I have scripted NUMGroups.bat to return a list of Active Directory groups that are NOT enumerated by the net group /domain command.
The syntax for using is NUMGroups.bat is:
NUMGroups
The output is displayed on the console, but you could pipe it to a file using:
NUMGroups>FileName
NOTE: NUMGroups.bat uses Groups.bat and the Active Directory Command-Line Tools.
NUMGroups.bat contains:
@echo off
setlocal
if exist "%TEMP%\domaingroups.tmp" del /q "%TEMP%\domaingroups.tmp"
for /f "Tokens=1*" %%f in ('groups D') do (
@echo %%g>>"%TEMP%\domaingroups.tmp"
)
for /f "Tokens=*" %%g in ('dsquery group -o rdn') do (
call :look %%g
)
del /q "%TEMP%\domaingroups.tmp"
endlocal
goto :EOF
:look
set grp=%1
set grp=%grp:"=%
for /f "Tokens=*" %%f in ('@echo %grp%^|findstr /i /V /L /G:"%TEMP%\domaingroups.tmp"') do (
@echo "%%f"
)
0 comments
Hide comments
