Solved

list users in groups in OU

Posted on 2015-01-22
10
137 Views
Last Modified: 2015-02-05
Hey Experts.

I would like to show the users in the various groups within a particular OU.

Department (OU)
>Computers (OU)
>Groups (OU)
>>PRT-1 (Group)
>>PRT-2 (Group)
>>PRT-3 (Group)

I want to have the users that are in the groups nested in the "Department OU > Groups OU" output to a log file.  I need to know the users listed in the particular group:

PRT-1
-userA
-userB

PRT-2
-userA
-userC
-userD

Thanks experts!!
0
Comment
Question by:samiam41
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
  • 5
  • 4
10 Comments
 
LVL 24

Expert Comment

by:NVIT
ID: 40564916
Note: Change YourDomainName to your actual domain name.

From the DC, try:
dsquery user "CN=PRT-1,OU=Groups,OU=Computers,DC=YourDomainName,DC=com"

If that works, try this at CMD prompt:
for /f "tokens=1-2 delims==," %a in ('dsquery user "CN=PRT-1,OU=Groups,OU=Computers,DC=YourDomainName,DC=com"') do (echo %~b)
0
 
LVL 13

Expert Comment

by:Gabriel Clifton
ID: 40564935
Actually, change that to dsget group "CN=GroupName,DC=domain,DC=name,DC=com" -members
0
 
LVL 13

Expert Comment

by:Gabriel Clifton
ID: 40564998
This should get you where you want to be.

@echo off
cls

for /f "tokens=*" %%a in ('dsquery group "OU=Groups,DC=Domain,DC=com" ^|sort') do (call :oumembers %%a)

exit /b

:oumembers
set ougroup=%1
echo %ougroup% >>ou-group-members.txt
::pause
for /f "tokens=1-2 delims==," %%a in ('dsget group %ougroup% -members ^|sort') do (echo %%~b >>ou-group-members.txt)
goto :eof

Open in new window

0
The Eight Noble Truths of Backup and Recovery

How can IT departments tackle the challenges of a Big Data world? This white paper provides a roadmap to success and helps companies ensure that all their data is safe and secure, no matter if it resides on-premise with physical or virtual machines or in the cloud.

 
LVL 13

Expert Comment

by:Gabriel Clifton
ID: 40565010
This will be a little nicer output file.

@echo off
cls

for /f "tokens=*" %%a in ('dsquery group "OU=Groups,DC=Domain,DC=com" ^|sort') do (call :oumembers %%a)

exit /b

:oumembers
set ougroup=%1
echo %ougroup% >>ou-group-members.csv
::pause
for /f "tokens=1-2 delims==," %%a in ('dsget group %ougroup% -members ^|sort') do (echo ,%%~b >>ou-group-members.csv)
goto :eof

Open in new window

0
 
LVL 9

Author Comment

by:samiam41
ID: 40565161
Great script!

Here is what I used:

@echo off
cls

for /f "tokens=*" %%a in ('dsquery group "OU=Groups,DC=Domain,DC=com" ^|sort') do (call :oumembers %%a)

exit /b

:oumembers
set ougroup=%1
echo %ougroup% >>ou-group-members.csv
::pause
for /f "tokens=1-2 delims==," %%a in ('dsget group %ougroup% -members ^|sort') do (echo ,%%~b >>ou-group-members.csv)
goto :eof

Open in new window


The log file shows the username as:  lastname\

Not the user name.  How can I (we/you) fix that?
0
 
LVL 13

Accepted Solution

by:
Gabriel Clifton earned 500 total points
ID: 40565511
There may be a better way, but I do know this works.

@echo off
cls

for /f "tokens=*" %%a in ('dsquery group "OU=Groups,DC=domain,DC=com" ^|sort') do (call :oumembers %%a)

exit /b

:oumembers
set ougroup=%1
echo %ougroup% >>ou-group-members.csv
::pause
for /f "tokens=*" %%b in ('dsget group %ougroup% -members ^|sort') do (call :usersamid %%b)
goto :eof

:usersamid
set userid=%1
for /f "tokens=*" %%c in ('dsquery user %userid% -o samid') do echo ,%%c >>ou-group-members.csv
goto :eof

Open in new window

0
 
LVL 9

Author Closing Comment

by:samiam41
ID: 40566989
Brilliant work!!  Thanks for your help with this!
0
 
LVL 13

Expert Comment

by:Gabriel Clifton
ID: 40567162
No problem, any time.
0
 
LVL 9

Author Comment

by:samiam41
ID: 40567167
Check this question out if you have some time and want some points!

http://www.experts-exchange.com/OS/Microsoft_Operating_Systems/MS_DOS/Q_28602773.html
0
 
LVL 9

Author Comment

by:samiam41
ID: 40592098
Hey everyone!  I have a question that received a couple of replies but the suggestions are for powershell and I asked for batch.  If any of you have a minute or two and would like some points, I would appreciate your help.

http://www.experts-exchange.com/OS/Microsoft_Operating_Systems/MS_DOS/Q_28610287.html
0

Featured Post

How our DevOps Teams Maximize Uptime

Our Dev teams are like yours. They’re continually cranking out code for new features/bugs fixes, testing, deploying, responding to production monitoring events and more. It’s complex. So, we thought you’d like to see what’s working for us. Read the use case whitepaper.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Use this article to create a batch file to backup a Microsoft SQL Server database to a Windows folder.  The folder can be on the local hard drive or on a network share.  This batch file will query the SQL server to get the current date & time and wi…
If you get continual lockouts after changing your Active Directory password, there are several possible reasons.  Two of the most common are using other devices to access your email and stored passwords in the credential manager of windows.
This Micro Tutorial will teach you how to the overview of Microsoft Security Essentials. This is a free anti-virus software that guards your PC against viruses, spyware, worms, and other malicious software. This will be demonstrated using Windows…
This Micro Tutorial will teach you how to change your appearance and customize your Windows 7 interface to your unique preference. This will be demonstrated using Windows 7 operating system.

752 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question