AD 2003 list group members
HI all,
probably a no brainer this one. I need to know how to get a list of users from a domain based group. Preferably one which does not include the entire distiguished name for each user as I need to send the list of users to onother department.
Many thanks
probably a no brainer this one. I need to know how to get a list of users from a domain based group. Preferably one which does not include the entire distiguished name for each user as I need to send the list of users to onother department.
Many thanks
ASKER
Hi, can you explain the fn and ln switches please? Also, probably being dumb but where do i specify the OU?
ASKER
Hi Krzysztof. Would that need to be installed on a DC? If so I'd never get it signed off in the time that i need the results but thanks anyway.
Question : Hi, can you explain the fn and ln switches please? Also, probably being dumb but where do i specify the OU?
fn= First name
ln= Last name
You need to specify any OU path, As Group name is sufficient to query the AD
fn= First name
ln= Last name
You need to specify any OU path, As Group name is sufficient to query the AD
fn attribute means First Name
ln attribute means Last Name
you don't have to specify OU because you need to only provide GroupName in a syntax and it will be discovered. Then all group members you will get into text file on C-Drive.
When you have DC then you don't have to install anything, DSTools are available. You need to only install RSAT/Administrative Tools on local workstation to use DS commands.
Quest tool you can install on any workstation and then use it
Krzysztof
ln attribute means Last Name
you don't have to specify OU because you need to only provide GroupName in a syntax and it will be discovered. Then all group members you will get into text file on C-Drive.
When you have DC then you don't have to install anything, DSTools are available. You need to only install RSAT/Administrative Tools on local workstation to use DS commands.
Quest tool you can install on any workstation and then use it
Krzysztof
Would that need to be installed on a DC? If so I'd never get it signed off in the time that i need the results but thanks anyway.?
Dsquery is Inbuilt tool No need to install on DC.
Dsquery is Inbuilt tool No need to install on DC.
ASKER
Hi, when i run the dsquery i get an error:
deget failed: value for "target object for this command" has incorrect format
Mean anything. I've tried group name with and without quotes but same error. Didn't know if quotes were required.
deget failed: value for "target object for this command" has incorrect format
Mean anything. I've tried group name with and without quotes but same error. Didn't know if quotes were required.
SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
ASKER
HI, running the new query just creates a blank document. There is a microsft header but the last line says "no files specified"
Have you replaced "GroupName" with your own group name to query ?
Krzysztof
Krzysztof
ASKER
Yep. HAve included qotes but no change, same output blank file.
Type command without redirection to file and see what do you see on the screen
or skip -expand switch which may cause this error
however, I would recommend using for that Quest PowerShell :)
Krzysztof
dsquery group -name "GroupName" | dsget group -members -expandor skip -expand switch which may cause this error
dsquery group -name "GroupName" | dsget group -members >>c:\users.txthowever, I would recommend using for that Quest PowerShell :)
Krzysztof
ASKER
Forget that, Had an extra | in there for good measure :) That has worked except I have some 1500 users each showing distinguished name.
Back to the POwershell. Does this need installing on a DC?
Back to the POwershell. Does this need installing on a DC?
ASKER CERTIFIED SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
ASKER
Thank you very much guy's. Hope that teh points split seems fair.
You're welcome :)
Krzysztof
Krzysztof
Open in new window
EDIT: are you able to install Quest PowerShell module for AD (it's free)?
http://www.quest.com/powershell/activeroles-server.aspx
then you can use this syntax:
Open in new window
Regards,
Krzysztof