Sunday, 20 April 2014

Export AD Group Members to CSV using VBScript

Description:

In this article, I am going to write vbscript code to find and get list of group members in Active Directory domain and export AD Group members into CSV file.

Note: You should run this VBScript code on a machine with windows Active Directory domain.

VBScript to Export AD Group Members into CSV file

1. Copy the below example vbscript code and paste it in notepad or a VBScript editor.
2. Save the file with a .vbs extension, for example: ExportADGroupMembers.vbs
3. Run usage in CMD:
C:\> CScript <vbscript filepath> <groupName> <csvFilePath>
Example: CScript ExportADGroupMembers.vbs "Domain Admins" "C:\ADGroupMembers.csv"

4. Run the above command to export Active Directory group members into CSV file. It will export the members of Domain Admins group into the csv file C:\ADGroupMembers.csv. if you want to export any other group members into any other csv file path, you can just replace the group name and csv file path accordingly.

Click to get vbscript code as a file Download ExportADGroupMembers.vbs

' ExportADGroupMembers.vbs
' Sample VBScript to Export Active Directory Group Members into CSV file.
' CMD Usage: CScript <vbscript filepath> <groupName> <csvFilePath>
' Ex: CScript ExportADGroupMembers.vbs "Domain Admins" "C:\ADGroupMembers.csv"
' Author: http://www.morgantechspace.com/
' ------------------------------------------------------' 
Dim groupName,strMember,csvFilePath
Dim objGroup,objMember
Dim objFSO, objCSVFile
if Wscript.arguments.count < 2 then
    Wscript.echo "Invalid input parameters"
    Wscript.echo "   "
    Wscript.echo "Script Usage:"
    Wscript.echo "-----------------------------"
    Wscript.echo "CScript <vbscript file path> <groupName> <csvFilePath>"
    Wscript.echo "   "
    Wscript.echo "Ex: CScript C:\Scripts\ExportADGroupMembers.vbs ""Domain Admins"" "&_
                      " ""C:\ADGroupMembers.csv"" "
    WScript.quit
else 
  ' Get the group name and csv file path from command line parameters
    groupName = WScript.Arguments(0)
    csvFilePath = WScript.Arguments(1)
end if
' Get the distinguished name of the group
Set objGroup = GetObject("LDAP://" & GetDN(groupName))
' Create CSV file 
Const ForWriting = 2
Set objFSO = CreateObject("Scripting.FileSystemObject")
Set objCSVFile = objFSO.CreateTextFile(csvFilePath, _ 
    ForWriting, True)
' Write AD Attributes CN and distinguishedname 
' as CSV columns(first line)
 objCSVFile.Write "CN,distinguishedname"
 objCSVFile.Writeline ' New Line
' List the member’s full name in the group
For Each strMember in objGroup.Member
    Set objMember =  GetObject("LDAP://" & strMember)
   ' Retrieve values and write into CSV file.
     objCSVFile.Write objMember.CN & "," 
     objCSVFile.Write """" &strMember & """" 
     objCSVFile.Writeline  ' New Line
Next

Wscript.echo "AD Group '"&groupName&"' members are Exported into CSV file '"&_
             csvFilePath&"'"
WScript.quit
' Active Directory Group Members listed successfully using VBScript

'****************Function to Get DN of group****************
' 
Function GetDN(groupName)
Dim objRootDSE, adoCommand, adoConnection
Dim varBaseDN, varFilter, varAttributes
Dim adoRecordset
Set adoCommand = CreateObject("ADODB.Command")
Set adoConnection = CreateObject("ADODB.Connection")
adoConnection.Provider = "ADsDSOObject"
adoConnection.Open "Active Directory Provider"
Set adoCommand.ActiveConnection = adoConnection
' Search entire Active Directory domain.
Set objRootDSE = GetObject("LDAP://RootDSE")
varDNSDomain = objRootDSE.Get("defaultNamingContext")
varBaseDN = "<LDAP://" & varDNSDomain & ">"
' Filter on group objects.
varFilter = "(&(objectClass=group)(|(cn="& groupName &")(name="& groupName &")))"
' Comma delimited list of attribute values to retrieve.
varAttributes = "distinguishedname"
' Construct the LDAP syntax query.
strQuery = varBaseDN & ";" & varFilter & ";" & varAttributes & ";subtree"
adoCommand.CommandText = strQuery
adoCommand.Properties("Page Size") = 1000
adoCommand.Properties("Timeout") = 20
adoCommand.Properties("Cache Results") = False
' Run the query.
Set adoRecordset = adoCommand.Execute
IF(adoRecordset.EOF<>True) Then
   GetDN=adoRecordset.Fields("distinguishedname").value
Else 
   'No group found 
End if
' close ado connections.
adoRecordset.Close
adoConnection.Close
End Function
'****************End of Function to Get DN of group****************

Export Active Directory Group members CMD usage:

VBScript to Export Active Directory Group Members into CSV file

 AD Group members CSV file output:

Export AD Group Members into CSV file using VBScript

Note: Here, we have exported only two attributes CN and distinguishedname of AD Group Members. if you want more attributes to export you can just add that attribute in column header and write the value accordingly.
Example:

If you want to add Mail attribute, do the following changes
' Write AD Attributes CN and distinguishedname 
' as CSV columns(first line)
 objCSVFile.Write "CN,distinguishedname,Mail"
 objCSVFile.Writeline  ' New Line
and
' Retrieve values and write into CSV file.
     objCSVFile.Write objMember.CN & "," 
     objCSVFile.Write """" &strMember & """," 
     objCSVFile.Write objMember.Mail 
     objCSVFile.Writeline  ' New Line

Advertisements
Advertisements

2 comments:

  1. Hi i tried to use the code and i am getting the error as "The Directory property cannot be found in cache"

    ReplyDelete
    Replies
    1. Can you tell me what are properties you have tried to export?

      Delete