This script is something I wanted to do for a long time
It is a mutation of the enumeratenestedgroupV2 script.
In large organizations the main distributiongroups tend to be complex also.
Often the distributiongroups represent the organization hierarchy.
A user in general only needs his/her department distributiongroup membership.
This script checks If a user has multiple entries in the main distributiongroup, if so an entry is added to the output.
Part of the script is the use of the dictionary object, also known as “associative array” in other scripting languages.
What the script does:
- create a dictionary object
- fill a variable with the group distinguished name
- call the subroutine EnumNestedgroup
- the subroutine checks whether the member is a group or a user
- when the member is a user the smtp address is added to the dictionary object with value 1
- when the smtp address is already in the dictionary 1 is added to the value
- the last routine echoes the dictionary object keys and values
Follow the next steps to run the script (no admin rights needed):
- find the distinguished name of the nested group (adsiedit.msc)
- open your favorite text editor
- copy and paste the script into the editor
- change the distinguished name
- save the script (for example c:tempcountmembershipnestedgroup.vbs)
- open a command prompt
- go to “c:temp”
- give “cscript enumeratenestedgroup.vbs” (without quotes) and enter
The script:
' Name : countmembershipnestedgroup.vbs
' Description : script to count users with multiple entries in a nested distribution group
' Author : dirk adamsky - deludi bv
' Version : 1.00
' Date : 16-02-2010
' Level : advanced
Set objDictionary = CreateObject("Scripting.Dictionary")
strTargetGroupDN = "LDAP://CN=testgroup,OU=groups,DC=test,DC=org"
Call EnumNestedgroup(strTargetGroupDN)
Sub EnumNestedgroup(strGroupDN)
Set objGroup = GetObject(strGroupDN)
For Each objMember in objGroup.Members
If (LCase(objMember.Class) = "group") Then
Call EnumNestedgroup(objMember.AdsPath)
Else
If objDictionary.Exists(objMember.DisplayName) Then
objDictionary.Item(objMember.DisplayName) = objDictionary.Item(objMember.DisplayName) + 1
Else
objDictionary.Add objMember.DisplayName, 1
End If
End If
Next
Set objGroup = Nothing
End Sub
For Each strKey in objDictionary.Keys
If objDictionary.Item(strKey) > 1 Then
Wscript.Echo strKey & " ; " & objDictionary.Item(strKey) & " ; entries in list"
End If
Next
Set objDictionary = Nothing
When you have problems/questions please post a reply.
Happy scripting.
Dirk Adamsky – Deludi BV
Any possibility to run a script to show the total amount of unique users in a group and its subgroups?
[...] Comments Marten on Active Directory: VBscript to count users with multiple entries in a nested distribution groupActive Directory: VBscript to enumerate the last logon of the members of a nested group with [...]
Hi Marten,
I have made a mutation of this script.
It can be found here:
http://deludi.nl/blog/vbscript/active-directory/distributiongroups/active-directory-vbscript-to-count-the-number-of-users-in-subgroups-of-a-nested-distribution-group/.
Hope this works for you, if not please let me know.
Best regards,
dirk adamsky