AboutPricingCommunityTeamsStart Free TrialLog in
Avatar of seaninman
seaninman
Flag for United States of America

asked on 

Modify VB Script to also pull in Security Group Memberships

I was wondering if someone could help me add some code to this script to output the security groups associated to each user as well as what is already being outputted.
'Define Constants
Const ForReading = 1
Const ADS_SCOPE_SUBTREE = 2 ' Search target object and all sub levels
Const ADS_GROUP_TYPE_SECURITY_ENABLED = &H80000000

DQ = Chr(34) 'Double Quote

WScript.Echo "Creating user file"

'Create Objects
Set objShell = CreateObject("WScript.Shell")
Set objFSO = CreateObject("Scripting.FileSystemObject")
Set SecurityGroups = CreateObject("System.Collections.ArrayList")
Set DistributionGroups = CreateObject("System.Collections.ArrayList")

'Construct an ADsPath to the Current Domain with rootDSE
Set objRootDSE = GetObject("LDAP://rootDSE")
strADsPath = "LDAP://" & objRootDSE.Get("defaultNamingContext")

'Connect to Active Directory
Set objConnection = CreateObject("ADODB.Connection")
Set objCommand = CreateObject("ADODB.Command")
objConnection.Provider = "ADsDSOObject"
objConnection.Open "Active Directory Provider"
Set objCommand.ActiveConnection = objConnection
objCommand.Properties("Page Size") = 1000
objCommand.Properties("Searchscope") = ADS_SCOPE_SUBTREE

'Create output text file
strScriptPath = Replace(WScript.ScriptFullName, WScript.ScriptName, "")
strOutputFilePath = strScriptPath & "users.txt"
Set objOutputFile = objFSO.CreateTextFile(strOutputFilePath)

'Search AD for user
objCommand.CommandText = _
"SELECT ADsPath FROM '" & strADsPath & _
"' WHERE objectCategory='user'"
Set objRecordSet = objCommand.Execute

'Verify user was found
If objRecordSet.EOF Then
	WScript.echo "No users were found."
Else
	objRecordSet.MoveFirst
	Do Until objRecordSet.EOF
		strUserADsPath = objRecordSet.Fields("ADsPath").Value

    'Connect to user account
    Set objUser = GetObject(strUserADsPath)
    
    'Format Last Logon Time Stamp
'Set objLastLogon=null
dtmLastLogon=""
on error resume next
Set objLastLogon = objUser.Get("lastLogonTimestamp")
if not isNull(objLastLogon) then
    intLastLogonTime = objLastLogon.HighPart * (2 ^ 32) + objLastLogon.LowPart
    intLastLogonTime = intLastLogonTime / (60 * 10000000)
    intLastLogonTime = intLastLogonTime / 1440
    dtmLastLogon = intLastLogonTime + # 1 / 1 / 1601 #
end if
on error goto 0
    
    'Populate text file
    ws=DQ & objUser.sAMAccountName & DQ
    ws=ws & "," & DQ & objUser.extensionAttribute1 & DQ
    ws=ws & "," & DQ & objUser.description & DQ 
    ws=ws & "," & DQ & objUser.whenCreated & DQ
    ws=ws & "," & DQ & dtmLastLogon & DQ
    ws=ws & "," & DQ & objUser.mail & DQ
    ws=ws & "," & DQ & objUser.info & DQ
    objOutputFile.WriteLine ws

		objRecordSet.MoveNext
	Loop
End If
WScript.Echo "Finished creating file"
objOutputFile.Close

'Open file
strOpenFile = MsgBox("Do you want to open the output file?", VbYesNo + VBQuestion, "Open Output File?")
If strOpenFile = VbYes Then
	objShell.Run("notepad.exe " & DQ & strOutputFilePath & DQ)
End If

Open in new window

VB Script
Avatar of undefined
Last Comment
RobSampson
8/22/2022 - Mon
Plans and Pricing
Resources
Product
Podcasts
Careers
Contact Us
Teams
Certified Expert Program
Credly Partnership
Udemy Partnership
Privacy Policy
Terms of Use

© 1996-2023 Experts Exchange, LLC. All rights reserved. Covered by US Patent