tool or script to export group memberships and security policies

1) Is there any easy way to export details on all local groups and group memberships into one report on a 2008 server...

i.e
users - member1,2,3
admins -member1, 2, 3
backup operators - member1, 2, 3
power users - member1, 2, 3


2)Also is there anyway to export the exact security policies (local or via a GPO) being applied to the server into a management freindly report. I.e. export the output of RSOP into a freindly readable report without having to do endless screenshots...
LVL 3
pma111Asked:
Who is Participating?
 
rscottvanConnect With a Mentor Commented:
1.  try this:  http://debugge.com/vbs-to-display-all-users-in-active-directory-by-group.db

2. from a command prompt, run gpresult /H c:\temp\policies.html
Then take a look at c:\temp\policies.html
0
 
pma111Author Commented:
I am not sure 2 is what I am after, RSOP is loads better as it lists the exact settings applied, rather than just the names of the GPO's - not knowing what exactly the policy configures...

http://i.technet.microsoft.com/dynimg/IC43050.gif
0
 
pma111Author Commented:
And is 1 just listing global groups, not local groups on servers?
0
 
rscottvanCommented:
Local Groups are easier, try this.

Set colGroups = GetObject("WinNT://.")
colGroups.Filter = Array("group")
For Each objGroup In colGroups
    Wscript.Echo objGroup.Name 
    For Each objUser in objGroup.Members
        Wscript.Echo vbTab & objUser.Name
    Next
Next

Open in new window

0
 
rscottvanCommented:
The results of the gpresult command should show you all the policy items being applied.  Here's a sample from my local PC.

screenshot of gpresult.htm
0
Question has a verified solution.

Are you are experiencing a similar issue? Get a personalized answer when you ask a related question.

Have a better answer? Share it in a comment.

All Courses

From novice to tech pro — start learning today.