OldDog
Tue Feb 27 10:55:22 CST 2007
On Feb 26, 5:15 pm, "Richard Mueller [MVP]" <rlmueller-
nos...@ameritech.nospam.net> wrote:
> OldDog wrote:
> > I am working on a script that will determin if three different ID's
> > are in the local Administrators group on a long list of servers. I can
> > get my script to reliably report on ONE user, but If I try fro more
> > than one, I get mixed results and I can't trust the accuracy. Can
> > someone point me to a sample script or discussion on finding multiple
> > users in a group?
>
> > This script will tell me if JoeUser is a memger of the Administrators
> > group on a list of servers.
>
> > Option Explicit
> > Dim objGroup, strComputer, objFSO, objTextFile
> > Const ForReading = 1
> > On Error Resume Next
> > Set objFSO = CreateObject("Scripting.FileSystemObject")
> > Set objTextFile = objFSO.OpenTextFile("C:\Scripts\servers.txt",
> > ForReading)
> > Do Until objTextFile.AtEndOfStream
> > strComputer = Trim(objTextFile.Readline)
> > If (strComputer <> "") Then
>
> > Set objGroup = GetObject("WinNT://" & strComputer & "/
> > Administrators,group")
> > Wscript.Echo "Members of local Administrators group on computer " &
> > strComputer
> > Call EnumGroup(objGroup, "")
> > End If
> > Loop
>
> > Sub EnumGroup(objGroup, strOffset)
> > Dim objMember
> > For Each objMember In objGroup.Members
> > 'Wscript.Echo strOffset & objMember.Name & " (" &
> > objMember.Class & ")"
> > If (objMember.Name = "JoeUser") Then
> > Wscript.Echo strOffset & objMember.Name & " (" &
> > objMember.Class & ")"
>
> > End If
> > Next
> > End Sub
>
> Since you are not tracking down group nesting, but only checking direct
> group membership, it would be easier to bind to each group object and use
> the IsMember method. You pass the AdsPath of the prospective member to this
> method and it returns True if the corresponding object is a member. Perhaps
> (watch line wrapping):
> ==============
> Option Explicit
>
> Dim objFSO, strComputer, objTextFile
> Dim objGroup, objUser1, objUser2, objUser3
>
> Const ForReading = 1
>
> Set objFSO = CreateObject("Scripting.FileSystemObject")
> Set objTextFile = objFSO.OpenTextFile("c:\scripts\servers.txt", ForReading)
>
> ' Bind the user objects, which will be checked for membership.
> Set objUser1 = GetObject("WinNT://MyDomain/JoeUser,user")
> Set objUser2 = GetObject("WinNT://MyDomain/JohnWilson,user")
> Set objUser3 = GetObject("WinNT://MyDomain/MarySmith,user")
>
> Do Until objTextFile.AtEndOfStream
> strComputer = Trim(objFile.ReadLine)
> If (strComputer <> "") Then
> Set objGroup = GetObject("WinNT://" & strComputer &
> "/Administrators,group")
> If (objGroup.IsMember(objUser1.AdsPath) = True) Then
> Wscript.Echo "User " & objUser1.Name & " is member of
> Administrators on " & strComputer
> End If
> If (objGroup.IsMember(objUser2.AdsPath) = True) Then
> Wscript.Echo "User " & objUser2.Name & " is member of
> Administrators on " & strComputer
> End If
> If (objGroup.IsMember(objUser3.AdsPath) = True) Then
> Wscript.Echo "User " & objUser3.Name & " is member of
> Administrators on " & strComputer
> End If
> End If
> Loop
>
> --
> Richard Mueller
> Microsoft MVP Scripting and ADSI
> Hilltop Lab -
http://www.rlmueller.net
> --- Hide quoted text -
>
> - Show quoted text -
Thank you, as usual your advice worked great. I had to modify it a bit
as it turned out one of the users is not a member of the domain and
the other two were groups. The IsMember function is one I was not
familiar with.
Thanks again.
OldDog