Solved

a way/script to pull names from a query-based distribution group

Posted on 2008-10-24
7
1,371 Views
Last Modified: 2012-05-05
I am being tasked to find a way to pull names from a query-based distribution group for another department so they can manually verify who is actually in the groups to make sure they belong in them. Is there a script that someone has used before that can provide this information? I've been searching high and low for any sort of answer and have found nothing other than it isn't possible.
0
Comment
Question by:Medassurant
  • 4
  • 3
7 Comments
 
LVL 70

Expert Comment

by:Chris Dent
ID: 22802387

Yes, but you'd just be executing the query and parsing the results. Query based distribution groups have no membership except a point in time membership when a query is executed to expand membership.

If you just want to execute the query you'll need to let us know the server of Exchange. The method for 2003 differs from 2007.

Chris
0
 
LVL 2

Author Comment

by:Medassurant
ID: 22811827
Sorry. I didn't think about that. it's Exchange 2003.
0
 
LVL 2

Author Comment

by:Medassurant
ID: 22811852
Actually, if I could get it for both that would be great. We are in the process of converting from 2003 to 2007 so having the 2007 version for the future would  be awesome.
0
 
LVL 70

Accepted Solution

by:
Chris Dent earned 500 total points
ID: 22811932

You have quite a few methods available to you here. You could use AD Users and Computers Custom query, but that might be a bit hard work if you need to do this a lot.

We can also use DSQuery to get information like this, but it's not as flexible as would perhaps be nice. Then there's PowerShell which I love, but will need you to download things.

So... this example is VbScript (save as .vbs).

You need to fill in the value for "strFilter", this should contain the string used to filter the group. Do you need a base for the search other than the domain root (it fills that in for you at the moment, defaultNamingContext)?

It will return all fields listed in strFields (they must be entered as a comma delimited list).

The file returned by the script is Tab Delimited but should open up in Excel moderately neatly.

Chris


strFilter = "(sAMAccountName=*dentc)"

strFields = "distinguishedName,name,department"
 

Set objFileSystem = CreateObject("Scripting.FileSystemObject")

Set objFile = objFileSystem.OpenTextFile("groupmembers.txt", 2, True, 0)
 

objFile.WriteLine Replace(strFields, ",", VbTab)
 

Set objConnection = CreateObject("ADODB.Connection")

objConnection.Provider = "ADsDSOObject"

objConnection.Open "Active Directory Provider"

 

Set objRootDSE = GetObject("LDAP://RootDSE")

Set objRecordSet = objConnection.Execute( _

  "<LDAP://" & objRootDSE.Get("defaultNamingContext") & ">;" & _

  strFilter & ";" & strFields & ";subtree")

Set objRootDSE = Nothing
 

Dim arrLine()
 

While Not objRecordSet.EOF

  arrFields = Split(strFields, ",")
 

  ReDim arrLine(0)

  For i = 0 to UBound(arrFields)

    ReDim Preserve arrLine(i) : arrLine(i) = ""

    On Error Resume Next

    arrLine(i) = objRecordSet.Fields(arrFields(i)).Value

    On Error Goto 0

  Next
 

  objFile.WriteLine Join(arrLine, VbTab)
 

  objRecordSet.MoveNext

WEnd

Open in new window

0
 
LVL 70

Assisted Solution

by:Chris Dent
Chris Dent earned 500 total points
ID: 22812016

For Exchange 2007 it's nice and easy :) It's done from the Exchange Management Shell, you'd just need to fill in the group name, this one  exports the data returned to a CSV file.

Chris


$Group = Get-DynamicDistributionGroup "YourGroup"

$Recipients = Get-Recipient -RecipientPreviewFilter $Group.RecipientFilter

$Recipients | Export-CSV -Path "members.csv"

Open in new window

0
 
LVL 2

Author Closing Comment

by:Medassurant
ID: 31509825
I'm not sure that the question was fully understood. After getting these answers,(and nto understanding much myself), I showed it to our Senior SysAdmin just to take a look because to me, it looked like it was only doing a search on job title and giving out the results where what I needed was essentially to query a query I guess. To actually find a way to view the "Preview" in a query based distribution group. Which by other forums and such I've seen, just isn't possible.
0
 
LVL 70

Expert Comment

by:Chris Dent
ID: 22842686

The server itself only expands the lists at a point in time, only when it is required to do so to actually send to the recipients.

That means we don't have a static data set we can query. Instead our only option is to execute the query used by the list against AD. That's what the scripts above do, the Exchange 2007 version is must more elegant (or at least shorter) but technically isn't different in approach.

The Preview button works in exactly the same way. It ignores the group itself, and simply executes the query against AD, returning the results to the form or page to display them.

Looking at the VbScript above again, we have these fields at the top:

strFilter = "(sAMAccountName=*dentc)"
strFields = "distinguishedName,name,department"

Fields is just what the search returns, we can add as many as we want in there, it doesn't alter the search in any way, but if the results are being handed to someone else to verify it can include enough to make verification easy.

Filter on the other hand should be the LDAP filter used in the Query for the dynamic list. Running the script should return us exactly the same results as using the Preview button.

We could potentially extend the script so that it reads the query directly from the group rather than having it set by us. That wouldn't be very hard to sort out.

Chris
0

Join & Write a Comment

[b]Ok so now I will show you how to add a user name to the description at login. [/b] First connect to your DC (Domain Controller / Active Directory Server) SET PERMISSIONS FOR SCRIPT TO UPDATE COMPUTER DESCRIPTION TO USERNAME 1. Open Active …
Is your Office 365 signature not working the way you want it to? Are signature updates taking up too much of your time? Let's run through the most common problems that an IT administrator can encounter when dealing with Office 365 email signatures.
This tutorial will walk an individual through the process of transferring the five major, necessary Active Directory Roles, commonly referred to as the FSMO roles from a Windows Server 2008 domain controller to a Windows Server 2012 domain controlle…
This tutorial will walk an individual through the process of configuring their Windows Server 2012 domain controller to synchronize its time with a trusted, external resource. Use Google, Bing, or other preferred search engine to locate trusted NTP …

762 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

20 Experts available now in Live!

Get 1:1 Help Now