By using this site, you agree to our updated Privacy Policy and our Terms of Use. Manage your Cookies Settings.
449,154 Members | 1,043 Online
Bytes IT Community
+ Ask a Question
Need help? Post your question and get tips & solutions from a community of 449,154 IT Pros & Developers. It's quick & easy.

Web page to enumerate groups in active directory

P: 9
I found a file on the web that will allow you to enumerate groups but it was an .hta and the top level admins won't allow this. I need to give managers access to the groups so that when a new user is created they can tell me who they want their account to be modeled after. The html app works great as a .hta file but when it is saved as a web page it won't list the members of any groups. I get an error on line 182: "ActiveX component can't create object: 'GetObject'" Here is the line that throws the error: "Set objRootDSE = GetObject("LDAP://RootDSE")" Here is the code:
[html]
<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN">
<html>
<head>
<meta http-equiv="Content-Type" content="text/html; charset=iso-8859-1">
<title>Group Enumerator</title>
<style type="text/css">
/* Default CSS Stylesheet for a new Web Application project */
body{background-color:#cdd4e6; margin:20 20 20 0; color:#444444;}
td{font-family:Arial, Helvetica, sans-serif; font-size:11px;}
select{font-family:Arial, Helvetica, sans-serif; font-size:11px;}
input{font-family:Arial, Helvetica, sans-serif; font-size:11px;}
a{font-family:Arial, Helvetica, sans-serif; font-size:11px;color:#444444;}
/* Custom */
td.header{background-color:#7f92bf; color:#ffffff; font-size: 20px; padding-left:15px;}
td.content{padding:15 15 15 15; background-color:#ffffff;}
td.title{color:#7f92bf; font-size:10px;}
td.error{color: #ff0000}
/* Tabs */
a.tablink{font-weight:bold;text-decoration:none;}
.tabline{border-bottom:1px solid #CCCCCC}
.tab{border-top:1px solid #CCCCCC;border-right:1px solid #CCCCCC;border-bottom:1px solid #CCCCCC;padding:3 5 3 5;border-left:1px solid #CCCCCC;background-color:#eeeeee}
.tabactive{border-top:1px solid #CCCCCC;border-right:1px solid #CCCCCC; border-left:1px solid #CCCCCC;padding:3 5 3 5;}
/* Grid */
td.gridheader{padding:3 3 3 3; font-weight:bold; background-color:#eeeeee;}
td.gridcell{padding:3 3 3 3;border-bottom:1px solid #eeeeee}
</style>
[/html]

