viewpoint-particle

Author Topic: Active Directory - Security group  (Read 2716 times)

hienpham

  • Newbie
  • *
  • Posts: 46
Active Directory - Security group
« on: June 19, 2014, 03:26:31 pm »
Hi,
I would like to list out all the Security Groups in my Active Directory.
I use the Tech Article ID:   W17368 (ADSI COM List Groups)
=================================
   DomainName = "xxxxxxx"
Domain = GetObject("WinNT://" : DomainName)
grouplist = ''
ForEach Member in Domain
   If Member.Class == "Group"
      sGroupName = Member.Name
      grouplist = grouplist : @tab :  sGroupName
   Endif
Next
AskItemList('Group list', StrTrim( grouplist ), @tab, @unsorted, @single )
exit
=================================
but what I got are all the Distribution groups, I could not find any Security group listed in the final grouplist.
What do I need to modify to get the Security group?
Thanks for all the help.


Deana

  • Wilson WindowWare Tech Support
  • Pundit
  • *****
  • Posts: 1183
  • WinBatch® can do it.
    • WinBatch Tech Support Database
Re: Active Directory - Security group
« Reply #1 on: June 19, 2014, 03:31:22 pm »
You can enumerate all users with membership in the bound security group using code like this:

Code: Winbatch
GroupName = "Target_Group_Name"
GroupDomain = "Target_Group_Domain"
Group = GetObject("WinNT://" : GroupDomain : "/" : GroupName : ",group")
 
Deana F.
Technical Support
Wilson WindowWare Inc.

hienpham

  • Newbie
  • *
  • Posts: 46
Re: Active Directory - Security group
« Reply #2 on: June 19, 2014, 03:42:39 pm »
Thanks Deana, but I need to get the list of ALL Security Groups in the domain and not the list members of a group.

td

  • Tech Support
  • *****
  • Posts: 4092
    • WinBatch
Re: Active Directory - Security group
« Reply #3 on: June 20, 2014, 06:47:21 am »
Code: Winbatch
AddExtender("wwads44i.dll")

; See extender docs for path specification.
sAdsiPath  = "LDAP://whatever your FQDN happens to be goes here"

;UNIVERSAL_GROUP = 8
;GLOBAL_GROUP     = 2
SECURITY_GROUP     = -1
sResults = dsFindPath(sAdsiPath, "(&(objectClass=group)(groupType:1.2.840.113556.1.4.804:=%SECURITY_GROUP%) )")  

; Could be a long list.
message("Securinty groups", sResults)
 
"No one who sees a peregrine falcon fly can ever forget the beauty and thrill of that flight."
  - Dr. Tom Cade