users from
>this
> list and check if they are a member of a specifc group in Active
> Directory.
>
> I checked and checked but cant seem to find anything to do what i need.
> Can
> anyone help?
I assume your text file has "pre-Windows 2000 logon" names. A VBScript
program can use the FileSystemObject to read the names from the file, use
the NameTranslate object to convert the names to Distinguished Names, then
check for membership in a specified group. You should specify the
Distinguished Name of the group. For example:
============
Option Explicit
Dim objRootDSE, strDNSDomain, objTrans, strNetBIOSDomain
Dim strFile, strGroupDN, objGroup, objFSO, objFile, strUser
Dim strUserDN
Const ForReading = 1
Const ADS_NAME_INITTYPE_GC = 3
Const ADS_NAME_TYPE_NT4 = 3
Const ADS_NAME_TYPE_1779 = 1
' Determine DNS domain name from RootDSE object.
Set objRootDSE = GetObject("LDAP://RootDSE")
strDNSDomain = objRootDSE.Get("DefaultNamingContext")
' Use the NameTranslate object.
Set objTrans = CreateObject("NameTranslate")
' Initialize NameTranslate by locating the Global Catalog.
objTrans.Init ADS_NAME_INITTYPE_GC, ""
' Use Set method to specify DNS domain name.
objTrans.Set ADS_NAME_TYPE_1779, strDNSDomain
' Use Get method to retrieve NetBIOS name of domain.
strNetBIOSDomain = objTrans.Get(ADS_NAME_TYPE_NT4)
' Remove trailing backslash.
strNetBIOSDomain = Left(strNetBIOSDomain, Len(strNetBIOSDomain) - 1)
' Specify text file of user "pre-Windows 2000 logon" Names.
strFile = "c:\Scripts\Members.txt"
' Specify DN of group.
strGroupDN = "cn=TestGroup,ou=Sales,dc=MyDomain,dc=com"
' Bind to the group object.
Set objGroup = GetObject("LDAP://" & strGroupDN)
' Use FSO to open text file for read access.
Set objFSO = CreateObject("Scripting.FileSystemObject")
Set objFile = objFSO.OpenTextFile(strFile, ForReading)
' Read the text file.
Do Until objFile.AtEndOfStream
' Retrieve user name.
strUser = Trim(objFile.ReadLine)
' Skip blank lines.
If (strUser <> "") Then
' Use Set method to specify NT format of Name.
' Trap error if user not found.
On Error Resume Next
objTrans.Set ADS_NAME_TYPE_NT4, strNetBIOSDomain _
& "\" & strUser
If (Err.Number = 0) Then
On Error GoTo 0
' Use Get method to retrieve Distinguished Name.
strUserDN = objTrans.Get(ADS_NAME_TYPE_1779)
' Check if user a member of the group.
If (objGroup.IsMember("LDAP://" & strUserDN) = True) Then
Wscript.Echo "User " & strUser & " is a member of the group"
Else
Wscript.Echo "User " & strUser & " is NOT a member of the
group"
End If
Else
On Error GoTo 0
' user does not exist.
Wscript.echo "User " & strUser & " not found."
End If
End If
Loop
' Clean up.
objFile.Close
--
Richard Mueller
MVP Directory Services
Hilltop Lab - http://www.rlmueller.net
--
|
|
|
0
|
|
|
|
Reply
|
Richard
|
11/20/2009 2:33:45 AM
|
|
Search |
Post Question |
Groups |
Stream |
About |
Register
565 articles. 
2 followers. 
1 Replies
694 Views
