Solved

clean up output in log file

Posted on 2015-01-23
11
134 Views
Last Modified: 2015-02-04
Hi again Experts.

While using the code below, I get this output in the log file:

CN=a,OU=groupname,OU=b,OU=c,OU=d,DC=e,DC=f,DC=g,DC=h

[I only want OU=groupname to be displayed in the log file]

@echo off
cls

for /f "tokens=*" %%a in ('dsquery group "OU=a,OU=b,OU=c,OU=d,DC=e,DC=f,DC=g,DC=h" ^|sort') do (call :oumembers %%a)

exit /b

:oumembers
set ougroup=%1
echo %ougroup% > %ou%-group-members.csv
::pause
for /f "tokens=*" %%b in ('dsget group %ougroup% -members ^|sort') do (call :usersamid %%b)
goto :eof

:usersamid
set userid=%1
for /f "tokens=*" %%c in ('dsquery user %userid% -o samid') do echo ,%%c >> %ou%-group-members.csv
goto :eof

Open in new window


How can this be done?  Thanks for your help!
0
Comment
Question by:samiam41
  • 5
  • 3
  • 3
11 Comments
 
LVL 23

Expert Comment

by:NVIT
ID: 40567234
for /f "tokens=1-4 delims=,=" %%a in (%ou%-group-members.csv) do echo %%d
0
 
LVL 9

Author Comment

by:samiam41
ID: 40567237
Thanks NewVillageIT!  Could you dumb it down for me and show me what the script would look like with your code inserted, please?
0
 
LVL 23

Assisted Solution

by:NVIT
NVIT earned 250 total points
ID: 40567240
@echo off
cls

for /f "tokens=*" %%a in ('dsquery group "OU=a,OU=b,OU=c,OU=d,DC=e,DC=f,DC=g,DC=h" ^|sort') do (call :oumembers %%a)

exit /b

:oumembers
set ougroup=%1
echo %ougroup% > %ou%-group-members.csv
::pause
for /f "tokens=*" %%b in ('dsget group %ougroup% -members ^|sort') do (call :usersamid %%b)
goto :eof

:usersamid
set userid=%1
for /f "tokens=*" %%c in ('dsquery user %userid% -o samid') do echo ,%%c >> %ou%-group-members.csv
for /f "tokens=1-4 delims=," %%a in (%ou%-group-members.csv) do echo %%b >> %ou%-group-members2.csv
goto :eof

Open in new window

0
 
LVL 23

Assisted Solution

by:NVIT
NVIT earned 250 total points
ID: 40567267
I revised it, sending the results to %ou%-group-members2.csv
0
 
LVL 82

Expert Comment

by:oBdA
ID: 40567275
The output will actually contain
CN=groupname,OU=a,OU=b,OU=c,OU=d,DC=e,DC=f,DC=g,DC=h
So when you say I only want OU=groupname to be displayed in the log file, do you want the group name (which I assume in the script below), or really the OU name (which would be the same for all groups, so you'd lose the group information.
Then the variable "ou" you're using in the output file name isn't set, and you're always overwriting the output file in line 10, so you'll only ever get the last group in the output file.
Finally, the current output isn't really csv; do you want that rearranged, or can you work with what you have?
Here's a slightly enhanced version:
@echo off
cls
set ou=test
set CsvFile=%ou%-group-members.csv
if exist "%CsvFile%" del "%CsvFile%"
for /f "tokens=*" %%a in ('dsquery group "OU=a,OU=b,OU=c,OU=d,DC=e,DC=f,DC=g,DC=h" ^|sort') do (call :oumembers %%a)

exit /b

:oumembers
set ougroup=%1
for /f "tokens=1 delims=," %%a in (%ougroup%) do (>>"%CsvFile%" echo "%%a")
::pause
for /f "tokens=*" %%b in ('dsget group %ougroup% -members ^|sort') do (call :usersamid %%b)
goto :eof

:usersamid
set userid=%1
for /f "tokens=*" %%c in ('dsquery user %userid% -o samid') do >>"%CsvFile%" echo ,%%c
goto :eof

Open in new window

0
Enabling OSINT in Activity Based Intelligence

Activity based intelligence (ABI) requires access to all available sources of data. Recorded Future allows analysts to observe structured data on the open, deep, and dark web.

 
LVL 82

Expert Comment

by:oBdA
ID: 40567319
OK, I couldn't help it; try that for size.
It has the OU query from your other question already integrated (and the "DC=" part will be built automatically), and produces a real csv with a header, and the name of the main OU in the file name.
@echo off
cls
set OUPath=
set /p "OUPath=Please enter the OU path as 'OU=x,OU=y', without quotes: "
if "%OUPath%"=="" goto :eof
set OUDN=%OUPath%,DC=%UserDnsDomain:.=,DC=%
for /f "tokens=2 delims=,=" %%a in ("%OUDN%") do (set LastOU=%%a)

set CsvFile=%LastOU%-group-members.csv

echo Running query against '%OUDN%'.
echo Output file will be '%CsvFile%'.

