VBScript to list what groups a group is member of

crayonas
crayonas used Ask the Experts™
on
I have a list of groups in a txt document. I need to make a script reading from this document, and giving me a list of all the groups the groups in the list is member of (group nesting..). How is this possible ?
Comment
Watch Question

Do more with

Expert Office
EXPERT OFFICE® is a registered trademark of EXPERTS EXCHANGE®

Commented:
hello,

yes this is possible, in wich format to you got your groups in your file ? name or distinguished name ?

you have one group by line in the txt file ?

ex:

group1
group2
...


Author

Commented:
Yes, the list is one group pr line in the txt document. The format is name..

groupname1
groupname2
groupname3
..

Commented:
Ok, here is your script (adapted from this one : http://www.tek-tips.com/viewthread.cfm?qid=1348699)

Just replace the path in "spec" variable at the beginning of the script with the fullpath of your text file.

regards,

'==========================================================================
'
' NAME: RecursiveGroupMemberSearch.vbs
'
' AUTHOR: Mark D. MacLachlan , The Spider's Parlor' 
' URL: http://www.thespidersparlor.com
' DATE  : 3/22/2007
' COPYRIGHT (c) 2007 All Rights Reserved
'
' COMMENT: 
'
'    THIS CODE AND INFORMATION IS PROVIDED "AS IS" WITHOUT WARRANTY OF
'    ANY KIND, EITHER EXPRESSED OR IMPLIED, INCLUDING BUT NOT LIMITED To
'    THE IMPLIED WARRANTIES OF MERCHANTABILITY AND/OR FITNESS FOR A
'    PARTICULAR PURPOSE.
'
'    IN NO EVENT SHALL THE SPIDER'S PARLOR AND/OR ITS RESPECTIVE SUPPLIERS 
'    BE LIABLE FOR ANY SPECIAL, INDIRECT OR CONSEQUENTIAL DAMAGES OR ANY
'    DAMAGES WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS,
'    WHETHER IN AN ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS
'    ACTION, ARISING OUT OF OR IN CONNECTION WITH THE USE OR PERFORMANCE
'    OF THIS CODE OR INFORMATION.
'
'==========================================================================
 
spec="c:\group.txt"
set fso=createobject("scripting.filesystemobject")
set ots=fso.opentextfile(fspec)
 
do while not ots.endofstream
    s=ots.readline     'this is your ip address 127.0.0.1 for instance
    gDN = SearchGroup(s)
loop
 
ots.close
set ots=nothing
set fso=nothing
 
 
 
GetMembers(gDN)
Function GetMembers(gDN)
    Set objGroup = GetObject("LDAP://" & gDN)
    objGroup.GetInfo
    arrMemberOf = objGroup.GetEx("member")
    
    For Each strMember in arrMemberOf
        Set objMember = GetObject("LDAP://" & strMember)
        ObjDisp = objMember.Name
        oDL = Len(ObjDisp) - 3
        ObjDisp = Right(ObjDisp,oDL)
        ObjCatArray = Split(objMember.objectCategory,",")
        oType = ObjCatArray(0)
        oTL = Len(oType) - 3
        oType = Right(oType,oTL)
        WScript.Echo "Member:" & ObjDisp & Space(20-Len(ObjDIsp)) &" Type:" & oType
        If oType = "Group" Then
            GetMembers(strMember)
        End If
        Set objMember = Nothing
    Next
End Function
 
Public Function SearchGroup(ByVal vSAN)
    Dim oRootDSE, oConnection, oCommand, oRecordSet
    Set oRootDSE = GetObject("LDAP://rootDSE")
    Set oConnection = CreateObject("ADODB.Connection")
    oConnection.Open "Provider=ADsDSOObject;"
    Set oCommand = CreateObject("ADODB.Command")
    oCommand.ActiveConnection = oConnection
    oCommand.CommandText = "<LDAP://" & oRootDSE.get("defaultNamingContext") & _
        ">;(&(objectCategory=Group)(samAccountName=" & vSAN & "));distinguishedName;subtree"
    Set oRecordSet = oCommand.Execute
    On Error Resume Next
    SearchGroup = oRecordSet.Fields("distinguishedName")
    On Error GoTo 0
    oConnection.Close
    Set oRecordSet = Nothing
    Set oCommand = Nothing
    Set oConnection = Nothing
    Set oRootDSE = Nothing
End Function

Open in new window

PMI ACP® Project Management

Prepare for the PMI Agile Certified Practitioner (PMI-ACP)® exam, which formally recognizes your knowledge of agile principles and your skill with agile techniques.

