New Script – Group Name and Member Count

Posted by Scott Horsfield - 30/04/08 at 09:04:09 am

I’ve been reading a thread on the activedir.org mail list over the past few days that talked about finding groups with no members using ADFIND. I’ve posted a new script that will do this with VBScript by listing all groups and their member count. ADFIND can do the same thing, but with VBScript I’ve found it’s easier to tie one task to another and perform modifications on groups if necessary. (ie: find all groups with 0 members and move them to an OU for later removal, or change their description to make them more identifiable)

Script

Also I highly recommend signing up for the activedir.org mail list. It’s full of helpful people and great information!

3 Comments »

RSS feed for comments on this post. TrackBack URI

  1. If you can find the objects you’re looking for with ADFind, why not pipe the results into ADMod to move the objects to a new OU?

    Comment by SteveG — May 14, 2009 #

  2. Moving to a new OU was just an example of how to use the script to do it with VBScript, not necessarily the quickest or best way for every situation. ADFind is an awesome tool but sometimes it’s fun to write your own scripts to accomplish the same thing. This could also be done in Powershell, Hyena, etc.

    Comment by Scott Horsfield — May 14, 2009 #

  3. Hi,

    Thanks for sharing your insightful thoughts and suggestions – very cool and helpful indeed.

    In the spirit of sharing helpful information, thought I’d mention that one of my Microsoft colleagues informed us about a cool FREE tool from a Microsoft partner, that offers over 50 super-helpful Active Directory security reports, such as which accounts are locked out, which accounts are set to expire in the next few days, which security groups are nested, where all a user may have permissions etc.

    The tool is called Gold Finger, and it is developed by a company called Paramount Defenses. You can download it from http://www.paramountdefenses.com/goldfinger.php

    Why bother writing complicated scripts or using unsupported command-line tools when you can use a 100% AUTOMATED, GUI based, FREE solution that is not only SUPPORTED but also ENDORSED by Microsoft?!

    If you’re into Active Directory security, then this tool is a must-have. Thought I’d share this helpful tip with you!

    Sincerely,
    JohnM

    Comment by John McIntyre — September 11, 2009 #

Leave a comment

XHTML: <a href="" title=""> <abbr title=""> <acronym title=""> <b> <blockquote cite=""> <cite> <code> <del datetime=""> <em> <i> <q cite=""> <strike> <strong>

Powered by WordPress with [GimpStyle]
Entries and comments feeds.