[2 days left] What’s wrong with your cloud strategy? Learn why multicloud solutions matter with Nimble Storage.Register Now

x
?
Solved

tool or script to export group memberships and security policies

Posted on 2013-01-17
6
Medium Priority
?
598 Views
Last Modified: 2014-08-02
1) Is there any easy way to export details on all local groups and group memberships into one report on a 2008 server...

i.e
users - member1,2,3
admins -member1, 2, 3
backup operators - member1, 2, 3
power users - member1, 2, 3


2)Also is there anyway to export the exact security policies (local or via a GPO) being applied to the server into a management freindly report. I.e. export the output of RSOP into a freindly readable report without having to do endless screenshots...
0
Comment
Question by:pma111
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
  • 3
  • 2
6 Comments
 
LVL 10

Accepted Solution

by:
rscottvan earned 1500 total points
ID: 38788526
1.  try this:  http://debugge.com/vbs-to-display-all-users-in-active-directory-by-group.db

2. from a command prompt, run gpresult /H c:\temp\policies.html
Then take a look at c:\temp\policies.html
0
 
LVL 3

Author Comment

by:pma111
ID: 38792181
I am not sure 2 is what I am after, RSOP is loads better as it lists the exact settings applied, rather than just the names of the GPO's - not knowing what exactly the policy configures...

http://i.technet.microsoft.com/dynimg/IC43050.gif
0
 
LVL 3

Author Comment

by:pma111
ID: 38792185
And is 1 just listing global groups, not local groups on servers?
0
 
LVL 10

Expert Comment

by:rscottvan
ID: 38793928
Local Groups are easier, try this.

Set colGroups = GetObject("WinNT://.")
colGroups.Filter = Array("group")
For Each objGroup In colGroups
    Wscript.Echo objGroup.Name 
    For Each objUser in objGroup.Members
        Wscript.Echo vbTab & objUser.Name
    Next
Next

Open in new window

0
 
LVL 10

Expert Comment

by:rscottvan
ID: 38793951
The results of the gpresult command should show you all the policy items being applied.  Here's a sample from my local PC.

screenshot of gpresult.htm
0

Featured Post

Tech or Treat!

Submit an article about your scariest tech experience—and the solution—and you’ll be automatically entered to win one of 4 fantastic tech gadgets.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Citrix XenApp, Internet Explorer 11 set to Enterprise Mode and using central hosted sites.xml file.
Know what services you can and cannot, should and should not combine on your server.
This tutorial will walk an individual through the steps necessary to join and promote the first Windows Server 2012 domain controller into an Active Directory environment running on Windows Server 2008. Determine the location of the FSMO roles by lo…
This tutorial will walk an individual through setting the global and backup job media overwrite and protection periods in Backup Exec 2012. Log onto the Backup Exec Central Administration Server. Examine the services. If all or most of them are stop…

656 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question