Gmail Calendar Documents Reader Web more »
Recently Visited Groups | Help | Sign in
Google Groups Home
microsoft.public.scripting.vbscript
+ new post
About this group
Subscribe to this group
This is a Usenet group - learn more
check if a user is member of a group?
Options
There are currently too many topics in this group that display first. To make this topic appear first, remove this option from another topic.
There was an error processing your request. Please try again.
flag
   2 messages - Collapse all  -  Translate all to Translated (View all originals)
The group you are posting to is a Usenet group. Messages posted to this group will make your email address visible to anyone on the Internet.
Your reply message has not been sent.
Your post was successful
 
From:
To:
Cc:
Followup To:
Add Cc | Add Followup-to | Edit Subject
Subject:
Validation:
For verification purposes please type the characters you see in the picture below or the numbers you hear by clicking the accessibility icon. Listen and type the numbers you hear
 
Gunna  
View profile  
 More options Nov 20 2009, 1:34 am
Newsgroups: microsoft.public.scripting.vbscript
From: Gunna <Gu...@discussions.microsoft.com>
Date: Thu, 19 Nov 2009 17:34:05 -0800
Local: Fri, Nov 20 2009 1:34 am
Subject: check if a user is member of a group?
Forward | Print | Individual message | Show original | Report this message | Find messages by this author
I have a text file listing some userID's.  I need to read the users from this
list and check if they are a member of a specifc group in Active Directory.

I checked and checked but cant seem to find anything to do what i need.  Can
anyone help?


    Forward  
You must Sign in before you can post messages.
To post a message you must first join this group.
Please update your nickname on the subscription settings page before posting.
You do not have the permission required to post.
Richard Mueller [MVP]  
View profile  
 More options Nov 20 2009, 2:33 am
Newsgroups: microsoft.public.scripting.vbscript
From: "Richard Mueller [MVP]" <rlmueller-nos...@ameritech.nospam.net>
Date: Thu, 19 Nov 2009 20:33:45 -0600
Local: Fri, Nov 20 2009 2:33 am
Subject: Re: check if a user is member of a group?
Forward | Print | Individual message | Show original | Report this message | Find messages by this author

"Gunna" <Gu...@discussions.microsoft.com> wrote in message

news:6280D449-FAE3-47DF-A284-1731FD9FB248@microsoft.com...

>I have a text file listing some userID's.  I need to read the users from
>this
> list and check if they are a member of a specifc group in Active
> Directory.

> I checked and checked but cant seem to find anything to do what i need.
> Can
> anyone help?

I assume your text file has "pre-Windows 2000 logon" names. A VBScript
program can use the FileSystemObject to read the names from the file, use
the NameTranslate object to convert the names to Distinguished Names, then
check for membership in a specified group. You should specify the
Distinguished Name of the group. For example:
============
Option Explicit
Dim objRootDSE, strDNSDomain, objTrans, strNetBIOSDomain
Dim strFile, strGroupDN, objGroup, objFSO, objFile, strUser
Dim strUserDN

Const ForReading = 1
Const ADS_NAME_INITTYPE_GC = 3
Const ADS_NAME_TYPE_NT4 = 3
Const ADS_NAME_TYPE_1779 = 1

' Determine DNS domain name from RootDSE object.
Set objRootDSE = GetObject("LDAP://RootDSE")
strDNSDomain = objRootDSE.Get("DefaultNamingContext")

' Use the NameTranslate object.
Set objTrans = CreateObject("NameTranslate")
' Initialize NameTranslate by locating the Global Catalog.
objTrans.Init ADS_NAME_INITTYPE_GC, ""
' Use Set method to specify DNS domain name.
objTrans.Set ADS_NAME_TYPE_1779, strDNSDomain
' Use Get method to retrieve NetBIOS name of domain.
strNetBIOSDomain = objTrans.Get(ADS_NAME_TYPE_NT4)
' Remove trailing backslash.
strNetBIOSDomain = Left(strNetBIOSDomain, Len(strNetBIOSDomain) - 1)

' Specify text file of user "pre-Windows 2000 logon" Names.
strFile = "c:\Scripts\Members.txt"

' Specify DN of group.
strGroupDN = "cn=TestGroup,ou=Sales,dc=MyDomain,dc=com"

' Bind to the group object.
Set objGroup = GetObject("LDAP://" & strGroupDN)

' Use FSO to open text file for read access.
Set objFSO = CreateObject("Scripting.FileSystemObject")
Set objFile = objFSO.OpenTextFile(strFile, ForReading)

' Read the text file.
Do Until objFile.AtEndOfStream
    ' Retrieve user name.
    strUser = Trim(objFile.ReadLine)
    ' Skip blank lines.
    If (strUser <> "") Then
        ' Use Set method to specify NT format of Name.
        ' Trap error if user not found.
        On Error Resume Next
        objTrans.Set ADS_NAME_TYPE_NT4, strNetBIOSDomain _
            & "\" & strUser
        If (Err.Number = 0) Then
            On Error GoTo 0
            ' Use Get method to retrieve Distinguished Name.
            strUserDN = objTrans.Get(ADS_NAME_TYPE_1779)

            ' Check if user a member of the group.
            If (objGroup.IsMember("LDAP://" & strUserDN) = True) Then
                Wscript.Echo "User " & strUser & " is a member of the group"
            Else
                Wscript.Echo "User " & strUser & " is NOT a member of the
group"
            End If
        Else
            On Error GoTo 0
            ' user does not exist.
            Wscript.echo "User " & strUser & " not found."
        End If
    End If
Loop

' Clean up.
objFile.Close

--
Richard Mueller
MVP Directory Services
Hilltop Lab - http://www.rlmueller.net
--


    Forward  
You must Sign in before you can post messages.
To post a message you must first join this group.
Please update your nickname on the subscription settings page before posting.
You do not have the permission required to post.
End of messages
« Back to Discussions « Newer topic     Older topic »

Create a group - Google Groups - Google Home - Terms of Service - Privacy Policy
©2010 Google