Link to home
Start Free TrialLog in
Avatar of bpl5000
bpl5000

asked on

Search for a group in AD

Is there a way to search for a group using vb script?  I want to search for a group, and if it exists, return the location.  Anyway to do this?  I have code to list the members of a group, but right now I have it pointing to the Accounting OU.  I need to first search for the group, then grab the members if the group does exist.  Any help would be appreciated!
   
Dim arrNames()
intSize = 0

Set objFSO = CreateObject("Scripting.FileSystemObject")
Set objFile = objFSO.CreateTextFile("members.txt", True)

strInput = UserInput( "Enter Group Name:" )

On Error Resume Next

Set objGroup = GetObject("LDAP://CN=" & strInput & ",OU=Accouting,OU=abc_Users,DC=abc,DC=local")

For Each strUser in objGroup.Member
    Set objUser =  GetObject("LDAP://" & strUser)
    ReDim Preserve arrNames(intSize)
    arrNames(intSize) = objUser.CN
    intSize = intSize + 1
Next

For i = (UBound(arrNames) - 1) to 0 Step -1
    For j= 0 to i
        If UCase(arrNames(j)) > UCase(arrNames(j+1)) Then
            strHolder = arrNames(j+1)
            arrNames(j+1) = arrNames(j)
            arrNames(j) = strHolder
        End If
    Next
Next 

For Each strName in arrNames
     objFile.WriteLine strName
Next

Wscript.Echo "Output Complete"

Function UserInput( myPrompt )
    ' Check if the script runs in CSCRIPT.EXE
    If UCase( Right( WScript.FullName, 12 ) ) = "\CSCRIPT.EXE" Then
        ' If so, use StdIn and StdOut
        WScript.StdOut.Write myPrompt & " "
        UserInput = WScript.StdIn.ReadLine
    Else
        ' If not, use InputBox( )
        UserInput = InputBox( myPrompt )
    End If
End Function

Open in new window

Avatar of josika
josika
Flag of United States of America image

Here you go.  Change the domain on Line 22
strInput = InputBox("Enter Group Name:")
Const ADS_SCOPE_SUBTREE = 2
Set objConnection = CreateObject("ADODB.Connection")
Set objCommand =   CreateObject("ADODB.Command")
objConnection.Provider = "ADsDSOObject"
objConnection.Open "Active Directory Provider"
Set objCommand.ActiveConnection = objConnection
objCommand.Properties("Page Size") = 1000
objCommand.Properties("Searchscope") = ADS_SCOPE_SUBTREE
objCommand.CommandText = "SELECT Name, ADSPath FROM 'LDAP://dc=domain,dc=com' WHERE objectCategory='group' " 
Set objRecordSet = objCommand.Execute
objRecordSet.MoveFirst
Do Until objRecordSet.EOF
	If Trim(LCase(strInput)) = Trim(LCase(objRecordSet.Fields("Name").Value)) Then
		Set oGroup = GetObject(objRecordSet.Fields("ADSPath").Value)
		arrMemberOf = oGroup.GetEx("member")
		For Each member In arrMemberOf
			WScript.Echo member
		Next
		Exit Do
	End If
	objRecordSet.MoveNext
Loop

Open in new window

Domain on Line 10 actually ^
And here it will output the members to a text file at 'c:\members.txt'

Once again, change the domain on Line 12 this time:

strInput = InputBox("Enter Group Name:")
Set objFSO = CreateObject("Scripting.FileSystemObject")
Set objFile = objFSO.CreateTextFile("c:\members.txt", True)
Const ADS_SCOPE_SUBTREE = 2
Set objConnection = CreateObject("ADODB.Connection")
Set objCommand =   CreateObject("ADODB.Command")
objConnection.Provider = "ADsDSOObject"
objConnection.Open "Active Directory Provider"
Set objCommand.ActiveConnection = objConnection
objCommand.Properties("Page Size") = 1000
objCommand.Properties("Searchscope") = ADS_SCOPE_SUBTREE
objCommand.CommandText = "SELECT Name, ADSPath FROM 'LDAP://dc=domain,dc=com' WHERE objectCategory='group' " 
Set objRecordSet = objCommand.Execute
objRecordSet.MoveFirst
Do Until objRecordSet.EOF
	If Trim(LCase(strInput)) = Trim(LCase(objRecordSet.Fields("Name").Value)) Then
		Set oGroup = GetObject(objRecordSet.Fields("ADSPath").Value)
		arrMemberOf = oGroup.GetEx("member")
		For Each member In arrMemberOf
			Set oUser = GetObject("LDAP://" & member)
			objFile.WriteLine oUser.cN
		Next
		Exit Do
	End If
	objRecordSet.MoveNext
Loop
WScript.Echo "Output Complete."
objFile.Close

Open in new window

Avatar of bpl5000
bpl5000

ASKER

That is awesome!  The code is very concise!  The only thing I needed to add is a statement checking if the group was found.  Before the Do loop, I put "foundGroup = 0" and within the group I put "foundGroup = 1".  After the loop I put...

If foundGroup = 0 Then
      MsgBox """" & strInput & """ is not a group"
Else
      MsgBox "Output Complete"
End If

Is there a better way of doing this?  I'm thinking this is probably as brief as it can be to check if the group exists, but you seem to have an ability to lessen the lines of code and make it more concise so I'm just curious if my above code could be reduce to a few lines?
ASKER CERTIFIED SOLUTION
Avatar of josika
josika
Flag of United States of America image

Link to home
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
Start Free Trial
Avatar of bpl5000

ASKER

Thanks for all the help, josika!  Now I have decided to make this script program into a VB.NET program.  If you're a VB.NET guru too, then maybe you can help me.  I have posted the code in the vb.net zone.

https://www.experts-exchange.com/questions/27244857/Need-to-convert-VB-Script-code-to-VB-NET.html
Sorry haven't used VB.NET in over 4 years.  Not too familiar with the language anymore.