'**************************************************** ' Script Witten by Larry Heintz ' April 2006 www.windowsadminscripts.com ' This script will enumerate groups in a Active ' Directory Domain. You can also enumerate just the ' users in a certain group. ' All the information is written to a comma delimited ' text file, except the enumeration of groups. ' ' Script Usage: ' Enum Users: cscript groups.vbs /ad:[AD Domain] /group:"[GroupName]" ' Enum Groups: cscript groups.vbs /ad:[AD Domain] /group:list '**************************************************** Dim args,ad,group,logPath Set args = Wscript.Arguments.Named ad = args.Item("ad") group = lcase(args.Item("group")) logPath = getLogPath() if wscript.arguments.count = 0 then wscript.echo "Script Usage:" wscript.echo "Enum Users: cscript groups.vbs /ad:[AD Domain] /group:""[GroupName]""" wscript.echo "Enum Groups: cscript groups.vbs /ad:[AD Domain] /group:list" else if ad = "" then ad = getDomainName() else ad = ad end if if group = "" then group = "domain users" elseif group = lcase("list") then Call enumGroups(ad) wscript.quit else group = group end if Call enumUsersGroup(ad,group) end if Function enumUsersGroup(ad,group) On Error Resume Next Dim objgroup,member,count count = 0 wscript.echo "Starting script..." Set objgroup = GetObject("WinNT://" & ad & "/" & group & ",group") if not (errorChecking (ad)) then for each member in objgroup.members count = count + 1 Call writetoLog(member.name,group,ad) wscript.echo member.name & "," & group next end if Set objgroup = nothing wscript.echo "" wscript.echo "There are " & count & " Users in the " & ucase(group) & " group in " & ucase(ad) wscript.echo "Ending script..." End Function Function enumGroups(ad) On Error Resume Next Dim objgroup,egroup,count count = 0 wscript.echo "Starting script..." Set objgroup = GetObject("WinNT://" & ad) if not (errorChecking (ad)) then objgroup.filter = Array("group") For Each egroup in objgroup count = count + 1 wscript.echo egroup.name next end if Set objgroup = nothing wscript.echo "" wscript.echo "There are " & count & " Groups in " & ucase(ad) wscript.echo "Ending script..." End Function Function writetoLog(username,group,ad) Dim FSO,objFSOwriteline Set FSO = CreateObject("Scripting.FileSystemObject") Set objFSOwriteline = FSO.OpenTextFile(logPath & "\groups_" & ad & ".txt", 8,True) objFSOwriteline.WriteLine(username & "," & group) objFSOwriteline.close Set objFSOwriteline = nothing Set FSO = nothing End Function Function getLogPath() Dim temp,temp2 temp = split(wscript.scriptfullname,"\") for i = 0 to ubound(temp) - 1 temp2 = temp2 & temp(i) & "\" next getLogPath = temp2 End Function Function getComputer() Dim objNet Set objNet = WScript.CreateObject("WScript.Network") getComputer = objNet.ComputerName Set objNet = Nothing End Function Function getDomainName() Dim QConfigSet, qsetreturn Set QConfigSet = GetObject("winmgmts:{impersonationLevel=impersonate}\\" & getComputer() & "\root\cimv2").ExecQuery("SELECT * FROM Win32_ComputerSystem") For Each qsetreturn In QConfigSet getDomainName = qsetreturn.domain Next Set QConfigSet = Nothing End Function Function errorChecking(ad) errorChecking = False if err.number <> 0 then wscript.echo "Unable to connect to " & ucase(ad) & " AD Domain" err.Clear () errorChecking = True end if end Function