2013-07-11

匯出某 OU 及其子 OU 中所有群組隸屬狀態

本 VBScript 程式可將某 OU 及其子 OU 中所有群組狀態匯出
匯出檔案包含:
1. 狀態列表: DN / 描述 / 成員 / 隸屬
2. 重建所有群組之批次指令檔
3. 重建群組成員之批次指令檔
4. 重建群組隸屬之批次指令檔
5. 變更 displayName 欄位之批次指令檔 (需搭配 Get-QADGroup)

本程式不能取代正常的 System Status Backup

===== 程式開始 =====

DNPath="OU=SubOUName, OU=OUName,"
FileName="OUName-SubOUName"

'---------------------------------------------------------
Set fso=CreateObject("Scripting.FileSystemObject")
DateString=year(date)&right("0" & month(date),2)&right("0" & day(date),2)
SavePath =  left(Wscript.ScriptFullName,len(Wscript.ScriptFullName)-len(Wscript.ScriptName)) & "Group_Backup_" & DateString & "\"
fso.CreateFolder(SavePath)
Display = DateString & "_" & FileName
ResourceUnitAccessGroup = LDAPDNQuery(DNPath,Display)

function LDAPDNQuery(DN_Path,Display)

Const ADS_SCOPE_SUBTREE = 6

' Get domain components
Set objRootDSE = GetObject("LDAP://RootDSE")
strDomain = objRootDSE.Get("DefaultNamingContext")

' Set ADO connection
Set objConnection = CreateObject("ADODB.Connection")
objConnection.Provider = "ADsDSOObject"
objConnection.Open "Active Directory Provider"

' Set ADO command
Set objCommand = CreateObject("ADODB.Command")
Set objCommand.ActiveConnection = objConnection
objCommand.Properties("Searchscope") = ADS_SCOPE_SUBTREE
objCommand.CommandText = "SELECT distinguishedName,description,groupType,member,memberof FROM 'LDAP://" & DN_Path & " " & strDomain & "' WHERE objectCategory='group'"

' Set recordset to hold the query result
Set objRecordSet = objCommand.Execute

ReturnString=""
CreateDN=""
ModifyDisplayName=""
ImportMember=""
MakeMemberOf=""
' If a user was found - Retrieve the distinguishedName
while Not objRecordSet.EOF
strDN = objRecordSet.Fields("distinguishedName").Value

strScope=""
if objRecordSet.Fields("groupType").Value=-2147483646 then
strScope=" -scope g"
elseif objRecordSet.Fields("groupType").Value=-2147483640 then
strScope=" -scope u"
else
strScope=" -scope u" & objRecordSet.Fields("groupType").Value
end if

strDesc=""
if ( VarType(objRecordSet.Fields("description").Value) = 8204 ) then
For Each item In objRecordSet.Fields("description").Value
strDesc = strDesc & item
Next
strDesc = replace(strDesc,",","/")
end if
if (strDesc <>"") then
strDesc=" -desc """&strDesc&""""
end if

strDisplayName=""
if ( VarType(objRecordSet.Fields("description").Value) = 8204 ) then
For Each item In objRecordSet.Fields("description").Value
strDisplayName = strDisplayName & item
Next
strDisplayName = replace(strDisplayName,",","/")
end if
if (strDisplayName <>"") then
strDisplayName=" | Set-QADGroup -ObjectAttributes @{displayName = """&strDisplayName&"""}"
end if

CreateDN=CreateDN&"dsadd group """&strDN&""""&strDesc&strScope&vbcrlf
ModifyDisplayName=ModifyDisplayName&"Get-QADGroup -Identity """&strDN&""""&strDisplayName&vbcrlf

strMember=""
if ( VarType(objRecordSet.Fields("member").Value) = 8204 ) then
For Each item In objRecordSet.Fields("member").Value
ImportMember=ImportMember&"dsmod group """&strDN&""" -addmbr """&item&""""&vbcrlf
strMember = strMember & " " & item & vbcrlf
Next
strMember = replace(strMember,",","/")
end if

strMemberOf=""
if ( VarType(objRecordSet.Fields("MemberOf").Value) = 8204 ) then
For Each item In objRecordSet.Fields("MemberOf").Value
MakeMemberOf=MakeMemberOf&"dsmod group """&item&""" -addmbr """&strDN&""""&vbcrlf
strMemberOf = strMemberOf & " " & item & vbcrlf
Next
strMemberOf = replace(strMemberOf,",","/")
end if

ReturnString=ReturnString&"DN: "&vbcrlf&" "&strDN&vbcrlf
ReturnString=ReturnString&"Desc: "&vbcrlf&" "&strDesc&vbcrlf
ReturnString=ReturnString&"Member: "&vbcrlf&strMember&vbcrlf
ReturnString=ReturnString&"MomberOf: "&vbcrlf&strMemberOf&vbcrlf
ReturnString=ReturnString&vbcrlf
objRecordSet.movenext
wend

OutputFileName=SavePath & Display & "-List.txt"
Set ResultFile = fso.OpenTextFile(OutputFileName, 2, true, -1)
ResultFile.write ReturnString
ResultFile.close

OutputFileName=SavePath & Display & "-CreateDN.txt"
Set ResultFile = fso.OpenTextFile(OutputFileName, 2, true, -1)
ResultFile.write CreateDN
ResultFile.close

OutputFileName=SavePath & Display & "-ModifyDisplayName.txt"
Set ResultFile = fso.OpenTextFile(OutputFileName, 2, true, -1)
ResultFile.write ModifyDisplayName
ResultFile.close

OutputFileName=SavePath & Display & "-ImportMember.txt"
Set ResultFile = fso.OpenTextFile(OutputFileName, 2, true, -1)
ResultFile.write ImportMember
ResultFile.close

OutputFileName=SavePath & Display & "-MakeMemberOf.txt"
Set ResultFile = fso.OpenTextFile(OutputFileName, 2, true, -1)
ResultFile.write MakeMemberOf
ResultFile.close

end function

沒有留言:

張貼留言