asked on

How to search ADUC for users that are not in a Group

The company I work for setup web groups to manage who can be on the internet at what time. The groups
Web_Tier 1 -Internet all the time
Web_Tier 2 Internet after lunch
Web_Tier 3 Internet after hours.
Here is where the problem is, if the member is not in one of these groups they get access to the internet all the time. I need a way to search Active Directory Users and Computers for users that are not I'm any of the groups. If that search is not possible, then if I can just search for users not in web_tier 3. that search would work because 80% of the users are in web_tier3.
Any help would be greatly appreciated

valicon

You will need a script to do this. The easiest way is to run the following script to see who is not in a certain group, in your case you would run this script against the web_tier3 group.

http://www.microsoft.com/technet/scriptcenter/scripts/ad/groups/default.mspx?mfr=true

Other scripts that you may find useful can be found here:

http://www.microsoft.com/technet/scriptcenter/scripts/ad/groups/default.mspx?mfr=true

There are many ways to do what you are asking, but using these ready made scripts should fit the bill.

ASKER CERTIFIED SOLUTION

Mike Kline

membership

This solution is only available to members.

To access this solution, you must be a member of Experts Exchange.

Start Free Trial

dh061

ASKER

Mike, thankyou very much for your help you saved me a lot of work. Is there anyway to make it put the inputs on a spread sheet?

Mike Kline

Do you want to output those to a spreadsheet?
that you can do by
adfind -default -f "&(objectcategory=person)(objectclass=user)(!memberof=DN of web_tier 3)" samaccountname -csv > c:\notmember.csv

Thanks
Mike

dh061

ASKER

Thanks again Mike, your simply the best!