?
Solved

Querying Active Directory group membership information

Posted on 2013-11-30
6
Medium Priority
?
1,033 Views
Last Modified: 2014-01-14
Good day experts,

I'm trying to query active directory with vbscript to get the membership information of a specific group.

Using an application called dsa.msc I can query this information manually but I need to follow a more automated approach using vbscript.

SO what I need my script to do now, is get all the members for a given group name.

I currently have the following sample:

Set objGroup = GetObject _
  ("LDAP:// SOMETHING MUST GO HERE")
objGroup.GetInfo
 
arrMemberOf = objGroup.GetEx("member")
 
WScript.Echo "Members:"
For Each strMember in arrMemberOf
    WScript.echo strMember
Next

I just cannot get the correct parameters specified in the "LDAP:// ..... " command to get results.  Surely, if I can access the required info with dsa.msc then I should have all the necessary connectivity, access and info to run this query - I just don't know what to put in.

Please help.

Thanks
Christoff
0
Comment
Question by:PantoffelSlippers
6 Comments
 
LVL 53

Accepted Solution

by:
Will Szymkowski earned 750 total points
ID: 39686989
Powershell is much easier. You can use 1 line of code to accomplish what you are doing... Use the following command below...

Security Group (Powershell with import-module activedirectory)
Get-ADGroupMember -Identity <groupname> | select name,samaccountname


Distribution Group (run from Exchange Management Shell)
Get-DistributionGroupMember -Identity <groupname> | Select DisplayName


Will.
0
 
LVL 14

Assisted Solution

by:Ram Balachandran
Ram Balachandran earned 450 total points
ID: 39687199
Following is a sample vbscript to find members of a AD group
For your question : You need to provide DN Name of the group

Set objGroup = GetObject ("LDAP://cn=Test_Group,ou=TestOU,dc=home,dc=com")

Say Test_Group is your group name - In dsa.msc, in view > select advanced features
and then search for the group.
Open group properties and select Object

You can see the AD path of the group like home.com/SomeOU/Groupname
Now home.com (or your domain name will become Dc=home,Dc=com.


Sample Code

' List All the 'Members' and 'Member Of' of a Group
' Test_group points to the group which you need the output

On Error Resume Next

Set objGroup = GetObject ("LDAP://cn=Test_Group,ou=TestOU,dc=home,dc=com")
objGroup.GetInfo

arrMember = objGroup.GetEx("member")

WScript.Echo "Members:"
For Each strMember in arrMember
    WScript.echo strMember
Next
'------------------------------

arrMemberOf = objGroup.GetEx("memberof")
WScript.Echo "MemberOf:"
For Each strMemberOf in arrMemberOf
    WScript.echo strMemberOf
Next
'------------------------------

Open in new window


--------------------


Using Powershell first import Active directory module

http://blogs.msdn.com/b/rkramesh/archive/2012/01/17/how-to-add-active-directory-module-in-powershell-in-windows-7.aspx

Get-ADGroupMember -Identity Test_Groupname | select name,samaccountname

Replace Test_Groupname with your group
0
 

Author Comment

by:PantoffelSlippers
ID: 39687831
Thanks - let me try this out
0
Concerto Cloud for Software Providers & ISVs

Can Concerto Cloud Services help you focus on evolving your application offerings, while delivering the best cloud experience to your customers? From DevOps to revenue models and customer support, the answer is yes!

Learn how Concerto can help you.

 
LVL 9

Expert Comment

by:VirastaR
ID: 39688271
Hi,

Check this too..

[SOLVED] Active Directory Saved Query - Group Member Listing

Hope that helps :)
0
 

Author Comment

by:PantoffelSlippers
ID: 39729626
I'll try that too.

I'm really struggling with the Powershell.

One of my challenges is that results are written back to a database - that's why I also started with VBScript - easy to update SQL Server...
0
 

Author Closing Comment

by:PantoffelSlippers
ID: 39778646
Thanks experts
0

Featured Post

Free Tool: SSL Checker

Scans your site and returns information about your SSL implementation and certificate. Helpful for debugging and validating your SSL configuration.

One of a set of tools we are providing to everyone as a way of saying thank you for being a part of the community.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

High user turnover can cause old/redundant user data to consume valuable space. UserResourceCleanup was developed to address this by automatically deleting user folders when the user account is deleted.
It’s time for spooky stories and consuming way too much sugar, including the many treats we’ve whipped for you in the world of tech. Check it out!
This tutorial will walk an individual through the process of configuring their Windows Server 2012 domain controller to synchronize its time with a trusted, external resource. Use Google, Bing, or other preferred search engine to locate trusted NTP …
There are cases when e.g. an IT administrator wants to have full access and view into selected mailboxes on Exchange server, directly from his own email account in Outlook or Outlook Web Access. This proves useful when for example administrator want…

621 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question