Author

Commented:
When I try to run this script I get the error message object does not support this property or method : 'ots.endofstream'.

I see that this is at the beginning of the script.. You know why this message is comming ?

Commented:
okay, a little mistake in my code, try this one :


'==========================================================================
'
' NAME: RecursiveGroupMemberSearch.vbs
'
' AUTHOR: Mark D. MacLachlan , The Spider's Parlor' 
' URL: http://www.thespidersparlor.com
' DATE  : 3/22/2007
' COPYRIGHT (c) 2007 All Rights Reserved
'
' COMMENT: 
'
'    THIS CODE AND INFORMATION IS PROVIDED "AS IS" WITHOUT WARRANTY OF
'    ANY KIND, EITHER EXPRESSED OR IMPLIED, INCLUDING BUT NOT LIMITED To
'    THE IMPLIED WARRANTIES OF MERCHANTABILITY AND/OR FITNESS FOR A
'    PARTICULAR PURPOSE.
'
'    IN NO EVENT SHALL THE SPIDER'S PARLOR AND/OR ITS RESPECTIVE SUPPLIERS 
'    BE LIABLE FOR ANY SPECIAL, INDIRECT OR CONSEQUENTIAL DAMAGES OR ANY
'    DAMAGES WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS,
'    WHETHER IN AN ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS
'    ACTION, ARISING OUT OF OR IN CONNECTION WITH THE USE OR PERFORMANCE
'    OF THIS CODE OR INFORMATION.
'
'==========================================================================
 
spec="c:\group.txt"
set fso=createobject("scripting.filesystemobject")
set MyFile=fso.opentextfile(fspec)
 
Do While MyFile.AtEndOfStream <> True
    TextLine = MyFile.ReadLine
    gDN = SearchGroup(TextLine)
Loop
set fso=nothing
 
 
 
GetMembers(gDN)
Function GetMembers(gDN)
    Set objGroup = GetObject("LDAP://" & gDN)
    objGroup.GetInfo
    arrMemberOf = objGroup.GetEx("member")
    
    For Each strMember in arrMemberOf
        Set objMember = GetObject("LDAP://" & strMember)
        ObjDisp = objMember.Name
        oDL = Len(ObjDisp) - 3
        ObjDisp = Right(ObjDisp,oDL)
        ObjCatArray = Split(objMember.objectCategory,",")
        oType = ObjCatArray(0)
        oTL = Len(oType) - 3
        oType = Right(oType,oTL)
        WScript.Echo "Member:" & ObjDisp & Space(20-Len(ObjDIsp)) &" Type:" & oType
        If oType = "Group" Then
            GetMembers(strMember)
        End If
        Set objMember = Nothing
    Next
End Function
 
Public Function SearchGroup(ByVal vSAN)
    Dim oRootDSE, oConnection, oCommand, oRecordSet
    Set oRootDSE = GetObject("LDAP://rootDSE")
    Set oConnection = CreateObject("ADODB.Connection")
    oConnection.Open "Provider=ADsDSOObject;"
    Set oCommand = CreateObject("ADODB.Command")
    oCommand.ActiveConnection = oConnection
    oCommand.CommandText = "<LDAP://" & oRootDSE.get("defaultNamingContext") & _
        ">;(&(objectCategory=Group)(samAccountName=" & vSAN & "));distinguishedName;subtree"
    Set oRecordSet = oCommand.Execute
    On Error Resume Next
    SearchGroup = oRecordSet.Fields("distinguishedName")
    On Error GoTo 0
    oConnection.Close
    Set oRecordSet = Nothing
    Set oCommand = Nothing
    Set oConnection = Nothing
    Set oRootDSE = Nothing
End Function

Open in new window

Author

Commented:
Now I get an error on this line.. Set objGroup = GetObject("LDAP://" & gDN)

Author

Commented:
My liste is like this :

"Domain Users"
"Office 2007"
"Domain Admins"
--

Commented:
Ok, Seems that I need to check it on my lab, gives my five minutes to debug this ;)

Author

Commented:
Did you figure it out ? :)
Commented:
Hello,

try this one and make sure that there are no blank line at the end of your text file.


