Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people, just like you, are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
Solved

list users in groups in OU

Posted on 2015-01-22
10
132 Views
Last Modified: 2015-02-05
Hey Experts.

I would like to show the users in the various groups within a particular OU.

Department (OU)
>Computers (OU)
>Groups (OU)
>>PRT-1 (Group)
>>PRT-2 (Group)
>>PRT-3 (Group)

I want to have the users that are in the groups nested in the "Department OU > Groups OU" output to a log file.  I need to know the users listed in the particular group:

PRT-1
-userA
-userB

PRT-2
-userA
-userC
-userD

Thanks experts!!
0
Comment
Question by:samiam41
  • 5
  • 4
10 Comments
 
LVL 24

Expert Comment

by:NVIT
ID: 40564916
Note: Change YourDomainName to your actual domain name.

From the DC, try:
dsquery user "CN=PRT-1,OU=Groups,OU=Computers,DC=YourDomainName,DC=com"

If that works, try this at CMD prompt:
for /f "tokens=1-2 delims==," %a in ('dsquery user "CN=PRT-1,OU=Groups,OU=Computers,DC=YourDomainName,DC=com"') do (echo %~b)
0
 
LVL 13

Expert Comment

by:Gabriel Clifton
ID: 40564935
Actually, change that to dsget group "CN=GroupName,DC=domain,DC=name,DC=com" -members
0
 
LVL 13

Expert Comment

by:Gabriel Clifton
ID: 40564998
This should get you where you want to be.

@echo off
cls

for /f "tokens=*" %%a in ('dsquery group "OU=Groups,DC=Domain,DC=com" ^|sort') do (call :oumembers %%a)

exit /b

:oumembers
set ougroup=%1
echo %ougroup% >>ou-group-members.txt
::pause
for /f "tokens=1-2 delims==," %%a in ('dsget group %ougroup% -members ^|sort') do (echo %%~b >>ou-group-members.txt)
goto :eof

Open in new window

0
Migrating Your Company's PCs

To keep pace with competitors, businesses must keep employees productive, and that means providing them with the latest technology. This document provides the tips and tricks you need to help you migrate an outdated PC fleet to new desktops, laptops, and tablets.

 
LVL 13

Expert Comment

by:Gabriel Clifton
ID: 40565010
This will be a little nicer output file.

@echo off
cls

for /f "tokens=*" %%a in ('dsquery group "OU=Groups,DC=Domain,DC=com" ^|sort') do (call :oumembers %%a)

exit /b

:oumembers
set ougroup=%1
echo %ougroup% >>ou-group-members.csv
::pause
for /f "tokens=1-2 delims==," %%a in ('dsget group %ougroup% -members ^|sort') do (echo ,%%~b >>ou-group-members.csv)
goto :eof

Open in new window

0
 
LVL 9

Author Comment

by:samiam41
ID: 40565161
Great script!

Here is what I used:

@echo off
cls

for /f "tokens=*" %%a in ('dsquery group "OU=Groups,DC=Domain,DC=com" ^|sort') do (call :oumembers %%a)

exit /b

:oumembers
set ougroup=%1
echo %ougroup% >>ou-group-members.csv
::pause
for /f "tokens=1-2 delims==," %%a in ('dsget group %ougroup% -members ^|sort') do (echo ,%%~b >>ou-group-members.csv)
goto :eof

Open in new window


The log file shows the username as:  lastname\

Not the user name.  How can I (we/you) fix that?
0
 
LVL 13

Accepted Solution

by:
Gabriel Clifton earned 500 total points
ID: 40565511
There may be a better way, but I do know this works.

@echo off
cls

for /f "tokens=*" %%a in ('dsquery group "OU=Groups,DC=domain,DC=com" ^|sort') do (call :oumembers %%a)

exit /b

:oumembers
set ougroup=%1
echo %ougroup% >>ou-group-members.csv
::pause
for /f "tokens=*" %%b in ('dsget group %ougroup% -members ^|sort') do (call :usersamid %%b)
goto :eof

:usersamid
set userid=%1
for /f "tokens=*" %%c in ('dsquery user %userid% -o samid') do echo ,%%c >>ou-group-members.csv
goto :eof

Open in new window

0
 
LVL 9

Author Closing Comment

by:samiam41
ID: 40566989
Brilliant work!!  Thanks for your help with this!
0
 
LVL 13

Expert Comment

by:Gabriel Clifton
ID: 40567162
No problem, any time.
0
 
LVL 9

Author Comment

by:samiam41
ID: 40567167
Check this question out if you have some time and want some points!

http://www.experts-exchange.com/OS/Microsoft_Operating_Systems/MS_DOS/Q_28602773.html
0
 
LVL 9

Author Comment

by:samiam41
ID: 40592098
Hey everyone!  I have a question that received a couple of replies but the suggestions are for powershell and I asked for batch.  If any of you have a minute or two and would like some points, I would appreciate your help.

http://www.experts-exchange.com/OS/Microsoft_Operating_Systems/MS_DOS/Q_28610287.html
0

Featured Post

Announcing the Most Valuable Experts of 2016

MVEs are more concerned with the satisfaction of those they help than with the considerable points they can earn. They are the types of people you feel privileged to call colleagues. Join us in honoring this amazing group of Experts.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

If you get continual lockouts after changing your Active Directory password, there are several possible reasons.  Two of the most common are using other devices to access your email and stored passwords in the credential manager of windows.
When you start your Windows 10 PC and got an "Operating system not found" error or just saw  "Auto repair for startup" or a blinking cursor with black screen. A loop for Auto repair will start but fix nothing.  You will be panic as there are no back…
Windows 8 comes with a dramatically different user interface known as Metro. Notably missing from the new interface is a Start button and Start Menu. Many users do not like it, much preferring the interface of earlier versions — Windows 7, Windows X…
In this Micro Tutorial viewers will learn how to use Boot Corrector from Paragon Rescue Kit Free to identify and fix the boot problems of Windows 7/8/2012R2 etc. As an example is used Windows 2012R2 which lost its active partition flag (often happen…

856 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question