从活动目录列出循环组成员身份

时间:2009-07-25 09:21:27

标签: algorithm scripting vbscript

我们的活动目录中有40K +组,我们越来越多地面临循环嵌套组的问题,这些组会为某些应用程序带来问题。

是否有人知道如何列出存在循环群组成员资格的完整路线?

e.g。 

G1 --> G2 --> G3 --> G4 --> G1

如何列出来。

1 个答案:

答案 0 :(得分:0)

在这里,您可以使用此代码的修改版本。当然,请查看本书,这是我经常提到的优秀桌面资源。

' This VBScript code prints the nested membership of a group.

' ---------------------------------------------------------------
' From the book "Active Directory Cookbook" by Robbie Allen
' ISBN: 0-596-00466-4
' ---------------------------------------------------------------

' ------ SCRIPT CONFIGURATION ------
strGroupDN = "<GroupDN>"  ' e.g. cn=SalesGroup,ou=Groups,dc=rallencorp,dc=com
' ------ END CONFIGURATION ---------

strSpaces  = " "
set dicSeenGroupMember = CreateObject("Scripting.Dictionary")
Wscript.Echo "Members of " & strGroupDN & ":"
DisplayMembers "LDAP://" & strGroupDN, strSpaces, dicSeenGroupMember

Function DisplayMembers ( strGroupADsPath, strSpaces, dicSeenGroupMember)

   set objGroup = GetObject(strGroupADsPath)
   for each objMember In objGroup.Members
      Wscript.Echo strSpaces & objMember.Name
      if objMember.Class = "group" then
         if dicSeenGroupMember.Exists(objMember.ADsPath) then
            Wscript.Echo strSpaces & "   ^ already seen group member " & _
                                     "(stopping to avoid loop)"
         else
            dicSeenGroupMember.Add objMember.ADsPath, 1
            DisplayMembers objMember.ADsPath, strSpaces & " ", _
                           dicSeenGroupMember
         end if
      end if
   next

End Function
相关问题
最新问题