>An NT Admin asked me if I could create a GUI to be able to report on existing NT Server Groups and Users to be able to create many-to-many queries. They want to read the data at runtime and query for users on one Group or Groups for one user. They have tons of users and groups and have a hard time to manage movements from users between groups and their permissions with the NT Admin interface.
>
>I could easily do this if I knew of API functions to access this info, or if there is a COM interface to it. I looked into WSH and did not see anything to report on NT Groups/Users. Security access should not be a problem as only Admins will use this app.
>
>Is this possible? Can anyone point me to a reference or info on this?
This is fairly easy using ADSI. For example, to get a list of all users in a domain:
oDomain = GETOBJECT("WinNT://MYDOMAIN,Domain")
FOR EACH oItem IN oDomain
IF oItem.Class = "User"
?oItem.Name
ENDIF
ENDFOR
To get a list of all groups, and members of each group:
FOR EACH oItem IN oDomain
IF oItem.Class = "Group"
?oItem.Name
FOR EACH oUser IN oItem.Members
?oUser.Name
ENDFOR
ENDIF
ENDFOR
The ADSI objects are extensively documented in MSDN.
Erik Moore
Clientelligence