+ Post New Thread
Results 1 to 14 of 14
How do you do....it? Thread, Output machine AD groups to text file? in Technical; Hi, Does anyone know a way i can make a computer on a domain output its AD groups to a ...
  1. #1

    FN-GM's Avatar
    Join Date
    Jun 2007
    Location
    UK
    Posts
    16,302
    Thank Post
    900
    Thanked 1,794 Times in 1,545 Posts
    Blog Entries
    12
    Rep Power
    465

    Output machine AD groups to text file?

    Hi,

    Does anyone know a way i can make a computer on a domain output its AD groups to a text file please?

    Thanks

  2. #2

    mac_shinobi's Avatar
    Join Date
    Aug 2005
    Posts
    9,975
    Thank Post
    3,523
    Thanked 1,107 Times in 1,014 Posts
    Rep Power
    374
    VBScript - Listing AD Computer Group Membership

    Vb Script, Power Shell, Bat file or what exactly ?

    If there is a command that will do this in a command prompt or batch file you could pipe the output to a text file , I know this is for ipconfig but something like :

    Code:
    ipconfig /all>C:\log.txt
    Would gpresult show this ?
    Last edited by mac_shinobi; 14th February 2012 at 10:14 AM.

  3. #3

    FN-GM's Avatar
    Join Date
    Jun 2007
    Location
    UK
    Posts
    16,302
    Thank Post
    900
    Thanked 1,794 Times in 1,545 Posts
    Blog Entries
    12
    Rep Power
    465
    Anything will do. I have a big job on. We are doing a rollout where we need to give users new machines. We need to retain the old computer account in ad for a time and keep the old machine joined to the domain for a time. So i need to create new computer accounts for these new machines. I need to add the computers to the same groups as the olds ones. Some of them have 30 odd groups so its going to take a long time!

    I did think GP result but it would only show the applied group policies.

  4. #4


    Join Date
    Dec 2005
    Location
    In the server room, with the lead pipe.
    Posts
    4,701
    Thank Post
    279
    Thanked 787 Times in 614 Posts
    Rep Power
    226
    Code:
    dsquery computer -name PC-01 | dsget computer -memberof
    Modify -name and PC-01 to suit. dsquery computer /? for more info.

    Piping dsquery into dsget negates the need to type out the LDAP string for dsget.

    results in:

    Code:
    C:\Users\pete>dsquery computer -name PC-01 | dsget computer -memberof
    "CN=SanakoStudentClientApp,OU=Workstations,DC=Your,DC=Domain,DC=Whatever"
    "CN=Rm25-StudentMachines,OU=Rm25,OU=Workstations,DC=Your,DC=Domain,DC=Whatever"
    "CN=Domain Computers,CN=Users,DC=Your,DC=Domain,DC=Whatever"
    Redirect the output to a file and script the input from a list of names.
    Last edited by pete; 14th February 2012 at 01:31 PM.

  5. 2 Thanks to pete:

    FN-GM (14th February 2012), mac_shinobi (14th February 2012)

  6. #5

    FN-GM's Avatar
    Join Date
    Jun 2007
    Location
    UK
    Posts
    16,302
    Thank Post
    900
    Thanked 1,794 Times in 1,545 Posts
    Blog Entries
    12
    Rep Power
    465
    If i run it on the local machine can i use localhost instead of the machine name?

    Thanks

  7. #6

    mac_shinobi's Avatar
    Join Date
    Aug 2005
    Posts
    9,975
    Thank Post
    3,523
    Thanked 1,107 Times in 1,014 Posts
    Rep Power
    374
    Quote Originally Posted by FN-GM View Post
    If i run it on the local machine can i use localhost instead of the machine name?

    Thanks
    Could you not just use the variable / enviroment variable ie %computername% instead of localhost ?

  8. Thanks to mac_shinobi from:

    FN-GM (14th February 2012)

  9. #7


    Join Date
    Dec 2005
    Location
    In the server room, with the lead pipe.
    Posts
    4,701
    Thank Post
    279
    Thanked 787 Times in 614 Posts
    Rep Power
    226
    Localhost won't work (doesn't expand correctly - dsquery can't understand it), %computername% will.

    However, you'll need to run this from a DC / somewhere with remote management tools* installed, so it's a moot point. Run it against a list of machines.

    *it works on my Win7 Sysadmin VM, but that's not a fair test.
    Last edited by pete; 14th February 2012 at 01:41 PM.

