Find all members in a group

Hi,

I need to find all the members in a group.Need to export the contents to a txt file.Like users who are members and their mail ID.

THX
Sharath
LVL 11
bsharathAsked:
Who is Participating?
 
sirbountyConnect With a Mentor Commented:
Try this version - remember to adjust the group name below (it appears, after re-reading this, you only want 'one' group?)

'FindMembers.vbs
On Error Resume Next
Const ADS_SCOPE_SUBTREE = 2
strGroup = "MktAdmins"  'adjust to the group name here...

Dim objConnection, objCommand, objRecordSet, objGroup, objUser
Dim strOutput, ts, strComputer
Dim rootDSE, sADSPath, colGroups
 
Dim objFSO: Set objFSO = CreateObject("Scripting.FileSystemObject")
strOutput = "C:\GroupMembers.log"  'change to reflect your output...

Set rootDSE = GetObject("LDAP://rootDSE")
sADSPath = rootDSE.Get("defaultNamingContext")
Set objConnection = CreateObject("ADODB.Connection")
Set objCommand = CreateObject("ADODB.Command")
objConnection.Provider = "ADsDSOObject"
objConnection.Open "Active Directory Provider"
Set objCommand.ActiveConnection = objConnection
objCommand.Properties("Page Size") = 1000
objCommand.Properties("Timeout") = 300
objCommand.Properties("Searchscope") = ADS_SCOPE_SUBTREE
objCommand.Properties("Cache Results") = False
 
Set ts = objFSO.CreateTextFile(strOutput)

objCommand.CommandText = "Select Name, adSPath FROM 'LDAP://" & sADSPath & "' " & "WHERE objectClass='group' And Name='" & strGroup & "'"
Set objRecordSet = objCommand.Execute
 
objRecordSet.MoveFirst
 
Do Until objRecordSet.EOF
      strGroup = objRecordSet.Fields("Name").Value
      ts.WriteLine "Members of " & strGroup
      Set objGroup = GetObject(objRecordSet.Fields("adspath").Value)
      If objGroup.Members.Count > 0 Then
        For Each strUser In objGroup.Member
          Set objUser = GetObject("LDAP://" & strUser)
          ts.WriteLine vbTab & objUser.givenName & " " & objUser.sn & " (" & objUser.mail & ")"
        Next
        Set objGroup = Nothing
      End If
      objRecordSet.MoveNext
      ts.WriteLine
    Loop
 ts.Close
Wscript.Echo "Complete"
 
Set objFSO = Nothing
Set ts = Nothing
Set rootDSE = Nothing
Set objConnection = Nothing
Set objCommand = Nothing
Set objRecordSet = Nothing
Set colGroups = Nothing
Wscript.quit

0
 
LauraEHunterMVPCommented:
adfind -b cn=GroupA,dc=domain,dc=com -asq member
0
 
sirbountyCommented:
Here's a script that I've recently written that should do just that for you...save as FindMembers.vbs and double-click it to run.


Dim objFSO, objConnection, objCommand, objRecordSet, objGroup, objUser
Dim strOutput, ts, strComputer
Dim rootDSE, sADSPath, colGroups
 
Const ADS_SCOPE_SUBTREE = 2
 
Set objFSO=CreateObject("Scripting.FileSystemObject")
strOutput= "C:\LocalGroupMembers.log"
set ts = objFSO.CreateTextFile(strOutput)
 
Set rootDSE = GetObject("LDAP://rootDSE")
sADSPath = rootDSE.Get("defaultNamingContext")
Set objConnection = CreateObject("ADODB.Connection")
Set objCommand =   CreateObject("ADODB.Command")
objConnection.Provider = "ADsDSOObject"
objConnection.Open "Active Directory Provider"
Set objCommand.ActiveConnection = objConnection
objCommand.CommandText = "Select Name, canonicalName FROM 'LDAP://" & sADSPath & "' " & "WHERE objectClass='computer' ORDER BY Name"
objCommand.Properties("Page Size") = 1000
objCommand.Properties("Timeout") = 300
objCommand.Properties("Searchscope") = ADS_SCOPE_SUBTREE
objCommand.Properties("Cache Results") = False
Set objRecordSet = objCommand.Execute
 
objRecordSet.MoveFirst
Do Until objRecordSet.EOF
  strComputer = objRecordSet.Fields("Name").Value
  ts.WriteLine "=================" & "Querying " & strComputer & "================="
  ts.WriteLine
  Set colGroups = GetObject("WinNT://" & strComputer & "")
  colGroups.Filter = Array("group")
  For Each objGroup In colGroups
    ts.WriteLine objGroup.Name & " contains the following members:"
    ts.WriteLine "----------------------------------------------------"
    For Each objUser in objGroup.Members
        ts.WriteLine objUser.Name
    Next
    ts.WriteLine "----------------------------------------------------"
  Next
   objRecordSet.MoveNext
Loop
 
ts.Close
wscript.echo "Complete"
 
