I can probably help you out. I spend half of my time writing in VBS. Post some more details on what you are trying to do..

Matt

great..

this is the script,hope you can help and explain.thanks.

On Error Resume Next

dim target

strdnsdomain="test"

'  Bind to Active Directory
Set objRootDSE = GetObject("LDAP://RootDSE")
strDNSDomain = objRootDSE.Get("DefaultNamingContext")

Set FSO = CreateObject("Scripting.FileSystemObject")
Set WshNetwork = WScript.CreateObject("WScript.Network")
Set TextFile = FSO.OpenTextFile("C:\Info.txt", 2, True)

target=inputbox("Choose Attribute Name")
if target="" then wscript.quit  'user clicked cancel

Set objGroup = GetObject ("LDAP://cn="& target& strDNSDomain)
objGroup.getInfo
arrMemberOf = objGroup.GetEx("member")

For Each strMember in arrMemberOf
tempvarMember = tempvarMember & strMember & VbCrLf
Next

TextFile.WriteLine "members '" & target & "' are:" & VbCrLf & tempvarMember

wscript.quit

Ok, I think it probably just has to do with not having the proper DistinguishedName path when you are trying to bind to the group object. In the NT4 world, you could get away with just binding to the account name--in the LDAP world, you need to bind to the full path to the object. There are ways to get around that and I can go into them if you would like but, for now, I am going to show what you need to do in order to make sure you have the right DN path.

I'm not 100% sure what you are trying enter in the text box but it looks like you are just trying to bind to a group and export the members.

I added a few lines of code that will echo out a couple of things during the script that will make it easier to understand how it works.

The DNSDomain at my current client is: DC=ds,DC=ad,DC=company,DC=com

The DN path to a group would be something like:

CN=GROUP1,OU=SSMSTL,OU=SSMHC,DC=ds,DC=ad,DC=company,DC=com

Your script is already getting some of the path (RootDSE will return the DNSDomain and your code is prepending CN=). But, you still need to make sure the rest of the path is there (unless all of your groups are in the root container--not a good idea). So, this is what I would need to enter in the popup box in order to bind to that group and get the members:

GROUP1,OU=SSMSTL,OU=SSMHC, (don't forget the comma at the end)

Here is the modified code that will echo a couple of things out:

dim target

strdnsdomain="test"

'  Bind to Active Directory
Set objRootDSE = GetObject("LDAP://RootDSE")
strDNSDomain = objRootDSE.Get("DefaultNamingContext")

Set FSO = CreateObject("Scripting.FileSystemObject")
Set WshNetwork = WScript.CreateObject("WScript.Network")
Set TextFile = FSO.OpenTextFile("C:\Info.txt", 2, True)
 
WScript.Echo "DNSdomain: " & strDNSDomain

target=inputbox("Choose Attribute Name")
if target="" then wscript.quit  'user clicked cancel

strGroup = "LDAP://cn="& target & strDNSDomain
WScript.Echo strGroup

Set objGroup = GetObject(strGroup)
objGroup.getInfo
arrMemberOf = objGroup.GetEx("member")

For Each strMember in arrMemberOf
 tempvarMember = tempvarMember & strMember & VbCrLf
Next

TextFile.WriteLine "members '" & target & "' are:" & VbCrLf & tempvarMember

wscript.quit

actually,what i try to do,is to export the output of a group even when you dont know in which ou it resides.

example, we would like to export the content of the group called europeusers...i would like the script to search ad for the group europeusers without knowing the ou of this group.

You can use a couple of different ways to get the DN but this is the way that I prefer because it is very flexible:

Set FSO = CreateObject("Scripting.FileSystemObject")
Set WshNetwork = WScript.CreateObject("WScript.Network")
Set TextFile = FSO.OpenTextFile("C:\Info.txt", 2, True)
 
WScript.Echo "DNSdomain: " & strDNSDomain

strGroup=inputbox("Choose Attribute Name")
if strGroup="" then wscript.quit  'user clicked cancel
WScript.Echo "ShortName of Group: " & strGroup

strGroupDN = "LDAP://" & GetObjDN(strGroup, "group")
WScript.Echo "DN of Group: " & strGroupDN

'You could add some error checking here if you want...just in case it doesn't find the group
Set objGroup = GetObject(strGroupDN)
objGroup.getInfo
arrMemberOf = objGroup.GetEx("member")

For Each strMember in arrMemberOf
 tempvarMember = tempvarMember & strMember & VbCrLf
Next

TextFile.WriteLine "members '" & target & "' are:" & VbCrLf & tempvarMember

wscript.quit

Function GetObjDN(sObjShortName, sObjType)
 'This function queries AD for an object by SAMAccountName and returns the distinguishedName for it
 '(DN is used for LDAP binds...)

