?
Solved

VB Script to show all Active Directory users that are not members of a particular group

Posted on 2009-04-28
2
Medium Priority
?
333 Views
Last Modified: 2012-05-06
I what to create a VB Script to querry AD for all users who are not currently members of a particular group.  Most scripts I find only show the current member of the group. Can this be done?
0
Comment
Question by:WH_Tech
2 Comments
 
LVL 71

Accepted Solution

by:
Chris Dent earned 2000 total points
ID: 24250023

Yep, it can.

You'd create an LDAP query like this:

(&(objectClass=user)(objectCategory=person)(!memberOf=CN=TheGroup,OU=Somewhere,DC=domain,DC=com))

Where the ! symbol negates the term in the query, returning all users who do not belong to that group.

Plugging that into a little VbScript we get this.

Chris

strFilter = "(&(objectClass=user)(objectCategory=person)(!memberOf=CN=TheGroup,OU=Somewhere,DC=domain,DC=com))"
strFields = "distinguishedName,name"
 
Set objConnection = CreateObject("ADODB.Connection")
objConnection.Provider = "ADsDSOObject"
objConnection.Open "Active Directory Provider"
 
Set objRootDSE = GetObject("LDAP://RootDSE")
Set objRecordSet = objConnection.Execute( _
  "<LDAP://" & objRootDSE.Get("defaultNamingContext") & ">;" & _
  strFilter & ";" & strFields & ";subtree")
Set objRootDSE = Nothing
 
While Not objRecordSet.EOF
 
  WScript.Echo objRecordSet.Fields("distinguishedName").Value & vbCrLf & _
    objRecordSet.Fields("name").Value
 
  objRecordSet.MoveNext
WEnd

Open in new window

0
 

Author Closing Comment

by:WH_Tech
ID: 31575414
Excellent, Thx!
0

Featured Post

[Webinar] Database Backup and Recovery

Does your company store data on premises, off site, in the cloud, or a combination of these? If you answered “yes”, you need a data backup recovery plan that fits each and every platform. Watch now as as Percona teaches us how to build agile data backup recovery plan.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Active Directory can easily get cluttered with unused service, user and computer accounts. In this article, I will show you the way I like to implement ADCleanup..
The article explains the process to deploy a Self-Service password reset portal I developed a few years ago. Hopefully, it will prove useful to someone.  Any comments, bug reports etc. are welcome...
This tutorial will walk an individual through setting the global and backup job media overwrite and protection periods in Backup Exec 2012. Log onto the Backup Exec Central Administration Server. Examine the services. If all or most of them are stop…
This video shows how to use Hyena, from SystemTools Software, to update 100 user accounts from an external text file. View in 1080p for best video quality.

571 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question