For most system administrators cleaning up Active Directory is not their favorite thing.
This script helps you by enumerating all empty groups, so you can remove them (manually).
Follow the next steps to run the script (no admin rights needed):
* open your favorite text editor
* copy and paste the script into the editor
* save the script (for example c:\temp\emptygroups.vbs)
* open a command prompt
* go to “c:\temp”
* give “cscript emptygroups.vbs” (without quotes) and enter
The script:
' Name : emptygroups.vbs
' Description : script to enumerate all empty groups
' Author : dirk adamsky - deludi bv
' Version : 1.00
' Date : 18-03-2010
' Level : intermediate
Set objCommand = CreateObject("ADODB.Command")
Set objConnection = CreateObject("ADODB.Connection")
objConnection.Provider = "ADsDSOObject"
objConnection.Open "Active Directory Provider"
objCommand.ActiveConnection = objConnection
Set objRootDSE = GetObject("LDAP://RootDSE")
strBase = "<LDAP://" & objRootDSE.Get("defaultNamingContext") & ">"
Set objRootDSE = Nothing
strFilter = "(&(objectCategory=group)(!member=*))"
strAttributes = "name"
strQuery = strBase & ";" & strFilter & ";" & strAttributes & ";subtree"
objCommand.CommandText = strQuery
objCommand.Properties("Page Size") = 100
objCommand.Properties("Timeout") = 30
objCommand.Properties("Cache Results") = False
Set objRecordSet = objCommand.Execute
Do Until objRecordSet.EOF
Wscript.Echo objRecordSet.Fields("name").Value
objRecordSet.MoveNext
Loop
objRecordSet.Close
objConnection.Close
Set objRecordSet = Nothing
Set objConnection = Nothing
Set objCommand = Nothing
When you have problems/questions please post a reply, you can also rate the script.
Happy scripting.
Best regards,
Dirk Adamsky – Deludi BV
[...] Active Directory: VBscript to enumerate all empty groups | Dirk … [...]
Thanks for the script. But, how can I get all the empty groups and their descriptions ?
Hi Aman,
I have an updated version for you:
Set objCommand = CreateObject("ADODB.Command") Set objConnection = CreateObject("ADODB.Connection") objConnection.Provider = "ADsDSOObject" objConnection.Open "Active Directory Provider" objCommand.ActiveConnection = objConnection Set objRootDSE = GetObject("LDAP://RootDSE") strBase = "<LDAP://" & objRootDSE.Get("defaultNamingContext") & ">" Set objRootDSE = Nothing strFilter = "(&(objectCategory=group)(!member=*))" strAttributes = "name, description" strQuery = strBase & ";" & strFilter & ";" & strAttributes & ";subtree" objCommand.CommandText = strQuery objCommand.Properties("Page Size") = 100 objCommand.Properties("Timeout") = 30 objCommand.Properties("Cache Results") = False Set objRecordSet = objCommand.Execute Do Until objRecordSet.EOF Wscript.Echo objRecordSet.Fields("name").Value & " ; " & objRecordSet.Fields("description").Value objRecordSet.MoveNext Loop objRecordSet.Close objConnection.Close Set objRecordSet = Nothing Set objConnection = Nothing Set objCommand = NothingDirk Adamsky
Hi,
I work for a Large international company. Our sites are broken up into facilitoes. Ho can i get this to run on just one OU.
EG: OU=Groups00,OU=Groups,OU=TIL,OU=Europe,OU=CompanyName,DC=ct,DC=Company,DC=netTh
Thanks
Ryan
Hi Ryan,
Here’s an example script that runs on one OU.
Set objCommand = CreateObject("ADODB.Command") Set objConnection = CreateObject("ADODB.Connection") objConnection.Provider = "ADsDSOObject" objConnection.Open "Active Directory Provider" objCommand.ActiveConnection = objConnection strBase = "<LDAP://OU=test,DC=test,DC=org>" strFilter = "(&(objectCategory=group)(!member=*))" strAttributes = "name, description" strQuery = strBase & ";" & strFilter & ";" & strAttributes & ";subtree" objCommand.CommandText = strQuery objCommand.Properties("Page Size") = 100 objCommand.Properties("Timeout") = 30 objCommand.Properties("Cache Results") = False Set objRecordSet = objCommand.Execute Do Until objRecordSet.EOF Wscript.Echo objRecordSet.Fields("name").Value & " ; " & objRecordSet.Fields("description").Value objRecordSet.MoveNext Loop objRecordSet.Close objConnection.Close Set objRecordSet = Nothing Set objConnection = Nothing Set objCommand = NothingPlease change the value for strBase to your desired OU.
Best regards,
Dirk Adamsky
Hi,
Giving me error: Line 19, Char:2 Error: Mismatch, Code 800A000D, Source MS VBScript Runtime Error.
Any tips,
Thanks
Hi Ryan,
1. Can you check your copy of the script for typos?
2. Do you use query based distribution groups?
Best regards,
dirk adamsky