Expand|Select|Wrap|Line Numbers
  1. <script language="VBScript">
  2.     Const DOMAIN                 = "luiginos.com" 
  3.     'ou's to ignore when making groups available security related or obsolete
  4. '    Const OUS_TO_IGNORE            = "OU=this,OU=that,OU=theother,DC=WINDOWSITPRO,DC=tld OU=obsolete,DC=WINDOWSITPRO,DC=tld"
  5.     Const OUS_TO_IGNORE            = ""
  6.     Dim Searchtype
  7.     Dim strUserName
  8.     Dim objUser
  9.     Dim bUserLoaded
  10.     Dim arrUserGroups
  11.     Dim    intSecCount 
  12.     Dim intDistCount    
  13.     Dim strGroupChosen
  14.     bUserLoaded = False
  15. ' ======= Standardized Arrays 
  16.     Dim arrSecGroup(500)
  17.     Dim arrDistGroup(500)
  18.  
  19. Sub window_Onload
  20.     Const ADS_SCOPE_SUBTREE = 2
  21.     Const ADS_GROUP_TYPE_SECURITY_ENABLED = &h80000000
  22.     Set objConnection = CreateObject("ADODB.Connection")
  23.     Set objCommand =   CreateObject("ADODB.Command")
  24.     objConnection.Provider = "ADsDSOObject"
  25.     objConnection.Open "Active Directory Provider"
  26.     Set objCommand.ActiveConnection = objConnection
  27.     objCommand.Properties("Page Size") = 1000
  28.     objCommand.Properties("Searchscope") = ADS_SCOPE_SUBTREE 
  29.     objCommand.Properties("Sort On") = "name"
  30.     objCommand.CommandText = _
  31.         "<LDAP://" & DOMAIN & ">;(&(objectCategory=GROUP));Name,grouptype,distinguishedName;Subtree"  
  32.     Set objRecordSet = objCommand.Execute
  33.     objRecordSet.MoveFirst
  34.     intSecCount = 1
  35.     intDistCount = 1
  36.     Do Until objRecordSet.EOF
  37.         tmpDGN = objRecordSet.Fields("distinguishedName").Value
  38.         If      InStr(1,OUS_TO_IGNORE,Right(tmpDGN, Len(tmpDGN) - InStr(1,tmpDGN,",",1)),1) = 0  Then
  39.             If  objRecordSet.Fields("Grouptype").Value And ADS_GROUP_TYPE_SECURITY_ENABLED  Then    
  40.                 arrSecGroup(intSecCount) = objRecordSet.Fields("Name").Value
  41.                 intSecCount = intSecCount + 1
  42.             Else
  43.                 arrDistGroup(intDistCount) = objRecordSet.Fields("Name").Value
  44.                 intDistCount = intDistCount + 1
  45.             End If
  46.         End If 
  47.         objRecordSet.MoveNext
  48.     Loop
  49.     'fill up group boxes
  50.      FillGroups arrSecGroup,     intSecCount,  document.all.boxSecurity
  51.      FillGroups arrDistGroup, intdistCount, document.all.boxDistribution
  52.     Set objConnection = Nothing
  53.     Set objCommand = Nothing
  54.     Set objRecordSet = Nothing
  55. End Sub
  56.  
  57.     Sub StartUserHTA
  58.         Set WshShell = CreateObject("WScript.Shell")
  59.         strCmdLine = ".\HD-Dash-USER.hta"
  60.         WSHShell.Run strCmdLine,8    
  61.     End Sub
  62.  
  63. Sub Get_Distribution
  64.     document.all.boxSecurity.SelectedIndex = Null
  65.     For Each objOption In document.all.objMembership.Options
  66.         objOption.RemoveNode
  67.     Next 
  68.     strGroupChosen = "Distribution group - " & arrDistGroup(document.all.boxdistribution.selectedIndex)
  69.     EnumMembers arrDistGroup(document.all.boxdistribution.selectedIndex), "", ""
  70. End Sub
  71.  
  72. Sub Get_Security
  73.     document.all.boxdistribution.SelectedIndex = Null
  74.     For Each objOption In document.all.objMembership.Options
  75.         objOption.RemoveNode
  76.     Next 
  77.     strGroupChosen = "Security group - " & arrSecGroup(document.all.boxSecurity.selectedIndex)
  78.     EnumMembers arrSecGroup(document.all.boxSecurity.selectedIndex), "", ""
  79. End Sub
  80.  
  81. ' What: Fills in Group boxes both Security and ditribution
  82. ' Input: arrGroup is the array to fill with, intGroupCount is how many itmes in the array and PaneName
  83. '            is where the information should be place
  84. ' output:     Security and distrubution panes are filled.
  85.  
  86.     Sub FillGroups (arrGroup, intGroupCount, PaneName)
  87.         For Each objOption In PaneName.Options
  88.             objOption.RemoveNode
  89.         Next 
  90.         Set objOption = document.createElement("OPTION")
  91.         objOption.Text = "<CHOOSE A GROUP>"
  92.         objOption.Value = 0 
  93.         PaneName.Add(objOption)
  94.         For intIncrement = 1 To intGroupCount
  95.             If arrGroup(intIncrement) <> "" Then 
  96.                         Set objOption = document.createElement("OPTION")
  97.                         objOption.Text = arrGroup(intIncrement)
  98.                         objOption.Value = i 
  99.                         PaneName.Add(objOption)
  100.             End If
  101.         Next 
  102.         Set objOption = Nothing 
  103.     end Sub
  104.  
  105. Sub EnumMembers(strName, strOffset, strGOffset)
  106. ' Recursive subroutine to enumerate members of a group,
