CraigWallace
Sat Mar 31 13:04:02 CDT 2007
Excellent thank you very very much. i am sure i can work the email part out
but again thanks very much for your help
"Richard Mueller [MVP]" wrote:
> Craig Wallace wrote:
>
> > Does anyone have a script or can help me with one. I need a script that i
> > can run once an hour that will check the Domain Admins and the
> > Administrator
> > groups in AD and if any change has been made since the last check to send
> > and
> > email
> >
>
> The whenChanged attribute of the group object can be used to determine if
> changes have been made to the group (any change, including to the
> membership), since a specified date. The last change date must be saved
> somewhere, perhaps in a text file.
>
> The example below retrieves the last change date from a file, then checks
> the two groups to see if either has been changed since. If so, the script
> echos a message to the screen. The program saves the new date in the text
> file. Someone else can suggest ways to send email messages.
> =========
> Option Explicit
>
> Dim strWhenChanged, strLastChanged
> Dim strLastDateFile, objFSO, objDateFile
> Dim strDomainAdmsDN, strAdminsDN, objDomainAdms, objAdmins
>
> Const ForReading = 1
> Const ForWriting = 2
> Const OpenAsASCII = 0
> Const CreateIfNotExist = True
>
> ' Specify Distinguished Names of groups to monitor.
> strDomainAdmsDN = "cn=Domain Admins,cn=Users,dc=Hilltop,dc=rlmueller,dc=net"
> strAdminsDN = "cn=Administrators,cn=Builtin,dc=Hilltop,dc=rlmueller,dc=net"
>
> ' Specify file where last change date (in UTC) is saved.
> strLastDateFile = "c:\rlm\HilltopLab\Recent\LastDate.txt"
>
> ' Retrieve last change date.
> Set objFSO = CreateObject("Scripting.FileSystemObject")
> On Error Resume Next
> Set objDateFile = objFSO.OpenTextFile(strLastDateFile, ForReading)
> If (Err.Number <> 0) Then
> On Error GoTo 0
> ' Assign default date.
> strLastChanged = "1/1/2007 12:00:00 AM"
> Else
> On Error GoTo 0
> strLastChanged = objDateFile.ReadLine
> objDateFile.Close
> End If
>
> ' Bind to Domain Admins group.
> Set objDomainAdms = GetObject("LDAP://" & strDomainAdmsDN)
>
> ' Check if changed.
> If (CDate(objDomainAdms.whenChanged) > CDate(strLastChanged)) Then
> Wscript.Echo "Domain Admins group changed " & objDomainAdms.whenChanged
> End If
>
> ' Bind to Administrators group.
> Set objAdmins = GetObject("LDAP://" & strAdminsDN)
>
> ' Check if changed.
> If (CDate(objAdmins.whenChanged) > CDate(strLastChanged)) Then
> Wscript.Echo "Administrators group changed " & objAdmins.whenChanged
> End If
>
> If (CDate(objDomainAdms.whenChanged) > CDate(objAdmins.whenChanged)) Then
> strLastChanged = objDomainAdms.whenChanged
> Else
> strLastChanged = objAdmins.whenChanged
> End If
>
> ' Increment last creation date by one second.
> strLastChanged = CStr(DateAdd("s", 1, CDate(strLastChanged)))
>
> ' Save last creation date.
> Set objDateFile = objFSO.OpenTextFile(strLastDateFile, _
> ForWriting, CreateIfNotExist, OpenAsASCII)
> objDateFile.WriteLine strLastChanged
>
> ' Clean up.
> objDateFile.Close
>
> --
> Richard Mueller
> Microsoft MVP Scripting and ADSI
> Hilltop Lab -
http://www.rlmueller.net
> --
>
>
>