Set objFSO=Nothing
Set ts = Nothing
Set rootDSE = Nothing
Set objConnection = Nothing
Set objCommand =   Nothing
Set objRecordSet = Nothing
Set colGroups = Nothing
wscript.quit
 
0
Simplify Active Directory Administration

Administration of Active Directory does not have to be hard.  Too often what should be a simple task is made more difficult than it needs to be.The solution?  Hyena from SystemTools Software.  With ease-of-use as well as powerful importing and bulk updating capabilities.

 
bsharathAuthor Commented:
sirbounty:

Should i make any changes in this script
0
 
sirbountyCommented:
If you have root access, it's not necessary, but looking over this again, it's designed to pull group membership of all devices in the domain...doesn't look like that's what you wanted (I misread)...use this version instead - no need to change anything, unless you want the output file placed elsewhere (currently c:\GroupMembers.log)

'FindMembers.vbs
Const ADS_SCOPE_SUBTREE = 2

Dim objConnection, objCommand, objRecordSet, objGroup, objUser
Dim strOutput, ts, strComputer
Dim rootDSE, sADSPath, colGroups
 
Dim objFSO: Set objFSO = CreateObject("Scripting.FileSystemObject")
strOutput = "C:\GroupMembers.log"  'change to reflect your output...
 
Set rootDSE = GetObject("LDAP://rootDSE")
sADSPath = rootDSE.Get("defaultNamingContext")
Set objConnection = CreateObject("ADODB.Connection")
Set objCommand = CreateObject("ADODB.Command")
objConnection.Provider = "ADsDSOObject"
objConnection.Open "Active Directory Provider"
Set objCommand.ActiveConnection = objConnection
objCommand.Properties("Page Size") = 1000
objCommand.Properties("Timeout") = 300
objCommand.Properties("Searchscope") = ADS_SCOPE_SUBTREE
objCommand.Properties("Cache Results") = False
 
Set ts = objFSO.CreateTextFile(strOutput)

objCommand.CommandText = "Select Name, adSPath FROM 'LDAP://" & sADSPath & "' " & "WHERE objectClass='group'"
Set objRecordSet = objCommand.Execute
 
objRecordSet.MoveFirst
 
Do Until objRecordSet.EOF
      strGroup = objRecordSet.Fields("Name").Value
      ts.WriteLine "Members of " & strGroup
      Set objGroup = GetObject(objRecordSet.Fields("adspath").Value)
        If objGroup.Members.Count > 0 Then
          For Each strUser In objGroup.Member
            Set objUser = GetObject("LDAP://" & strUser)
            ts.WriteLine vbTab & objUser.givenName & " " & objUser.sn
          Next
        End If
        objRecordSet.MoveNext
        ts.WriteLine
    Loop
 ts.Close
Wscript.Echo "Complete"
 
Set objFSO = Nothing
Set ts = Nothing
Set rootDSE = Nothing
Set objConnection = Nothing
Set objCommand = Nothing
Set objRecordSet = Nothing
Set colGroups = Nothing
Wscript.quit
0
 
Pete LongTechnical ConsultantCommented:
Hello bsharath,

This is what I use

-=-=-=-=-=-=-=-=-=-=-=-=-=-  Code Below  -=-=-=-=-=-=-=-=-=-=-=-=-=-  

Dim myNetwork
Set myNetwork = CreateObject("Wscript.Network")

strDomain = myNetwork.UserDomain

Set objDomain = getobject("WinNT://" & strDomain) 'Grab the domain object
objDomain.filter = Array("Group") 'Filter for just computers.