'==========================================================================
'
' NAME: RecursiveGroupMemberSearch.vbs
'
' AUTHOR: Mark D. MacLachlan , The Spider's Parlor' 
' URL: http://www.thespidersparlor.com
' DATE  : 3/22/2007
' COPYRIGHT (c) 2007 All Rights Reserved
'
' COMMENT: 
'
'    THIS CODE AND INFORMATION IS PROVIDED "AS IS" WITHOUT WARRANTY OF
'    ANY KIND, EITHER EXPRESSED OR IMPLIED, INCLUDING BUT NOT LIMITED To
'    THE IMPLIED WARRANTIES OF MERCHANTABILITY AND/OR FITNESS FOR A
'    PARTICULAR PURPOSE.
'
'    IN NO EVENT SHALL THE SPIDER'S PARLOR AND/OR ITS RESPECTIVE SUPPLIERS 
'    BE LIABLE FOR ANY SPECIAL, INDIRECT OR CONSEQUENTIAL DAMAGES OR ANY
'    DAMAGES WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS,
'    WHETHER IN AN ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS
'    ACTION, ARISING OUT OF OR IN CONNECTION WITH THE USE OR PERFORMANCE
'    OF THIS CODE OR INFORMATION.
'
'==========================================================================
 
spec="c:\group.txt"
set fso=createobject("scripting.filesystemobject")
set MyFile=fso.opentextfile(fspec)
 
Do While MyFile.AtEndOfStream <> True
    TextLine = MyFile.ReadLine
    gDN = SearchGroup(TextLine)
    GetMembers(gDN)
Loop
set fso=nothing
 
 
Function GetMembers(gDN)
   
    Set objGroup = GetObject("LDAP://" & gDN)
    objGroup.GetInfo
    arrMemberOf = objGroup.GetEx("member")
    
    For Each strMember in arrMemberOf
        Set objMember = GetObject("LDAP://" & strMember)
        ObjDisp = objMember.Name
        oDL = Len(ObjDisp) - 3
        ObjDisp = Right(ObjDisp,oDL)
        ObjCatArray = Split(objMember.objectCategory,",")
        oType = ObjCatArray(0)
        oTL = Len(oType) - 3
        oType = Right(oType,oTL)
        WScript.Echo "Member:" & ObjDisp & Space(20-Len(ObjDIsp)) &" Type:" & oType
        If oType = "Group" Then
            GetMembers(strMember)
        End If
        Set objMember = Nothing
    Next
End Function
 
Public Function SearchGroup(ByVal vSAN)
    Dim oRootDSE, oConnection, oCommand, oRecordSet
    Set oRootDSE = GetObject("LDAP://rootDSE")
    Set oConnection = CreateObject("ADODB.Connection")
    oConnection.Open "Provider=ADsDSOObject;"
    Set oCommand = CreateObject("ADODB.Command")
    oCommand.ActiveConnection = oConnection
    oCommand.CommandText = "<LDAP://" & oRootDSE.get("defaultNamingContext") & _
        ">;(&(objectCategory=Group)(samAccountName=" & vSAN & "));distinguishedName;subtree"
    Set oRecordSet = oCommand.Execute
    On Error Resume Next
    SearchGroup = oRecordSet.Fields("distinguishedName")
    On Error GoTo 0
    oConnection.Close
    Set oRecordSet = Nothing
    Set oCommand = Nothing
    Set oConnection = Nothing
    Set oRootDSE = Nothing
End Function

Open in new window

Do more with

Expert Office
Submit tech questions to Ask the Experts™ at any time to receive solutions, advice, and new ideas from leading industry professionals.

Start 7-Day Free Trial