Display group Membership

[Aaron Custer]

Is there a way to export/display the members of a specific global group? I
need to
be able to copy the usernames into a text file.

Thank you
Aaron

 

[Jerold Schulman]

Is there a way to export/display the members of a specific global group? I
need to
be able to copy the usernames into a text file.

Thank you
Aaron

Using Adfind.exe freeware from tip 5898 » Freeware ADFind.
in the 'Tips & Tricks' at http://www.jsifaq.com

Xgrp "CN=Domain Admins,CN=Users,DC=JSIINC,DC=COM" c:\folder\members.txt

where Xgrp.bat contains:
@echo Off
if {%2}=={} @echo Syntax XGrp "GroupDN" File&goto :EOF
setlocal
set grp=%1
set grp="%grp:"=%"
set file=%2
set adf=adfind -nodn -b %grp% member
for /f "Tokens=1*" %%a in ('%adf%^|find ">member:"') do (
@echo %grp% "%%b">>%file%
)
endlocal

If you use c:\folder\members.txt for the next group, Xgrp.bat will append the info.

Jerold Schulman
Windows Server MVP
JSI, Inc.
http://www.jsiinc.com
http://www.jsifaq.com

 

[rwh]

watch for line wrap

export members of a group:

ldifde -f file.txt -d "cn=Group1ou=USERS,dc=mydomain,dc=com" -l member
-s servername

 

[rwh]

watch for line wrap

export members of a group:

ldifde -f file.txt -d "cn=Group1ou=USERS,dc=mydomain,dc=com" -l member
-s servername

 

[Cary Shultz [A.D. MVP]]

Aaron,

I might suggest that you take a look at ldifde or csvde to do this. Jerold
has offered another way. There is also scripting ( but that is a bit more
complicated.... ).

An example using ldifde might look like this:

ldifde -f c:\system\groups.ldf -s dc01.yourdomain.com -t 389 -d
"dc=yourdomain,dc=com" -r "(objectClass=group)" -p subtree.

This would give you everything for each and every group in the
'yourdomain.com' domain. You might want to customize this a little bit.
You might store all of your security groups in an OU called 'SecurityGroups'
and all of your distribution groups in an OU called 'DistributionGroups'.
In that case the command might look like this:

ldifde -f c:\system\secgroups.ldf -s dc01.yourdomain.com -t 389 -d
"ou=securitygroups,dc=yourdomain,dc=com" -r "(objectClass=group)" -p
subtree.

ldifde -f c:\system\distgroups.ldf -s dc01.yourdomain.com -t 389 -d
"ou=distributiongroups,dc=yourdomain,dc=com" -r "(objectClass=group)" -p
subtree.

You could also use the -l switch ( that is the lower case letter 'L' ) to
further limit what the results hold. So, you might want to add at the
following at the end of the above command: -l
"DN,sAMAccountName,member,blah!,blah!,blah!"

HTH,

--
Cary W. Shultz
Roanoke, VA 24012

WIN2000 Active Directory MVP
http://www.activedirectory-win2000.com
(soon to be updated!!!)
http://www.grouppolicy-win2000.com
(soon to be updated!!!)