  10. #8

    FN-GM's Avatar
    Join Date
    Jun 2007
    Location
    UK
    Posts
    16,302
    Thank Post
    900
    Thanked 1,794 Times in 1,545 Posts
    Blog Entries
    12
    Rep Power
    465
    Ah, so it wont work on machines without the RSAT tools on? If so it wont be fit for what i need. Dam!
    Last edited by FN-GM; 14th February 2012 at 01:46 PM.

  11. #9


    Join Date
    Dec 2005
    Location
    In the server room, with the lead pipe.
    Posts
    4,701
    Thank Post
    279
    Thanked 787 Times in 614 Posts
    Rep Power
    226
    Quote Originally Posted by FN-GM View Post
    Ah, so it wont work on machines without the RSAT tools on?
    Correct - RSAT or a DC/other server with RSAT.

  12. #10

    FN-GM's Avatar
    Join Date
    Jun 2007
    Location
    UK
    Posts
    16,302
    Thank Post
    900
    Thanked 1,794 Times in 1,545 Posts
    Blog Entries
    12
    Rep Power
    465
    grrr, thought we had it then. I could do with something that doesnt require the RSAT tools and something that is processed on the machine itself.


    Thanks

  13. #11


    Join Date
    Feb 2007
    Location
    51.403651, -0.515458
    Posts
    9,600
    Thank Post
    249
    Thanked 2,897 Times in 2,131 Posts
    Rep Power
    827
    Quote Originally Posted by FN-GM View Post
    I could do with something that doesn't require the RSAT tools and something that is processed on the machine itself.
    Two options...

    1. MemberOf from JoeWare.net.

      Code:
      MemberOf.exe -comp %UserDomain%\%ComputerName% > %ComputerName%.txt
    2. Use the Implicit Remoting feature of PowerShell to load the ActiveDirectory module from one of your 2008 R2 servers and use all of its cmdlets locally.

      Code:
      $s = New-PSSession -Computer ServerName -Credential Domain\Administrator
      Invoke-Command -ScriptBlock { Import-Module ActiveDirectory } -session $s
      Import-PSSession -Session $s -Module ActiveDirectory -Prefix Rem -AllowClobber
      
      Get-RemADComputer $env:COMPUTERNAME -Properties Name,MemberOf | Select Name,MemberOf | Export-CSV "$env:USERPROFILE\Desktop\$env:COMPUTERNAME.csv" -NoTypeInformation
      
      Get-PSSession | Remove-PSSession
      N.B. The groups will all be listed on one line in the CSV file. I haven't figured out how to separate them yet.
    Last edited by Arthur; 14th February 2012 at 08:52 PM.

  14. Thanks to Arthur from:

    mac_shinobi (15th February 2012)

  15. #12


    Join Date
    Jan 2006
    Posts
    8,202
    Thank Post
    442
    Thanked 1,032 Times in 812 Posts
    Rep Power
    339
    Quote Originally Posted by Arthur View Post
    Two options...
    Surely this is just an LDAP query! I can think of a few other ways

  16. #13


    Join Date
    Feb 2007
    Location
    51.403651, -0.515458
    Posts
    9,600
    Thank Post
    249
    Thanked 2,897 Times in 2,131 Posts
    Rep Power
    827
    Quote Originally Posted by CyberNerd View Post
    Surely this is just an LDAP query! I can think of a few other ways
    I probably shouldn't have said two. You're right about there being more ways to do this though.

  17. #14

    FN-GM's Avatar
    Join Date
    Jun 2007
    Location
    UK
    Posts
    16,302
    Thank Post
    900
    Thanked 1,794 Times in 1,545 Posts
    Blog Entries
    12
    Rep Power
    465
    In this deployment i wont have access to DC's so the powershell one is out of the question. I will give MemberOf.exe a go.

    Thanks



SHARE:
+ Post New Thread

Similar Threads

  1. Export MYSQL To Text File
    By DaveP in forum How do you do....it?
    Replies: 4
    Last Post: 16th October 2010, 03:55 PM
  2. Replies: 0
    Last Post: 13th January 2009, 03:11 PM
  3. PHP to text file
    By Hightower in forum Web Development
    Replies: 21
    Last Post: 24th October 2008, 10:52 AM
  4. Replies: 4
    Last Post: 7th March 2007, 04:37 PM
  5. Mapping AD groups to Unix groups
    By localzuk in forum *nix
    Replies: 23
    Last Post: 11th February 2007, 09:57 PM

Thread Information

Users Browsing this Thread

There are currently 1 users browsing this thread. (0 members and 1 guests)

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •