AD group members export to text file

Asked By 30 points N/A Posted on -
qa-featured

Hi, everyone! 

I have a problem regarding (Active Directory) AD group members export to text file. My boss tasked me to do this action but I have no idea on how doing this. Can you please help me with this? I really need your advice on this problem. 

Thanks in advance!

SHARE
Best Answer by Gardner Dunkley
Go To Solution
Best Answer
Best Answer
Answered By 0 points N/A #181197

AD group members export to text file

qa-featured

Using LDIFDE Utility

1. Click on start

2. Then programs

3. Point to accessories

4. Click command prompt

5. In Command prompt type :

ldifde -f group.ldf -s hq-res-dc-01-d"ou=Group,dc= reskit,dc=com"-psubtree–r"(objectCategory=CN=Person,CN=Schema,CN=Configuration,DC=reskit,DC=com)"

This creates the desired file

Solution Two

You can use the following visual basic script

' ***************************** 
' * List All Groups in the Domain and 
' * List All Members of each Group 
' *
' * Output to a text file on the user's desktop in the format: 
' * group name <tab> type <tab> member name <tab> type 
' * Prompt for the text file name. 
' * Written by James Anderson, July 2009 
' ***************************** 
' Variables 
Const MY_DOMAIN = "dc=fabricam,dc=com" 
' ***************************** 
' Start Main 
On Error Resume Next 
Const ADS_SCOPE_SUBTREE = 2 
Const ADS_GROUP_TYPE_GLOBAL_GROUP = &h2 
Const ADS_GROUP_TYPE_LOCAL_GROUP = &h4 
Const ADS_GROUP_TYPE_UNIVERSAL_GROUP = &h8 
Const ADS_GROUP_TYPE_SECURITY_ENABLED = &h80000000 
Const E_ADS_PROPERTY_NOT_FOUND = &h8000500D 
Consult MYPROMPT = "Enter the Output file name (i.e. Groups.txt) that will be saved on your desktop:" 
Const ForReading = 1, ForWriting = 2, ForAppending = 8 
Set objFSO = CreateObject("Scripting.FileSystemObject") 
 
'Set up the output file 
If UCase( Right( WScript.FullName, 12 ) ) = "CSCRIPT.EXE" Then 
  WScript.StdOut.Write MYPROMPT & " " 
  strMyFileName = WScript.StdIn.ReadLine 
Else 
  strMyFileName = InputBox( MYPROMPT ) 
End If 
if strMyFileName = "" then 
  wscript.quit 
end if 
Set WshShell = CreateObject("WScript.Shell") 
Set WshSysEnv = WshShell.Environment("PROCESS") 
strMyFileName = WshSysEnv("USERPROFILE") & "Desktop" & strMyFileName 
Set WshSysEnv = nothing 
Set WshShell = nothing 
if objFSO.FileExists(strMyFileName) then 
  'objFSO.DeleteFile(strMyFileName) 
  wscript.echo "That filename already exists" 
  wscript.quit 
end if 
 
' Get a recordset of groups in AD 
Set objMyOutput = objFSO.OpenTextFile(strMyFileName, ForWriting, True) 
Set objConnection = CreateObject("ADODB.Connection") 
Set objCommand = CreateObject("ADODB.Command") 
objConnection.Provider = "ADsDSOObject" 
objConnection.Open "Active Directory Provider" 
Set objCommand.ActiveConnection = objConnection 
objCommand.Properties("Page Size") = 1000 
objCommand.Properties("Searchscope") = ADS_SCOPE_SUBTREE  
objCommand.CommandText = _ 
    "SELECT ADsPath, Name FROM 'LDAP://" & MY_DOMAIN & "' WHERE objectCategory='group'"  
Set objRecordSet = objCommand.Execute 
objRecordSet.MoveFirst 
 
' For each Group, Get group properties 
Do Until objRecordSet.EOF 
  Set objGroup = GetObject(objRecordSet.Fields("ADsPath").Value) 
  strGroupName = objRecordSet.Fields("Name").Value 
  If objGroup.GroupType AND ADS_GROUP_TYPE_LOCAL_GROUP Then 
    strGroupDesc = "Domain local " 
  ElseIf objGroup.GroupType AND ADS_GROUP_TYPE_GLOBAL_GROUP Then 
    strGroupDesc = "Global " 
  ElseIf objGroup.GroupType AND ADS_GROUP_TYPE_UNIVERSAL_GROUP Then 
    strGroupDesc = "Universal " 
  Else 
    strGroupDesc = "Unknown " 
  End If 
  If objGroup.GroupType AND ADS_GROUP_TYPE_SECURITY_ENABLED Then 
    strGroupDesc = strGroupDesc & "Security group" 
  Else 
    strGroupDesc = strGroupDesc & "Distribution group" 
  End If 
 
  ' Check if there are members 
  err.clear 
  arrMemberOf = objGroup.GetEx("Member") 
  If Err.Number = E_ADS_PROPERTY_NOT_FOUND then 
    ' Write a line to the outputfile with group properties and no members 
    objMyOutput.WriteLine(strGroupName & vbtab & strGroupDesc & vbtab & "<null>" & vbtab & "<null>") 
  Else 
    ' For each group member, get member properties 
    For Each strMemberOf in arrMemberOf 
      Set objMember = GetObject("LDAP://" & strMemberOf) 
      strMemberName = right(objMember.Name,len(objMember.Name)-3) 
      ' Write a line to the outputfile with group and member properties 
      objMyOutput.WriteLine(strGroupName & vbtab & strGroupDesc & vbtab & strMemberName & vbtab & objMember.Class) 
      set objMember = nothing 
    Next 
  End If 
  objRecordSet.MoveNext 
  Set objGroup = nothing 
Loop 
objMyOutput.close 
wscript.echo "Done!"
About Gardner Dunkley
Questions
0
Answers
6
Best Answers
1
Answered By 0 points N/A #181198

AD group members export to text file

qa-featured

There are two solutions, both requiring the use of "Command Prompt". The first one is to type in:

net group “Group Name” /domain > memberlist.txt 

(where memberlist.txt is the name of the resulting file) and press Enter. The second solution is to type in:

dsquery group -name “Group Name” | dsget group -members > memberlist.txt 

About Wangwe Amos
Questions
0
Answers
250
Best Answers
3

Is there any extracting tool/software for extracting email files attachment?

Previous

Pse 9 puzzle texture tutorial

Next

Related Questions