10945 » How can I use VBScript to return all the groups in my domain, returning distinguishedName, sAMAccountName, group scope and type in CSV format? (30-Oct-06)

I have scripted GetGroups.vbs to return all the groups in your domain, returning the following in semi-colon separated format:

"distinguishedName";"sAMAccountName";"Scope";"SecDst"

Where:

DistinguishedName is the distinguished name of the group.

sAMAccountName    is the NetBIOS (Pre-Windows 2000) name of the group.


Scope             is the group scope:
                         B   for a Built-in group.
                         L   for a Domain Local group.
                         G   for a Global group.
                         U   for a Universal group.

SecDst            is the group type:
                         S   for a security group.
                         D   for a distribution group.

GetGroups.vbs contains:

On Error Resume Next
Dim objConnection, objCommand, objRootDSE, strDNSDomain
Dim strFilter, strQuery, objRecordSet, gt
Set objConnection = CreateObject("ADODB.Connection")
Set objCommand = CreateObject("ADODB.Command")
objConnection.Provider = "ADsDSOOBject"
objConnection.Open "Active Directory Provider"
Set objCommand.ActiveConnection = objConnection
Set objRootDSE = GetObject("LDAP://RootDSE")
'Get domain
strDNSDomain = objRootDSE.Get("defaultNamingContext")
strBase = "<LDAP://" & strDNSDomain & ">"
'Define the filter elements
strFilter = "(&(objectCategory=group))"
'List all attributes you will require
strAttributes = "distinguishedName,sAMAccountName,groupType"
'compose query
strQuery = strBase & ";" & strFilter & ";" & strAttributes & ";subtree"
objCommand.CommandText = strQuery
objCommand.Properties("Page Size") = 99999
objCommand.Properties("Timeout") = 300
objCommand.Properties("Cache Results") = False
Set objRecordSet = objCommand.Execute
objRecordSet.MoveFirst
Do Until objRecordSet.EOF
    strDN = objRecordSet.Fields("distinguishedName")
    strSA = objRecordSet.Fields("sAMAccountName")
    gt = objRecordSet.Fields("groupType")
    if (gt ANd &h01) <> 0 then
    Scope = "B"
    ElseIf (gt And &h02) <> 0 Then
    Scope = "G"
    ElseIf (gt And &h04) <> 0 Then
    Scope = "L"
    ElseIf (gt And &h08) <> 0 Then
    Scope = "U"
    End If
    If (gt And &h80000000) <> 0 Then
     SecDst = "S"
    Else
     SecDst = "D"
    End If
    Wscript.Echo """" & strDN & """;""" & strSA & """;""" & Scope & """;""" & SecDst &""""
    objRecordSet.MoveNext
Loop
' Clean up.
objConnection.Close
Set objConnection = Nothing
Set objCommand = Nothing
Set objRootDSE = Nothing
Set objRecordSet = Nothing

End of Article

You must log on before posting a comment.

If you don't have a username & password, please register now.