There comes a time in every Sysadmin's life when they get a simple request from management: "..also, can you give me a list of everyone in that group?"
Simple enough, right?
Even though it would make perfect sense to right-click the security group and 'extract to text file', it's not THAT easy.
The quickest method to get a listing of users for a specific group is to use VBScript.
1. Copy the script below into a file named "export_security_group_users.vbs".
2. Fill in the information specific to your AD deployment (group, OU, domain).
3. Run the script from the command line: "cscript.exe export_security_group_users.vbs > extractfile.txt
"extractfile.txt" will have entries with the following format:
CN=USERID,OU=GROUPS,OU=SECONDLEVELOU,OU=TOPLEVELOU,DC=foobar,DC=com
export_security_group_users.vbs:
----------------------------------------------------------
'export_security_group_users.vbs
'This script exports users from a specific distribution group
'Usage: cscript.exe export_security_group_users.vbs > extractfile.txt
'
'Andrew Elliott
'17-july-2008
'
On Error Resume Next
Set objGroup = GetObject _
("LDAP://cn=EXTRACTTHISGROUP,ou=GROUPS,ou=SECONDLEVELOU,ou=TOPLEVELOU,dc=foobar,dc=com")
objGroup.GetInfo
arrMemberOf = objGroup.GetEx("member")
WScript.Echo "Members:"
For Each strMember in arrMemberOf
WScript.echo strMember
Next
----------------------------------------------------------
*-You'll need to have correct permissions to extract this information
