Tuesday, March 08, 2005

How do I query a domain local group ?

How do I query a domain local group ? Suppose you are in Domain A and are member of a domain local group in Domain B. The Domain A DC does not know about it, nor does the GC. Only the Domain B DC knows about it. I finally came up with this solution. It is slow though as it has to query the AD tree..


'==========================================================================
'
' NAME: DomainLocalGroup.vbs
'
' AUTHOR: Woosie
' DATE : 02-03-2005
'
' COMMENT: Scan AD Tree looking for local group membership and then output
' list to screen.
'
'==========================================================================


Dim localgroups()
localgroup=0
struser = InputBox("User to assess local group membership (e.g. cn=bennnett_s) ?","Local Group Scanner")
' change next line to point to your root AD path.
Set oDomain = GetObject("[link]")
WScript.Echo("Searching Domain a.. Please wait..")
EnumOU(oDomain)


WScript.Echo (struser & " is a member of : ")
For myloop=0 To localgroup
WScript.Echo(localgroups(myloop))
next
Wscript.Quit


Function EnumOU(oContainer)
For Each oObj In oContainer
For Each sClass in oObj.ObjectClass
If LCase(sClass) = "organizationalunit" Then
WScript.echo "Searching " & oObj.AdsPath
EnumOU(oObj)
Else
If LCase(sclass) = "group" Then
WScript.Echo oobj.name & " " & oObj.AdsPAth
strPath =oObj.AdsPAth
set objGroup = GetObject(strPath)
for each objMember In objGroup.Members
splitme=split(objMember.Get("distinguishedname"),",")
if lcase(splitme(0))=lcase(struser) Then
localgroup=localgroup+1
ReDim Preserve localgroups(localgroup)
localgroups(localgroup-1)=strpath
Wscript.Echo struser & " is a member of local group : " & strpath
End if
Next
End If
End If
Next
Next
End Function

No comments: