Re: How do I get a users group belonging from my AD
- From: "Richard Mueller" <rlmueller-NOSPAM@xxxxxxxxxxxxxxxxxxxx>
- Date: Mon, 6 Feb 2006 11:34:38 -0600
Birger wrote:
In our logon script I'll need to collect the users security group
belonging and OU belonging in our AD to mapp to correct resources. How do
I retrive this info from AD to my script?
Many Thanks / Birger, Sweden
Hi,
I have several example VBScript functions to check group membership linked
here:
http://www.rlmueller.net/freecode1.htm
The one you select depends on your clients (minimum OS), if your groups are
nested, and if you need to check for membership in the "Primary" group
(which should not be necessary). Also, I have several example VBScript logon
scripts linked here, most of which demonstrate checking group membership to
map resources:
http://www.rlmueller.net/freecode2.htm
Finally, user objects reside in OU's, but they are not really members. There
is no way to check OU membership. You can parse the Distinguished Name of
the user to determine the OU. Also, the Parent method of the user object
returns the Distinguished Name (DN) of the parent container, which is the DN
of the OU. For example
' Specify the user Distinguished Name. This user is in ou=Sales,
' which is in ou=East, which is in the domain MyDomain.com.
strUserDN = "cn=Jim Smith,ou=Sales,ou=East,dc=MyDomain,dc=com"
' Bind to the user object.
Set objUser = GetObject("LDAP://"; & strUserDN)
' Retrieve the DN of the Parent container.
strParent = objUser.Parent
The value of strParent will be "LDAP://ou=Sales,ou=East,dc=MyDomain,dc=com";.
Note that if you parse the user DN for the parent container and retrieve
"cn=Sales", this may not be unique. There could be a similar OU in ou=West,
for example.
I have used the following functions to parse Distinguished Names for
OU/Container information. The one you select depends on your needs and how
your OU's are setup:
Option Explicit
Dim strUserDN
strUserDN = "cn=Jim Smith,ou=Sales,ou=East,dc=MyDomain,dc=com"
MsgBox Parse1(strUserDN)
MsgBox Parse2(strUserDN)
MsgBox Parse3(strUserDN)
Function Parse1(strDN)
Parse1 = Mid(strDN, InStr(strDN, "=") + 1)
Parse1 = Mid(Parse1, InStr(Parse1, "=") + 1)
Parse1 = MId(Parse1, 1, InStr(Parse1, "=") - 4)
End Function
Function Parse2(strDN)
Parse2 = Mid(strDN, InStr(strDN, "=") + 1)
Parse2 = Mid(Parse2, InStr(Parse2, "=") - 2)
Parse2 = Left(Parse2, InStr(UCase(Parse2), "DC=") - 2)
End Function
Function Parse3(strDN)
Parse3 = Mid(strDN, InStr(strDN, "=") + 1)
Parse3 = Mid(Parse3, InStr(Parse3, "=") - 2)
End Function
--
Richard
Microsoft MVP Scripting and ADSI
Hilltop Lab - http://www.rlmueller.net
.
- References:
- How do I get a users group belonging from my AD
- From: Birger
- How do I get a users group belonging from my AD
- Prev by Date: Creating html shortcut on all domain desktops
- Next by Date: Re: Getting an IE Window to take Focus
- Previous by thread: How do I get a users group belonging from my AD
- Next by thread: send form value to .vbs
- Index(es):
Relevant Pages
|
Loading
