1

Active Directory: VBscript to enumerate the members of remote desktop users group of all servers

Posted April 23rd, 2010 in active directory, remotedesktopusers, vbscript by dirk adamsky

Script for today is about members of the remote desktop users local group.
This group exists on all servers except the domain controllers.
The script can take a long time in large domains because it connects each server separately.

Follow the next steps to run the script (admin rights needed):

  • copy and paste the script in your favorite text editor
  • save the script (for example c:tempremotedesktopusers.vbs)
  • open a command prompt
  • go to “c:temp”
  • give “cscript remotedesktopusers.vbs” (without quotes) and enter

The script:

' Name : remotedesktopusers.vbs
' Description : script to enumerate the members of remote desktop users group of all servers
' Author : dirk adamsky - deludi bv
' Version : 1.00
' Date : 23-04-2010
' Level: intermediate

Set adoCommand = CreateObject("ADODB.Command")
Set adoConnection = CreateObject("ADODB.Connection")
adoConnection.Provider = "ADsDSOObject"
adoConnection.Open "Active Directory Provider"
adoCommand.ActiveConnection = adoConnection

Set objRootDSE = GetObject("LDAP://RootDSE")
strDNSDomain = objRootDSE.Get("defaultNamingContext")
strBase = "<LDAP://" & strDNSDomain & ">"

strFilter = "(&(objectCategory=computer)(operatingSystem=*server*))"

strAttributes = "name,distinguishedName"
strQuery = strBase & ";" & strFilter & ";" & strAttributes & ";subtree"
adoCommand.CommandText = strQuery
adoCommand.Properties("Page Size") = 100
adoCommand.Properties("Timeout") = 30
adoCommand.Properties("Cache Results") = False
Set adoRecordset = adoCommand.Execute

Do Until adoRecordset.EOF
	strHostname = adoRecordset.Fields("name").Value
	If CheckStatus(strHostname) = True Then
		If Instr(adoRecordset.Fields("distinguishedName").Value,"Domain Controllers") = 0 Then
			Set objGroup = GetObject("WinNT://" & strHostname & "/Remote Desktop Users,group")
			For Each Member In objGroup.Members
				wscript.echo strHostname & " has " & Member.Name & " in the remote desktop users group"
			Next
			Set objGroup = Nothing
		End If
	End If
	adoRecordset.MoveNext
Loop

adoRecordset.Close
adoConnection.Close

Set adoRecordset = Nothing
Set objRootDSE = Nothing
Set adoConnection = Nothing
Set adoCommand = Nothing

Function CheckStatus(strAddress)
	Dim objPing, objRetStatus
	Set objPing = GetObject("winmgmts:{impersonationLevel=impersonate}").ExecQuery _
      ("select * from Win32_PingStatus where address = '" & strAddress & "'")
	For Each objRetStatus In objPing
        If IsNull(objRetStatus.StatusCode) Or objRetStatus.StatusCode <> 0 Then
			CheckStatus = False
        Else
			CheckStatus = True
        End If
    Next
	Set objPing = Nothing
End Function

When you have problems/questions please post a reply or give a ‘star’ rating.

Happy scripting.

Best regards,

Dirk Adamsky – Deludi BV

Popular articles

Tags

active directory adsi alive attribute command prompt computer cscript disable disabled distribution group email enumerate excel exchange files filesystem object filter folder groups homedirectory hp microserver lastlogon lastlogontimestamp list mail mailbox memberOf members memberships n36l nested group number ou ping recursion server smtp address status subfolders user vb vbs vbscript vmware esxi wmi

Categories

Recent Comments