OU, é onde esse grupo está dentro da OU, se estiver em várias sublistas de OU, separa as mesmas por "OU=nome,OU=nome2" e assim por dianteĮxpand members, vai expandir os membros do grupo O comando dsget é um serviço do AD que é usado para consultas no mesmo.Ĭn, é onde vc vai especificar o nome do grupo que vc quer procurar os usuáiros
MCP-W2K3/MCDST/MCSA/MCTS SE A RESPOSTA FOR UTIL, CLASSIFIQUE-A!Ĭom o comando dsget você faz isso rápido.ĭsget group "cn=NOME DO GRUPO QUE VOCÊ QUER PROCURAR,OU=CAMINHO1 ONDE SE ENCONTRA A OU DO GRUPO,OU=CAMINHO2 ONDE SE ENCONTRA A OU DO GRUPO,dc=br,dc=contoso,dc=com" -expand -members | dsget user -fn -ln -email > C:\Lista.txt ObjMyOutput.WriteLine(strGroupName & vbtab & strGroupDesc & vbtab & strMemberName & vbtab & objMember. ' Write a line to the outputfile with group and member properties StrMemberName = right(objMember.Name,len(objMember.Name)- 3) Set objMember = GetObject( "LDAP://" & strMemberOf) ObjMyOutput.WriteLine(strGroupName & vbtab & strGroupDesc & vbtab & "" & vbtab & "")Įlse ' For each group member, get member properties For Each strMemberOf in arrMemberOf ' Write a line to the outputfile with group properties and no members If Err.Number = E_ADS_PROPERTY_NOT_FOUND then StrGroupDesc = strGroupDesc & "Distribution group" End If ' Check if there are members StrGroupDesc = strGroupDesc & "Security group" Else StrGroupDesc = "Unknown " End If If objGroup.GroupType AND ADS_GROUP_TYPE_SECURITY_ENABLED Then StrGroupDesc = "Global " ElseIf objGroup.GroupType AND ADS_GROUP_TYPE_UNIVERSAL_GROUP Then StrGroupDesc = "Domain local " ElseIf objGroup.GroupType AND ADS_GROUP_TYPE_GLOBAL_GROUP Then If objGroup.GroupType AND ADS_GROUP_TYPE_LOCAL_GROUP Then StrGroupName = objRecordSet.Fields( "Name").Value
Set objGroup = GetObject(objRecordSet.Fields( "ADsPath").Value) ' For each Group, Get group properties Do Until objRecordSet.EOF "SELECT ADsPath, Name FROM 'LDAP://" & MY_DOMAIN & "' WHERE objectCategory='group'" Set objRecordSet = objCommand.Execute ObjCommand.Properties( "Searchscope") = ADS_SCOPE_SUBTREE ObjCommand.Properties( "Page Size") = 1000 ObjConnection.Open "Active Directory Provider" Set objCommand.ActiveConnection = objConnection
Set objCommand = CreateObject( "ADODB.Command") Set objConnection = CreateObject( "ADODB.Connection") ' Get a recordset of groups in AD Set objMyOutput = objFSO.OpenTextFile(strMyFileName, ForWriting, True) Wscript.echo "That filename already exists" StrMyFileName = WshSysEnv( "USERPROFILE") & "\Desktop\" & strMyFileName Set WshSysEnv = WshShell.Environment( "PROCESS") Set WshShell = CreateObject( "WScript.Shell") ' Setup the output file If UCase( Right( WScript.FullName, 12 ) ) = "\CSCRIPT.EXE" Then Segue script que pode deve te ajudar: List all groups in the domain and all members of the groups