VB script to check group membership (KIX Ingroup)
Hi,
Does anyone have a VB script that can check group membership including nested groups. Like the Kix Ingroup function?
Ideally I would like to to pass in the username and the group and get a return value of True or False.
I have tried modifying a script from Microsoft, without success.
It manages to write the groups to a text file, but I cant get
if objNestedGroup.CN = "AppLocal Winzip" then
to work
Any tips
Muttlet
-------------
On Error Resume Next
UserInGroup = "False"
UserInNestedGroup = "False"
OutputFile = "C:\windows\temp\groups.txt"
Set objFSO = CreateObject("Scripting.FileSystemObject")
Set ObjOutput = objFSO.CreateTextFile(OutputFile, FOR_WRITING)
objoutput.Write "Group" & VbCrLf
Set objUser = GetObject("LDAP://CN=Muttley, OU=Users and Groups,OU=Users,dc=muttley,dc=com")
Set colGroups = objUser.Groups
For Each objGroup in colGroups
'Wscript.Echo objGroup.CN
objOutput.Write objGroup.CN & VbCrLf
if objGroup.CN = "AppLocal Winzip" then
objOutput.Write "User in group" & VbCrLf
UserInGroup = "True"
end if
GetNested(objGroup)
Next
MsgBox UserInGroup
MsgBox UserInNestedGroup
objOutPut.Close
Function GetNested(objGroup)
On Error Resume Next
colMembers = objGroup.GetEx("memberOf")
For Each strMember in colMembers
strPath = "LDAP://" & strMember
Set objNestedGroup = _
GetObject(strPath)
'WScript.Echo objNestedGroup.CN
objOutput.Write objNestedGroup.CN & " - Nested" & VbCrLf
if objNestedGroup.CN = "AppLocal Winzip" then
UserInNestedGroup ="True"
end if
GetNested(objNestedGroup)
Next
End Function
Does anyone have a VB script that can check group membership including nested groups. Like the Kix Ingroup function?
Ideally I would like to to pass in the username and the group and get a return value of True or False.
I have tried modifying a script from Microsoft, without success.
It manages to write the groups to a text file, but I cant get
if objNestedGroup.CN = "AppLocal Winzip" then
to work
Any tips
Muttlet
-------------
On Error Resume Next
UserInGroup = "False"
UserInNestedGroup = "False"
OutputFile = "C:\windows\temp\groups.txt"
Set objFSO = CreateObject("Scripting.FileSystemObject")
Set ObjOutput = objFSO.CreateTextFile(OutputFile, FOR_WRITING)
objoutput.Write "Group" & VbCrLf
Set objUser = GetObject("LDAP://CN=Muttley, OU=Users and Groups,OU=Users,dc=muttley,dc=com")
Set colGroups = objUser.Groups
For Each objGroup in colGroups
'Wscript.Echo objGroup.CN
objOutput.Write objGroup.CN & VbCrLf
if objGroup.CN = "AppLocal Winzip" then
objOutput.Write "User in group" & VbCrLf
UserInGroup = "True"
end if
GetNested(objGroup)
Next
MsgBox UserInGroup
MsgBox UserInNestedGroup
objOutPut.Close
Function GetNested(objGroup)
On Error Resume Next
colMembers = objGroup.GetEx("memberOf")
For Each strMember in colMembers
strPath = "LDAP://" & strMember
Set objNestedGroup = _
GetObject(strPath)
'WScript.Echo objNestedGroup.CN
objOutput.Write objNestedGroup.CN & " - Nested" & VbCrLf
if objNestedGroup.CN = "AppLocal Winzip" then
UserInNestedGroup ="True"
end if
GetNested(objNestedGroup)
Next
End Function
0 Comments
[ + ] Show comments
Answers (1)
Please log in to answer
Posted by:
Robo Scripter
17 years ago
I have this one I use in one of the applications I wrote. I think you can modify it to work in yours.
Const AD_PACKAGE_GROUP = "Microsoft_SMS_Remote_Console"
' Validate Active Director Membership....
Function ValidateADGroup()
Dim message
Dim objADSysInfo : Set objADSysInfo = CreateObject("ADSystemInfo")
Dim strUser : strUser = objADSysInfo.UserName
dim strGroup
Dim objGroup
Dim objUser : Set objUser = GetObject("LDAP://" & strUser)
For Each strGroup in objUser.memberOf
Set objGroup = GetObject("LDAP://" & strGroup)
If InStr(objGroup.CN, AD_PACKAGE_GROUP) <> 0 Then
ValidateADGroup = True
Set objGroup = nothing
Exit Function
Else
ValidateADGroup = False
Set objGroup = nothing
End If
Next
End Function
Const AD_PACKAGE_GROUP = "Microsoft_SMS_Remote_Console"
' Validate Active Director Membership....
Function ValidateADGroup()
Dim message
Dim objADSysInfo : Set objADSysInfo = CreateObject("ADSystemInfo")
Dim strUser : strUser = objADSysInfo.UserName
dim strGroup
Dim objGroup
Dim objUser : Set objUser = GetObject("LDAP://" & strUser)
For Each strGroup in objUser.memberOf
Set objGroup = GetObject("LDAP://" & strGroup)
If InStr(objGroup.CN, AD_PACKAGE_GROUP) <> 0 Then
ValidateADGroup = True
Set objGroup = nothing
Exit Function
Else
ValidateADGroup = False
Set objGroup = nothing
End If
Next
End Function
Rating comments in this legacy AppDeploy message board thread won't reorder them,so that the conversation will remain readable.