 Dim sDomainADsPath, sProperties, strCmdTxt
 Dim sUser, sPassword
 Dim oCon, oCmd, oRecordSet
 Dim intRecordCount

 sDomainADsPath = "LDAP://" & ADRoot

 Set oCon = CreateObject("ADODB.Connection")
 oCon.Provider = "ADsDSOObject"
 oCon.Open "ADProvider", sUser, sPassword
 Set oCmd = CreateObject("ADODB.Command")
 Set oCmd.ActiveConnection = oCon
 
 'sProperties = "name,ADsPath,description,mail,memberof"
 sProperties = "distinguishedname"
 strCmdTxt = "<" & sDomainADsPath & ">;(&(objectCategory=" & sObjType & ")(SamAccountName=" & sObjShortName & "));" & sProperties & ";subtree"
 'WScript.Echo strCmdTxt
 oCmd.CommandText = strCmdTxt
 oCmd.Properties("Page Size") = 100
 On Error Resume Next
 Set oRecordSet = oCmd.Execute
 On Error goto 0
 
 intRecordCount = oRecordSet.RecordCount
 If intRecordCount = 1 Then
  oRecordSet.MoveFirst
  While Not oRecordSet.EOF
 
   Dim strObjDN, arrObjDN, strDNPart, intDNPart, intOUDNEntry
   'Get the object's distinguishedname
   strObjDN = oRecordSet.Fields("distinguishedname")
   oRecordSet.MoveNext
  Wend
  GetObjDN = strObjDN
 Else
  WScript.Echo "ERROR: Expected exactly 1 record from AD. Records received = " & oRecordSet.RecordCount
  'GetObjDN = False
 End If

End Function ' End of GetObjDN Function

Function ADRoot()

 Dim oRootDSE
 On Error Resume Next
 Set oRootDSE = GetObject("LDAP://RootDSE")
 If Err.Number <> 0  Then
  'you can hard-code your "ADRoot" if you want just in case this function fails
 Else
  ADRoot = oRootDSE.Get("defaultNamingContext")
 End If
End Function

mmm nice :-)

i will test them and try to understand them.thanks.I will let you know.

btw, how did you learn this? Cause this is far behind my knowledge of VBS :-)

Ok. I still use some help.

which part of the script is actually the part thats responsible for the group export?

Hmm..that part hasn't changed from your original script.

strGroupDN = "LDAP://" & GetObjDN(strGroup, "group")
WScript.Echo "DN of Group: " & strGroupDN

Set objGroup = GetObject(strGroupDN)
objGroup.getInfo
arrMemberOf = objGroup.GetEx("member")

For Each strMember in arrMemberOf
 tempvarMember = tempvarMember & strMember & VbCrLf
 wscript.echo strMember
Next

Are you getting an error or are you just not seeing the group members in your text file? I ran the script against Active Directory at my current client and it worked ok. I tried it against a few different groups.

You can try adding the line in blue so you will see every member as it loops through them. Sometimes echoing things out to the screen is helpful. Also, the line in green should be echoing out the full path to the group. Is that part working? Is it returning the correct path to the group?

i am trying to understand the script;because its so big,its hard to understand for a beginner like me.fi,when going back to my original script,i understand everything except the

Set objGroup = GetObject(strGroupDN)
objGroup.getInfo
arrMemberOf = objGroup.GetEx("member")

For Each strMember in arrMemberOf
 tempvarMember = tempvarMember & strMember & VbCrLf
 wscript.echo strMember
Next

i found it at a website but i just cant copy and use it.i really want to understand the script cause that will make scripting for me easier in the future.its just like driving;some can tell you how to do it but you also need to know why you need to do that otherwise you can do something wrong.

Ok, we'll break that part down then:

Set objGroup = GetObject(strGroupDN)

This line binds to the group in AD. This will allow us to get to the attributes of the group--the members of the group are an attribute.

objGroup.getInfo

This is a worthless command in this script. It doesn't hurt anything but I don't think it is really needed. Here's a link that describes it. I think I've used it before but only when I needed to "re-get" the attributs of an object to make sure I had the most up-to-date info. Since we just bound to the object using GetObject I think we should have everything we need.

arrMemberOf = objGroup.GetEx("member")

This is the line that actually gets the members of the group. The variable is actually misnamed (although you can name variables whatever you want to). They started the variable name with ARR to represent an array of members. I'm pretty sure it will actually return a collection instead of an array but you work with them very similarly so it isn't a big deal.

In order to get an attribute, you have to know the name of it first. I use ADSIEDIT if I am unsure what the exact name is. In this case, the attribute is named "member"

For Each strMember in arrMemberOf
    tempvarMember = tempvarMember & strMember & VbCrLf
    wscript.echo strMember
Next

This is the part of the code that loops through each group member so you can write it out to your text file. The line in blue just displays each member while the script runs so you can see what it is doing. I highlighted a line in red. This line is building a list of all of the groups and assigning them to the variable "tempvarMember". It just appends each group name to the end of a big long string (separating each group member by VBCRLF--a carriage return)