I get errors with this script- "the active directory property cannot
be found in the cache"
I'm running win2k native mode domain.
thanks. sorry to bother.
On 8/10/05, Alain Lissoir <[EMAIL PROTECTED]> wrote:
> For 1/, try this one below. For 2/ I don't have one close but I'm sure some
> folks here can feed you ...
>
> The script doesn't dump in a text file, but that's an easy addition. HTH
>
> ' FindGPOLinks v1.04.vbs - Version 1.04 - Alain Lissoir
> '
> ' WSH Script browsing the 'DefaultNamingContext' and the
> 'configurationNamingContext'
> ' to retrieve the Group Policies linked to AD objects.
> ' This should facilitate the search of created policies in the Active
> Directory.
> '
> ' The script is using a basic LDAP access in the current user context,
> ' so, you should have enough rights to access AD objects.
> '
> ' Change in version 1.04
> '
> ' - Add an error Handler in the "ShowMemberInfo" Private Sub
> '
> ' Change in version 1.02
> '
> ' - Query the schema to get the property list associated to the
> 'groupPolicyContainer' class.
> ' - Display only the defined properties for that class.
> ' - For the defined properties, the scripts shows the syntax to be used by
> the property.
> ' - Take in account the fact that more than one policy can be defined at the
> container level.
> '
> ' Change in version 1.01
> '
> ' - Add some code to bind to the GPLink LDAP Pointer to extract some
> properties.
> '
> ' Any comments or questions: EMail:[EMAIL PROTECTED]
>
> Option Explicit
>
> Dim ObjRoot
> Dim Object
> Dim ObjMember
>
> '
> ----------------------------------------------------------------------------
> -------
> WScript.Echo
> WScript.Echo "Looking inside 'configurationNamingContext'"
> Set objRoot = GetObject("LDAP://RootDSE")
> Object = objRoot.Get("configurationNamingContext")
>
> Call LookInsideObject (Object)
>
> Set Object = Nothing
> Set objRoot = Nothing
>
> '
> ----------------------------------------------------------------------------
> -------
> WScript.Echo
> WScript.Echo "Looking inside 'DefaultNamingContext'"
> Set objRoot = GetObject("LDAP://RootDSE")
> Object = objRoot.Get("DefaultNamingContext")
>
> Call LookInsideObject (Object)
>
> Set Object = Nothing
> Set objRoot = Nothing
>
> WScript.Quit (0)
>
> '
> ----------------------------------------------------------------------------
> -------
> Private Sub LookInsideObject (Object)
>
> Dim objMember
> Dim Member
>
> Set objMember = GetObject ("LDAP://" & Object)
>
> if objMember.Class <> "sitesContainer" And _
> objMember.Class <> "container" And _
> objMember.Class <> "configuration" _
> Then Call ShowMemberInfo (objMember)
>
> For Each Member in objMember
> If Member.Class = "domainDNS" Or _
> Member.Class = "organizationalUnit" Or _
> Member.Class = "sitesContainer" Or _
> Member.Class = "site" Or _
> Member.Class = "container" _
> Then Call LookInsideObject (Member.Name & "," & Object)
> Next
>
> Set objMember = Nothing
>
> End Sub
>
> '
> ----------------------------------------------------------------------------
> -------
> Private Sub ShowMemberInfo (Object)
>
> Dim longStartPolicyPath
> Dim longEndPolicyPath
> Dim strPolicyPathSource
> Dim strPolicyPath
>
> Dim objPolicy
> Dim objPolicyClassDef
> Dim objPolicyProperty
>
> Dim strPropertyName
>
> Object.GetInfo
>
> If Object.GPLink = "" Then
> WScript.Echo Object.Name & " (" & Object.Class & ")"
> WScript.Echo "(No Group Policy Defined)"
> WScript.Echo
> End If
>
> strPolicyPathSource = Object.GPLink
>
> While (strPolicyPathSource <> "")
>
> WScript.Echo Object.Name & " (" & Object.Class & ")"
>
> ' Extract each LDAP pointer from the GPLink.
> longStartPolicyPath = InStr(1, strPolicyPathSource, "[",
> vbTextCompare)
> longEndPolicyPath = InStr(1, strPolicyPathSource, "]", vbTextCompare)
> strPolicyPath = Mid(strPolicyPathSource, longStartPolicyPath + 1,
> longEndPolicyPath - 4)
> strPolicyPathSource = Mid(strPolicyPathSource, longEndPolicyPath + 1)
>
> Set objPolicy = GetObject(strPolicyPath)
>
> objPolicy.GetInfo
>
> WScript.Echo "Found an existing Policy: '" &
> objPolicy.Get("displayName") & "' (" & objPolicy.Class & ")"
> WScript.Echo " GPLink=" & strPolicyPath
>
> Set objPolicyClassDef = GetObject (objPolicy.Schema)
>
> On error Goto ErrorHandler
>
> For Each strPropertyName In objPolicyClassDef.MandatoryProperties
> Set objPolicyProperty = GetObject (objPolicyClassDef.Parent
> + "/" + strPropertyName)
> WScript.Echo " " & strPropertyName & "=" &
> objPolicy.Get(strPropertyName) & " (" & objPolicyProperty.Syntax & ")"
> Set objPolicyProperty = Nothing
> Next
>
> For Each strPropertyName In objPolicyClassDef.OptionalProperties
> Set objPolicyProperty = GetObject (objPolicyClassDef.Parent
> + "/" + strPropertyName)
> WScript.Echo " " & strPropertyName & "=" &
> objPolicy.Get(strPropertyName) & " (" & objPolicyProperty.Syntax & ")"
> Set objPolicyProperty = Nothing
> Next
>
> Set objPolicyClassDef = Nothing
>
> Set objPolicy = Nothing
>
> WScript.Echo
>
> Wend
>
> Exit Sub
>
> ErrorHandler:
>
> WScript.Echo Err.Description & "(" & Err.Number & ")"
> Resume Next
>
> End Sub
>
> -----Original Message-----
> From: [EMAIL PROTECTED]
> [mailto:[EMAIL PROTECTED] On Behalf Of Tom Kern
> Sent: Wednesday, August 10, 2005 6:19 AM
> To: activedirectory
> Subject: [ActiveDir] 2 quick favors
>
> Does anyone know of a tool to enumerate all GPO's in a domain listing all
> the specific settings enabled that i can spit out to text file.
> the enviorment i work in is all win2k pro/server so GPMC is out.
> Also, gpotool doesn't seem to show specific links and what settings are
> enabled.
>
> Second question is, does anyone have a script that can enumerate all the
> local accounts and groups on domain memeber servers and workstations?
>
> Thanks a lot.
> I apologize for being so needy.
> List info : http://www.activedir.org/List.aspx
> List FAQ : http://www.activedir.org/ListFAQ.aspx
> List archive: http://www.mail-archive.com/activedir%40mail.activedir.org/
>
> List info : http://www.activedir.org/List.aspx
> List FAQ : http://www.activedir.org/ListFAQ.aspx
> List archive: http://www.mail-archive.com/activedir%40mail.activedir.org/
>
List info : http://www.activedir.org/List.aspx
List FAQ : http://www.activedir.org/ListFAQ.aspx
List archive: http://www.mail-archive.com/activedir%40mail.activedir.org/
