Interface to query Active Directory
Hi experts,
I have another question open for querying AD with VBScript - this is for testing and reporting purposes.
I also need to provide my team of business consultants with a user interface that they can use to test various file share security issues.
Typical tasks they need to perform:
I've been searching the web and there are millions of tools. The problem is I have to download, install and test all of them.
I was hoping to get to an answer quicker based on expert experience.
Many thanks
I have another question open for querying AD with VBScript - this is for testing and reporting purposes.
I also need to provide my team of business consultants with a user interface that they can use to test various file share security issues.
Typical tasks they need to perform:
Use a given group name to get all members of the group
Use a given user account to get all groups that a user is a member of
Use a given folder path to get a view on which groups have what rights on the group
I've been searching the web and there are millions of tools. The problem is I have to download, install and test all of them.
I was hoping to get to an answer quicker based on expert experience.
Many thanks
SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
ASKER
Thanks Will,
I'm not opposed to powershell... I just know NOTHING about it.
Even the simple samples in your post are foreign to me. How do I execute PowerShell scripts?
(Sorry for looking really dumb but I'm use to old school batch scripts, VBScripts or full .Net 2.0 applications).
Thanks again
I'm not opposed to powershell... I just know NOTHING about it.
Even the simple samples in your post are foreign to me. How do I execute PowerShell scripts?
(Sorry for looking really dumb but I'm use to old school batch scripts, VBScripts or full .Net 2.0 applications).
Thanks again
SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
ASKER
pony10us,
I'm trying Dumpsec. It's fairly easy with a specific local machine but I'm struggling to find how to do what I was looking for.
If I have a specific domain user account, how do I see with Dumpsec what groups this user belongs to?
Thanks
I'm trying Dumpsec. It's fairly easy with a specific local machine but I'm struggling to find how to do what I was looking for.
If I have a specific domain user account, how do I see with Dumpsec what groups this user belongs to?
Thanks
ASKER
Will,
I'm getting this error when running the PS1 file: <fileName> cannot be loaded because the execution of scripts is disabled on this system.
I'm googling it now...
I'm getting this error when running the PS1 file: <fileName> cannot be loaded because the execution of scripts is disabled on this system.
I'm googling it now...
SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
ASKER
Will,
I set ExecutionPolicy to unrstricted to solve my problem.
I now a 2nd problem with query number 2.
The results i get is a list of OU's. I used my own userID in the query but none of the groups I am a member of are listed. Only OU's.
How do I get the groups?
I set ExecutionPolicy to unrstricted to solve my problem.
I now a 2nd problem with query number 2.
The results i get is a list of OU's. I used my own userID in the query but none of the groups I am a member of are listed. Only OU's.
How do I get the groups?
ASKER
pony10us,
I'm struggling with dsGet user also.
I only get back a message saying directory object was not found. What needs to go in place of Jon Smith? The user's alias? Display Name? I tied everything I could thing of.
I'm struggling with dsGet user also.
I only get back a message saying directory object was not found. What needs to go in place of Jon Smith? The user's alias? Display Name? I tied everything I could thing of.
SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
ASKER
I'm doing OK with the Powershell script for now - but I have two small prpoblems:
My script to get all groups for a user is as follows:
Import-module ActiveDirectory
(GET-ADUSER –Identity holds –Properties MemberOf | Select-Object MemberOf).MemberOf | Sort
First problem is that when I right click the PS1 file and select run in powershell, the command window opens, stays open for a while and then closes - no result displayed.
The groups returned by my above script, are a lot. Many users have 50+ groups. The groups I want to see all come from one container. Is it possible to filter the query results to show groups only from OU=Documentum_ShareData ?
I searched for samples online and it seems -Identity cannot be used with -Filter.
Please assist.
My script to get all groups for a user is as follows:
Import-module ActiveDirectory
(GET-ADUSER –Identity holds –Properties MemberOf | Select-Object MemberOf).MemberOf | Sort
First problem is that when I right click the PS1 file and select run in powershell, the command window opens, stays open for a while and then closes - no result displayed.
The groups returned by my above script, are a lot. Many users have 50+ groups. The groups I want to see all come from one container. Is it possible to filter the query results to show groups only from OU=Documentum_ShareData ?
I searched for samples online and it seems -Identity cannot be used with -Filter.
Please assist.
ASKER
So this is my final attempt for the day:
Get-ADPrincipalGroupMember
That sort of takes care of the groups a user belongs to.
Not sure how to do this recursively though. Any ideas?
Get-ADPrincipalGroupMember
That sort of takes care of the groups a user belongs to.
Not sure how to do this recursively though. Any ideas?
ASKER
Experts,
Making slow progress with the powershell script.
Please remember my original post - was looking for a GUI for my business consultants - that would still be first prize.
Thanks
Making slow progress with the powershell script.
Please remember my original post - was looking for a GUI for my business consultants - that would still be first prize.
Thanks
ASKER CERTIFIED SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
ASKER
Thank you very much experts
ASKER