Q. How do I run commands on my domain controller for every member of a domain group?

In tip 4646 ยป How do I run commands on my domain controller for every user?, I described some commands that you might wish to run for every domain user, and I provided DomUsers.bat to allow you to run them.

Using the same principals, I have scripted DomGroupMembers.bat to allow you to run a command for every member of a domain group. The syntax is:

DomGroupMembers Group "Command" \[ExludeList\]

where:

Group is the domain group whose members will receive the action of "Command".

"Command" is a quoted string that contains the command you wish to run. In the quoted string, use a single quote (') to represent a quote ("). Use %user% to represent the user name.

ExcludeList is optional and is a list of every user name that you wish to exclude.

Example:

To set the logon hours for every member of the "Temporary Clerical" group, except John Doe:

DomGroupMembers "Temporary Clerical" "net user %user% /times:M,8AM-5PM;T,8AM-5PM;W,8AM-5PM;Th,8AM-5PM;F,8AM-5PM" "John Doe"

To remove every member from the "Temporary Clerical" group:

DomGroupMembers "Temporary Clerical" "net group 'Temporary Clerical' %user% /delete"

To pass every member of the sales group to your test.bat, which is in the path:

DomGroupMembers Sales "call test.bat %user%"

NOTE: The /domain switch is automatically added to every "Command", as the last switch.

DomGroupMembers.bat contains:

@echo off
if \{%1\}

\{\} @echo Syntax: DomGroupMembers Group "Command" \[ExludeList\]&goto :EOF if \{%2\}

\{\} @echo Syntax: DomGroupMembers Group "Command" \[ExludeList\]&goto :EOF setlocal set group=%1 set command=%2 set command=%command:"=% set command=%command:'="% /domain shift :loop shift if \{%1\}==\{\} set exclude=%exclude%1234567890123456789012345&goto users set work=%1 set work=%work:"=% # set work=%work:~0,25% set exclude=%exclude%%work% goto loop :users for /f "Skip=8 Tokens=*" %%i in ('net Group %group% /domain') do set line=%%i&call :parse endlocal goto :EOF :strip set short=%name%# set short=%short: =% set short=%short: #=#% set short=%short:#=% set user="%short%" set /a cnt=0 :exc for /f "Tokens=*" %%n in ('@echo %%exclude:~%cnt%^,25%%') do set char=%%n # set char=%char:~0,25% if "%char%" EQU "1234567890123456789012345" goto doit if /i "%char%" EQU "%name%" goto :EOF set /a cnt=%cnt% + 25 goto exc :doit for /f "Tokens=*" %%j in ('@echo %command%') do %%j goto :EOF :parse set name=%line:~0,25% If /i "%name%" EQU "The command completed suc" goto :EOF call :strip set name=%line:~25,25% if not "%name%" EQU "" call :strip set name=%line:~50,25% if not "%name%" EQU "" call :strip

Hide comments

Comments

  • Allowed HTML tags: <em> <strong> <blockquote> <br> <p>

Plain text

  • No HTML tags allowed.
  • Web page addresses and e-mail addresses turn into links automatically.
  • Lines and paragraphs break automatically.
Publish