【发布时间】:2014-09-30 08:35:57
【问题描述】:
对于我的工作,我必须在 VBScript 中编写一个脚本来检索用户所属的所有组的列表,包括嵌套组,并取出将在整个列表中重复的嵌套组(以及缩进嵌套组,进一步缩进嵌套组的嵌套组等)
我在gallery.technet.microsoft.com 上找到了Monimoy Sanyal 获取用户所属组的整个列表的脚本,并尝试对其进行调整以适应我的需要。这是我编辑的脚本:
Option Explicit
Const ForReading = 1, ForWriting = 2, ForAppend = 8
Dim ObjUser, ObjRootDSE, ObjConn, ObjRS
Dim GroupCollection, ObjGroup
Dim StrUserName, StrDomName, StrSQL
Dim GroupsList
Dim WriteFile
GroupsList = ""
Set ObjRootDSE = GetObject("LDAP://RootDSE")
StrDomName = Trim(ObjRootDSE.Get("DefaultNamingContext"))
Set ObjRootDSE = Nothing
StrUserName = InputBox("Enter user login", "Info needed", "")
StrSQL = "Select ADsPath From 'LDAP://" & StrDomName & "' Where ObjectCategory = 'User' AND SAMAccountName = '" & StrUserName & "'"
Set ObjConn = CreateObject("ADODB.Connection")
ObjConn.Provider = "ADsDSOObject": ObjConn.Open "Active Directory Provider"
Set ObjRS = CreateObject("ADODB.Recordset")
ObjRS.Open StrSQL, ObjConn
If Not ObjRS.EOF Then
ObjRS.MoveLast: ObjRS.MoveFirst
Set ObjUser = GetObject (Trim(ObjRS.Fields("ADsPath").Value))
Set GroupCollection = ObjUser.Groups
WScript.Echo "Looking for groups " & StrUserName & " is member of. This may take some time..."
'Groups with direct membership, and calling recursive function for nested groups
For Each ObjGroup In GroupCollection
GroupsList = GroupsList + ObjGroup.CN + VbCrLf
CheckForNestedGroup ObjGroup
Next
Set ObjGroup = Nothing: Set GroupCollection = Nothing: Set ObjUser = Nothing
'Writing list in a file named Groups <username>.txt
Set WriteFile = WScript.CreateObject("WScript.Shell")
Dim fso, f
Set fso = CreateObject("Scripting.FileSystemObject")
Set f = fso.OpenTextFile("Groups " & StrUserName & ".txt", ForWriting,true)
f.write(GroupsList)
f.Close
WScript.Echo "You can find the list in the Groups " &StrUserName & ".txt file that has just been created."
Else
WScript.Echo "Couldn't find user " & StrUserName & " in AD."
End If
ObjRS.Close: Set ObjRS = Nothing
ObjConn.Close: Set ObjConn = Nothing
'Recursive fucntion
Private Sub CheckForNestedGroup(ObjThisGroupNestingCheck)
On Error Resume Next
Dim AllMembersCollection, StrMember, StrADsPath, ObjThisIsNestedGroup
AllMembersCollection = ObjThisGroupNestingCheck.GetEx("MemberOf")
For Each StrMember in AllMembersCollection
StrADsPath = "LDAP://" & StrMember
Set ObjThisIsNestedGroup = GetObject(StrADsPath)
'Not include a group in the list if it is already in the list (does not work for some reason?)
If InStr(GroupsList, ObjThisIsNestedGroup.CN) = 0 Then
GroupsList = GroupsList + vbTab + ObjThisIsNestedGroup.CN + VbCrLf
End If
'Recursion to look for nested groups and nested groups of nested groups and nested groups of nested groups of nested groups and...
CheckForNestedGroup ObjThisIsNestedGroup
Next
Set ObjThisIsNestedGroup = Nothing: Set StrMember = Nothing: Set AllMembersCollection = Nothing
End Sub
我没有像原始脚本那样为找到的每个组显示弹出窗口,而是将整个列表存储在一个字符串中(GroupsList = GroupsList + ObjGroup.CN + VbCrLf 用于直接组,GroupsList = GroupsList + vbTab + ObjThisIsNestedGroup.CN + VbCrLf 用于递归函数中的嵌套组),并且一旦脚本完成查找组后,它将字符串保存在文件中。 (f.write(GroupsList))
我的问题是,尽管递归函数中有If "InStr(GroupsList, ObjThisIsNestedGroup.CN) = 0,但我仍然发现自己在整个结果中都有大量重复(我们的 AD 有点臃肿的组,它是一个包含许多嵌套组和嵌套组的巨大结构在其他嵌套组等中)并且检查似乎没有注意到 ObjThisIsNestedGroup.CN 已经在 GroupsList 中找到。
而且我不知道如何正确实现缩进。
有什么想法吗?我是脚本新手,如果答案很明显,请见谅。
【问题讨论】:
标签: windows recursion vbscript active-directory nested-groups