This blog is by design...: November 2005

Tuesday, November 22, 2005

Enumerate AD group using NT Name and NameTranslate Method

This is a revision on my earlier post today. It was noted that
the first post didn't pick up contacts. I revised this one so it
will pick up any object in the dist list.

'***************************************************
'The constant below should reflect the name of the group
'you wish to enumerate. For a Distribution group, you must
'use the 'alias' name rather than the display name of the group
'See ADUsers and computers to find the alias name of a dist group

Const strGroup = "ITNET"

'This will create a file in a folder called c:\reports. Either create
'the folder or change the hardcoded path down below
'***************************************************
On Error Resume Next
Const ADS_NAME_INITTYPE_GC = 3
Const ADS_NAME_TYPE_USER_PRINCIPAL_NAME = 9
Const ADS_NAME_TYPE_NT4 = 3
Const ADS_NAME_TYPE_1779 = 1 'Distinguished Name

Set objRootDSE = GetObject("LDAP://rootDSE")
Set objDomainRoot = GetObject("LDAP://"& _
objRootDSE.Get("defaultNamingContext"))
strDomain = Right(objDomainRoot.Name, Len(objDomainRoot.Name)-3)
'wscript.Echo strDomain

Set filesys = CreateObject("Scripting.FileSystemObject")
Set memberfile = filesys.CreateTextFile("c:\Reports\"& _
strGroup &".txt", True)

Set objTrans = CreateObject("NameTranslate")

'********************
'translate NT group name into AD DistinguishedName

objTrans.Init ADS_NAME_TYPE_1779, strDomain
objTrans.Set ADS_NAME_TYPE_NT4, strDomain & "\" & strGroup
strGroupDN = objTrans.Get(ADS_NAME_TYPE_1779)
'wscript.Echo strGroupDN
'*********************

set objGroup = GetObject("LDAP://"& strGroupDN)
'wscript.Echo objGroup.displayName

arrMember = objGroup.GetEx("member")
For Each User in arrMember
'WScript.Echo vbTab & User

set objUser = GetObject("LDAP://"& User)
set objProxy = GetObject("LDAP://"& objUser.distinguishedName)

For Each proxyAddresses in objProxy.GetEx("proxyAddresses")
If Instr(proxyAddresses, "SMTP:") then
strEmail = Right(proxyAddresses, Len(proxyAddresses)-5)
End If
Next

memberfile.Writeline objUser.mailNickName & "," & strEmail
Next
memberfile.close

set objRootDSE = Nothing
set objDomainRoot = Nothing
set filesys = Nothing
set memberfile = Nothing
set objTrans = Nothing
set objGroup = Nothing
set userObj = Nothing
set objProxy = Nothing

wscript.Echo "All Done"

Enumerate Group Membership, Print SMTP address in File - VBSCRIPT

The script below was done per request, it will print the
samAccountName and PRIMARY smtp address (if there is one)
for all users in a given group (distribution or security,
doesn't matter.)

The script will put them in a folder called C:\Reports,
you need to either create that folder on your C: drive
or edit the code to place the file where you'd like it
to go.

I used a few different methods in this one, mixing some
NT methods in, and threw in some name translate methods.
It was fun to write.

Enjoy!

'**************************************************
'The constant below should reflect the name of the group
'you wish to enumerate. For a Distribution group, you must
'use the 'alias' name rather than the display name of the group
'See ADUsers and computers to find the alias name of a dist group

Const strGroup = "ALLUSERS"

'This will create a file in a folder called c:\reports. Either create
'the folder or change the hardcoded path down below
'**************************************************
On Error Resume Next
Const ADS_NAME_INITTYPE_GC = 3
Const ADS_NAME_TYPE_USER_PRINCIPAL_NAME = 9
Const ADS_NAME_TYPE_NT4 = 3
Const ADS_NAME_TYPE_1779 = 1 'Distinguished Name

Set objRootDSE = GetObject("LDAP://rootDSE")
Set objDomainRoot = GetObject("LDAP://"& _
objRootDSE.Get("defaultNamingContext"))
strDomain = Right(objDomainRoot.Name, Len(objDomainRoot.Name)-3)
'wscript.Echo strDomain

Set filesys = CreateObject("Scripting.FileSystemObject")
Set memberfile = filesys.CreateTextFile("c:\Reports\"& _
strGroup &".txt", True)

Set objTrans = CreateObject("NameTranslate")
Set objGroup = GetObject("WinNT://" & _
strDomain & "/" & strGroup & ",group")

For Each objMember In objGroup.Members
username = objMember.Name
Set UserObj = GetObject("WinNT://"& _
strDomain & "/" & username)
displayname = userobj.fullname

strUser = rtrim(Ucase(username))

objTrans.Init ADS_NAME_TYPE_1779, strDomain
objTrans.Set ADS_NAME_TYPE_NT4, strDomain & "\" & strUser
strUserDN = objTrans.Get(ADS_NAME_TYPE_1779)
set objUser = GetObject("LDAP://"& strUserDN)
set objProxy = GetObject("LDAP://"& objUser.distinguishedName)

For Each proxyAddresses in objProxy.GetEx("proxyAddresses")
If Instr(proxyAddresses, "SMTP:") then
strEmail = Right(proxyAddresses, Len(proxyAddresses)-5)
End If
Next

memberfile.Writeline strUser & "," & strEmail
Next
memberfile.close

set objRootDSE = Nothing
set objDomainRoot = Nothing
set filesys = Nothing
set memberfile = Nothing
set objTrans = Nothing
set objGroup = Nothing
set userObj = Nothing
set objProxy = Nothing

wscript.Echo "All Done"

About

Just sharing some of the scripts I've written that make my life as a computer network engineer much easier.. Hope they help you out, please feel free to comment.

: Name: kristinaw; Location: Norfolk, Virginia, United States

I'm a Network Engineer III for the City of Norfolk, VA. Certs include MCSE 2003, MCSA + Messaging (2000 & 2003) and I received an MVP for Exchange award from Microsoft in 01/06. My strengths include AD, Exchange and vbscripting. I'm kind of a 'Jill of All Trades' and do a little bit of everything. I also work on Cisco equipment, CPFW-NG, Citrix Presentation Server and tons of other stuff.

View my complete profile

This blog is by design...

Tuesday, November 22, 2005

Enumerate AD group using NT Name and NameTranslate Method

Enumerate Group Membership, Print SMTP address in File - VBSCRIPT

About

About Me

Links

Previous

Archives