>"%CsvFile%" echo "Group","Member","OU"
for /f "tokens=*" %%a in ('dsquery.exe group "%OUDN%" ^| sort.exe') do (call :oumembers %%a)
exit /b

:oumembers
set GroupDN=%~1
for /f "tokens=2 delims=,=" %%a in ("%GroupDN%") do (set GroupName=%%a)
echo Processing group '%GroupName%' ...
for /f "tokens=*" %%b in ('dsget.exe group "%GroupDN%" -members ^| sort.exe') do (call :usersamid "%%~b")
goto :eof

:usersamid
set UserDN=%~1
for /f "tokens=*" %%c in ('dsquery.exe user "%UserDN%" -o samid') do (
	>>"%CsvFile%" echo "%GroupName%","%%~c","%OUDN%"
)
goto :eof

Open in new window

0
 
LVL 9

Author Comment

by:samiam41
ID: 40571021
Hey oBdA!

In the script you put in your last post, can I manually put the OU/DC entries so that all I have to enter when I start the script is the OU I want audit the groups of?

If this were my domain structure, [OU-Texas,OU-NorthAm,DC-Business,DC-com], I would like the script to already have those entries in the script.  Then when the script runs, I can enter one of the OU's that are nested under OU-Texas.  The OU that I manually enter would be audited.

Hopefuly I didn't make that too muddy.  Thanks again!
0
 
LVL 9

Author Comment

by:samiam41
ID: 40571023
@NewVillageIT, I'm testing your recommendation further.  Updates forthcoming.
0
 
LVL 82

Accepted Solution

by:
oBdA earned 250 total points
ID: 40571057
How about this:
@echo off
cls
REM *** Default OU path in the format 'OU=...,OU=...'
set DefaultOU=OU-Texas,OU-NorthAm
REM *** Domain components part; use 'set DomainComponents=DC=%UserDnsDomain:.=,DC=%' to auto-generate based on the user's logon domain
set DomainComponents=DC=%UserDnsDomain:.=,DC=%
set OUName=
set /p "OUName=Please enter the OU name under '%DefaultOU%': "
if "%OUName%"=="" goto :eof
set OUDN=OU=%OUName%,%DefaultOU%,%DomainComponents%

set CsvFile=%OUName%-group-members.csv

echo Running query against '%OUDN%'.
echo Output file will be '%CsvFile%'.

>"%CsvFile%" echo "Group","Member","OU"
for /f "tokens=*" %%a in ('dsquery.exe group "%OUDN%" ^| sort.exe') do (call :oumembers %%a)
exit /b

:oumembers
set GroupDN=%~1
for /f "tokens=2 delims=,=" %%a in ("%GroupDN%") do (set GroupName=%%a)
echo Processing group '%GroupName%' ...
for /f "tokens=*" %%b in ('dsget.exe group "%GroupDN%" -members ^| sort.exe') do (call :usersamid "%%~b")
goto :eof

:usersamid
set UserDN=%~1
for /f "tokens=*" %%c in ('dsquery.exe user "%UserDN%" -o samid') do (
	>>"%CsvFile%" echo "%GroupName%","%%~c","%OUDN%"
)
goto :eof

Open in new window

0
 
LVL 9

Author Closing Comment

by:samiam41
ID: 40588798
Thanks for the help and script!  Amazing work and appreciate all of your time.

-Aaron
0
 
LVL 9

Author Comment

by:samiam41
ID: 40589624
If any of you legends can spare a minute with my new question, I would appreciate it!

http://www.experts-exchange.com/OS/Microsoft_Operating_Systems/MS_DOS/Q_28610287.html
0

Featured Post

How your wiki can always stay up-to-date

Quip doubles as a “living” wiki and a project management tool that evolves with your organization. As you finish projects in Quip, the work remains, easily accessible to all team members, new and old.
- Increase transparency
- Onboard new hires faster
- Access from mobile/offline

Join & Write a Comment

Suggested Solutions

You may have already been in the need to update a whole folder stucture using a script. Robocopy does it well and even provides a list of non-updated files in a log (if asked to). Generally those files that were locked by a user or a process by the …
If you get continual lockouts after changing your Active Directory password, there are several possible reasons.  Two of the most common are using other devices to access your email and stored passwords in the credential manager of windows.
This Micro Tutorial will go in depth within Systems and Security in Windows 7 and will go into detail regarding Action Center, Windows Firewall, System, etc. This will be demonstrated using Windows 7 operating system.
This Micro Tutorial will give you a introduction in two parts how to utilize Windows Live Movie Maker to its maximum capability. This will be demonstrated using Windows Live Movie Maker on Windows 7 operating system.

707 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

20 Experts available now in Live!

Get 1:1 Help Now