Solved

exporting security groups names & members

Posted on 2011-03-14
13
1,350 Views
Last Modified: 2012-05-11
hi,

how can i export all the security groups names in the AD and all its member in text or CSV file?

thanks
0
Comment
Question by:Ballack
  • 7
  • 5
13 Comments
 

Author Comment

by:Ballack
ID: 35127453
by the way it's windows server 2003 R2.
0
 
LVL 74

Expert Comment

by:Glen Knight
ID: 35127468
You could use CSVDE, see here for examples: http://www.computerperformance.co.uk/Logon/Logon_CSVDE_Export.htm

You could also use dsquery.

See some examples here from Chris-Dent: http://www.experts-exchange.com/Software/Server_Software/File_Servers/Active_Directory/Q_23725809.html
0
 
LVL 9

Expert Comment

by:Chev_PCN
ID: 35128101
Another option is to use ADFIND:

adfind -f "objectcategory=group" member >> C:\a\GrpMembers.txt
0
 

Author Comment

by:Ballack
ID: 35135403
hi demazter, thanks for replying.
could you please write the exact code since iam not that expert?

here is the scinario :
i have an OU called "QIP" and our domain is called "TAS" , inside that OU there is 80 groups and i want to export each group with its members individually in one file.

thanks you
0
 

Author Comment

by:Ballack
ID: 35135405
hi Chev,
 thanks for replying but I got this message when I apply your solution: 'adfind' is not recognized as an internal or external command,

although the GrpMember.txt has been created but it is empty.

0
 
LVL 9

Expert Comment

by:Chev_PCN
ID: 35135441
Hi Ballack.
Apologies. ADFIND is not a windows native application, and you can get it here:
http://joeware.net/freetools/tools/adfind/index.htm
0
 

Author Comment

by:Ballack
ID: 35135679
sorry Chev it didn't work even when i downloaded the ADFIND.
can you please give me the exact code based on this case:
i have an OU called "QIP" and our domain is called "TAS" , inside that OU there is 80 groups and i want to export each group with its members individually in one file.

thanks
0
 
LVL 9

Accepted Solution

by:
Chev_PCN earned 500 total points
ID: 35135713
If your domain is TAS.NET, it should be something along the lines of:
adfind -b ou=qip,dc=tas,dc=net -f "objectcategory=group" member >> C:\a\GrpMembers.txt
0
 

Author Comment

by:Ballack
ID: 35136105
thank you Chev it worked but the output little bit complicated see this example:

dn:CN=Account Operators,CN=Builtin,DC=tas,DC=com,DC=qa
>member: CN=AdminG,OU=Service Accounts,DC=tas,DC=com,DC=qa
>member: CN=XJohn Philips,OU=Service Accounts,DC=tas,DC=com,DC=qa

can it be only names of the groups and members ??


i found one command but it's working only for individual group, I have to write it everytime for each group to get their members, it is:

net group "groupname" /domain> c:report.txt
0
 
LVL 9

Expert Comment

by:Chev_PCN
ID: 35136171
You can use Excel to split the output into columns & then delete the unneeded data.
0
 

Author Comment

by:Ballack
ID: 35136228
great idea thanks man
0
 
LVL 9

Expert Comment

by:Chev_PCN
ID: 35136252
Always a pleasure!
Have a look at some of the other JoeWare tools - they are very handy.
ADFIND is quite powerful. Use ADFIND /?? to get the full manual.
0
 

Author Comment

by:Ballack
ID: 35136324
I see.

Thank you that the Manual will be very helpful.
0

Join & Write a Comment

I'm sure that every Windows systems administrator has written, or at least used, a batch or VBS login script at some point in their career, whether it is to map network drives, install printers, or set some user preferences.  No more! With Window…
In this article, we will see the basic design consideration while designing a Multi-tenant web application in a simple manner. Though, many frameworks are available in the market to develop a multi - tenant application, but do they provide data, cod…
This tutorial will walk an individual through the process of transferring the five major, necessary Active Directory Roles, commonly referred to as the FSMO roles from a Windows Server 2008 domain controller to a Windows Server 2012 domain controlle…
This tutorial will walk an individual through the process of transferring the five major, necessary Active Directory Roles, commonly referred to as the FSMO roles to another domain controller. Log onto the new domain controller with a user account t…

743 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

11 Experts available now in Live!

Get 1:1 Help Now