Dim myFSO
Set myFSO = CreateObject("Scripting.FileSystemObject")
Set myFile = myFSO.CreateTextFile("GroupMembership.txt",1)

myOutput = ""

For each objGroup in objDomain
    myOutput = myOutput & objGroup.Name & vbcrlf
   For Each objUser in objGroup.Members
'          myOutput = myOutput & vbtab & objUser.Name & vbcrlf
         If right(objUser.name,1) <> "$" Then
              myOutput = myOutput & vbtab & objUser.Name & vbcrlf
         End if
   Next
Next

WScript.Echo myOutput
myfile.writeline myOutput

-=-=-=-=-=-=-=-=-=-=-=-=-=-  End Code  -=-=-=-=-=-=-=-=-=-=-=-=-=-  

Then open GroupMembership.txt file and it should have everything you need.  

Regards,

PeteLong
0
 
bsharathAuthor Commented:
sirbounty:

I get this error.

---------------------------
Windows Script Host
---------------------------
Script:   C:\file.vbs
Line:      34
Char:     11
Error:     Object not a collection
Code:    800A01C3
Source:                 Microsoft VBScript runtime error

---------------------------
OK  
---------------------------
0
 
bsharathAuthor Commented:
PeteLong:

I get this error

---------------------------
Windows Script Host
---------------------------
Script:      C:\ab.vbs
Line:      11
Char:      1
Error:      Permission denied
Code:      800A0046
Source:       Microsoft VBScript runtime error

---------------------------
OK  
---------------------------
0
 
sirbountyCommented:
Change this Do loop...

 
Do Until objRecordSet.EOF
      strGroup = objRecordSet.Fields("Name").Value
      ts.WriteLine "Members of " & strGroup
      Set objGroup = GetObject(objRecordSet.Fields("adspath").Value)
      If IsArray(objGroup.Member) Then
        If objGroup.Members.Count > 0 Then
          For Each strUser In objGroup.Member
            Set objUser = GetObject("LDAP://" & strUser)
            ts.WriteLine vbTab & objUser.givenName & " " & objUser.sn
          Next
        End If
      End If
      objRecordSet.MoveNext
      ts.WriteLine
    Loop
 ts.Close
Wscript.Echo "Complete"
0
 
bsharathAuthor Commented:
sirbounty:

I get this error.

C:\>cscript file.vbs
Microsoft (R) Windows Script Host Version 5.6
Copyright (C) Microsoft Corporation 1996-2001. All rights reserved.

C:\file.vbs(36, 13) (null): There is no such object on the server.
0
 
sirbountyCommented:
Hmm - I'm not at work now, but try
For Each strUser In objGroup.Members
(with an 's' on the end of Members)
0
 
bsharathAuthor Commented:
PeteLong:

Your script got me the data but not the email id's.Can you modify this script to retrieve the mail id's

Regards
Sharath
0
 
bsharathAuthor Commented:
sirbounty:
I get this error.

C:\file.vbs(36, 13) Microsoft VBScript runtime error: Wrong number of arguments
or invalid property assignment
0
 
bsharathAuthor Commented:
Any help
0
 
bsharathAuthor Commented:
Thanks a lot this worked.Great help.


I have many groups in another domain controller.Is it possible to get the group details from that domain controller.

0
 
sirbountyCommented:
"Is it possible to get the group details from that domain controller."
Not sure what you mean by this?
0
 
bsharathAuthor Commented:
We create all groups on our main domain controller.I am not sure on the architecture to explain

will this script search any group in the ADS
0
 
sirbountyCommented:
Oh, yes - this searches from the 'root'...
So if your root domain is
house.com
it'll start the search from there and go down...
kitchen.house.com
bedroom.house.com
closet.bedroom.house.com
etc...

To specify only a certain domain, replace this line:
sADSPath = rootDSE.Get("defaultNamingContext")

with
sADSPath = "DC=Development,DC=Company,DC=Com"

Case doesn't matter so much, but it needs to be in that format...
0
 
bsharathAuthor Commented:
I tried but did not work.

I have 1 main domain in which i have 3 child domain i need to get data from the main domain.Can you check.
0
 
sirbountyCommented:
With that same script?
How'd you lay out the sadspath?
Any errors - or just no results?
0
 
bsharathAuthor Commented:
Yes the same script.
I change it as "DC=main,DC=Company,DC=Com"
No results
0
Question has a verified solution.

Are you are experiencing a similar issue? Get a personalized answer when you ask a related question.

Have a better answer? Share it in a comment.

All Courses

From novice to tech pro — start learning today.