[the domain name is: demo.net and DC name is DC1 in this example, you need to replace that with your domain and DC]
1. Create a list of all groups in the domain:
Dsquery group dc=demo,dc=net /limit 0 > allGroups.txt2. Remove all built-in groups and groups that are created by default during a fresh installation since I didn't want to "touch" them.
3. Get objMeta of all groups in the text file:
For /f “delims=” %f in (groups.txt) do repadmin /showobjmeta
DC1 %f > metadata\%f(metadata is the folder where I saved the output files to)
4. Now the only thing left is to search the files created in the metadata folder for LEGACY. And you will have a list of which groups contains non-LVR memberships.
When I have my complete list I will then remove/add the members to be able to utilize LVR. I haven't decided how I will do that yet, but most likely dsget group | dsmod group but I will post that after I've done it.
1 comment:
Hi,
My friend Simon Wåhlin has created a function in Powershell that will do this in a much easier way. Check it out here: http://blog.simonw.se/list-active-directory-non-lvr-group-members/
Post a Comment