Search This Blog

Monday, June 10, 2013

NON-LVR groupmembers - how to find them - Step 4.

Step 3 in my blog (http://www.jimmytheswede.blogspot.se/2013/06/non-lvr-groupmembers-how-to-find-them.html) will create a separate file for each group (DN is the filename of the group). Within those files you need to search for the string LEGACY, so what I did in step 4 was to search the files for the string LEGACY and then copy the files into a separate folder.

Note that my folder containing the files is "c:\temp\searchFiles" and I copied the files that contained the string "LEGACY" to the folder "c:\temp\searchResult".

In PowerShell:
get-childitem c:\temp\searchFiles | select-string LEGACY -List |%{copy-item -path $_.path -destination 'c:\temp\searchResult'}

Now I have all files (named as the group's DN) in a separate folder that contains LEGACY members, I then create a list of the filenames as input when I change them (http://www.jimmytheswede.blogspot.se/2013/06/non-lvr-groupmembers-how-to-change-them.html).

5 comments:

Noah James Skaaning Durrands said...

Hi Jimmy,
reverting back to the command converting LVR groups... Having a slight issue and I am wondering if you can look at this script and provide input.

$groups = Get-content $("c:\users\user_name\lvrgroups.txt")
Foreach ( $group in $groups ){
@(dsget group "$group" -members | dsmod group "$group" -chmbr)}

recieve error concerning
dsget failed:A referral was returned from the server.
type dsget /? for help.dsmod failed:The parameter is incorrect.
type dsmod /? for help.dsget failed:A referral was returned from the server.

This is a CN group naming context.
CN=Z,OU=Y,OU=X,OU=FEDKX-UC,OU=UC,DC=company,DC=local

Regards
Dave

Jimmy Andersson [DS MVP] said...

Hi Dave,

Sorry for the late Reply but I've been travelling. Did you solve your issue?

Best regards,
/Jimmy

Noah James Skaaning Durrands said...

Hi Jimmy,
Not at all - i am struggling with this big time.
Can you reply to DADU@ferring.com as i now recieve a message
DsReplicaGetInfo() failed with status 8333 (0x208d):
Directory object not found.

Regards
Dave

Jimmy Andersson [DS MVP] said...

Hi,

I tried your script and it works for me. I've sent you an e-mail with the screenshot as well.

Best regards,
/Jimmy

Jimmy Andersson [DS MVP] said...

Hi,
My friend Simon Wåhlin has created a function in Powershell that will do this in a much easier way. Check it out here: http://blog.simonw.se/list-active-directory-non-lvr-group-members/