  107. ' including nested group memberships.
  108.     Dim strFilter, strQuery, objRecordSet, k, objMember, objCommand
  109.     Dim strDN, intCount, blnLast, intLowRange, objConnection
  110.     Dim intHighRange, intRangeStep, objField
  111.     Dim iCount, objGroup, strAttributes
  112.     Dim  strNTName, objRootDSE, strDNSDomain 
  113.     Dim  strBase, objGroupList
  114.     Dim objMemList
  115.      strAttributes = "member, sn"
  116.     If strGOffset = "" Then
  117.         strGOffset = "+"
  118.     End If 
  119.      Set objRootDSE = GetObject("LDAP://RootDSE")
  120.     strBase = "<LDAP://" & objRootDSE.Get("DefaultNamingContext") & ">"
  121.   ' Filter on objects of class "group" and specified name.
  122.       strFilter = "(&(ObjectCategory=group)" & "(ObjectClass=group)" & "(Name=" & strName & "))"
  123.     strQuery = strBase & ";" & strFilter & ";" & strAttributes & ";subtree"
  124. ' Use ADO to search Active Directory.
  125.     Set objCommand = CreateObject("ADODB.Command")
  126.     Set objConnection = CreateObject("ADODB.Connection")
  127.     objConnection.Provider = "ADsDSOObject"
  128.     objConnection.Open = "Active Directory Provider"
  129.     objCommand.ActiveConnection = objConnection
  130.     objCommand.Properties("Page Size") = 100
  131.     objCommand.Properties("Sort On") = "sn"
  132.     objCommand.Properties("Timeout") = 30
  133.     objCommand.Properties("Cache Results") = False
  134.     objCommand.CommandText = strQuery
  135.     Set objRecordSet = objCommand.Execute
  136.     Do Until objRecordSet.EOF
  137.         For Each objField In objRecordSet.Fields
  138.             If IsArray(objField.Value) Then
  139.                 objMemList = SingleSorter(objField.Value)
  140.                 i = 1
  141.                   For Each strDN In objMemList
  142.                     Set objGroup = GetObject("LDAP://" & strDN & "")
  143.                     IF LCase(objGroup.Class) = "group" Then
  144.                          Set objOption = document.createElement("OPTION")
  145.                          objOption.Text = strGOffset & objGroup.cn
  146.                          objOption.Value = objGroup.cn 
  147.                          document.all.objMembership.Add(objOption)
  148.                          strOffset = strOffset + "-"
  149.                          strGOffset = strGOffset + "+"
  150.                         Call EnumMembers(objGroup.cn, strOffset, strGOffset)
  151.                     Else
  152.                          Set objOption = document.createElement("OPTION")
  153.                          objOption.Text = strOffset & objGroup.cn
  154.                          objOption.Value = objGroup.cn 
  155.                          document.all.objMembership.Add(objOption)
  156.                     END If
  157.                     intCount = intCount+1
  158.                        iCount=iCount+1
  159.                   Next
  160.               End If
  161.         Next
  162.       objRecordSet.MoveNext
  163.     Loop
  164.     If strOffset  <> "" Then
  165.         strOffset = Right(strOffset, Len(strOffset) - 1)
  166.     End If
  167.     If strGOffset  <> "" Then
  168.         strGOffset = Right(strGOffset, Len(strGOffset) - 1)
  169.     End If
  170. End Sub
  171.  
  172. </script>
  173.  
[html]
<form id="frmPage" action="">
<table width="100%" height="100%" border="0" cellpadding="0" cellspacing="0">
<tr>
<td height="50" class="header">Group Enumerator</td>
</tr>
<tr>
<td class="content" height="100%" valign="top">
<table cellSpacing="0" cellPadding="0" border="1">
<tr>
<td class="title">Distribution Groups</td>
<td class="title">Security Groups</td>
<td class="title">Group Membership</td>
</tr>
<tr>
<td class="title"> <select size="20" name="boxDistribution" onChange="vbscript:Get_Distribution"></select></td>
<td class="title"> <select size="20" name="boxSecurity" onChange="vbscript:Get_Security"></select></td>
<td class="title"> <select size="20" name="objMembership" ></select></td>
</tr>
</td>
</table>
<table cellSpacing="0" cellPadding="0" border="0">
<tr>
<td>
<input id=QuitButton class="button" type="button" value="Quit" name="Quit_button" onClick="Quit_HTA">
</td>
<td>
<!--
<input id=DistButton class="button" type="button" value="Export Distrbution groups to Excel" name="Dist_button" onClick="Export_dist">
-->
</td>
<td>
<!--
<input id=SecButton class="button" type="button" value="Export Security groups to Excel" name="Sec_button" onClick="">
-->
</td>
<td>
<input id=MemButton class="button" type="button" value="Export Results" name="Mem_button" onClick="PopExcelGroups">
</td>
</tr>
</table>
</form>
</body>
</html>
[/html]
Mar 27 '07 #1
Share this question for a faster answer!
Share on Google+

Post your reply

Sign in to post your reply or Sign up for a free account.