• Status: Solved
  • Priority: Medium
  • Security: Public
  • Views: 867
  • Last Modified:

DSquery/DSget assistance

I require a dsquery or dsget constructing so that I can obtain a list of users in a particular OU that are not members of 2 specific security groups.  The query should return the user ID and the first and last names.  Is anybody able to assist with this?
1 Solution
Chris DentPowerShell DeveloperCommented:

You know... it might be possible to do that with DS Tools, but it's considerably easier to do in VbScript.

If that approach works for you then save the following as a .vbs file. You will have to fill in the Const values at the top. Run from the command line with "cscript scriptname.vbs" or it'll just pop up lots of boxes.

Const OU = "OU=SomeOU,OU=SomeWhere,DC=YourDomain,DC=com"
Const GROUP_1 = "The First Group Name"
Const GROUP_2 = "The Second Group Name"

Set objOU = GetObject("LDAP://" & OU)
objOU.Filter = Array("user")

For Each objUser in objOU
      strMemberOf = Join(objUser.GetEx("memberOf"))

      If InStr(1, strMemberOf, "CN=" & GROUP_1, VbTextCompare) = 0 And_
                  InStr(1, strMemberOf, "CN=" & GROUP_2, VbTextCompare) = 0 Then

            WScript.Echo objUser.Get("sAMAccountName") & VbTab & objUser.Get("givenName") &_
                  VbTab & objUser.Get("sN")
      End If
Question has a verified solution.

Are you are experiencing a similar issue? Get a personalized answer when you ask a related question.

Have a better answer? Share it in a comment.

Join & Write a Comment

Featured Post

Creating Active Directory Users from a Text File

If your organization has a need to mass-create AD user accounts, watch this video to see how its done without the need for scripting or other unnecessary complexities.

Tackle projects and never again get stuck behind a technical roadblock.
Join Now