command.com
io.sys
msdos.sys
Sunday, February 5, 2012
Thursday, January 12, 2012
List Users in a Group Active Directory
Dim arrNames()
intSize = 0
Set objGroup = GetObject("LDAP://CN=Accountants,OU=Finance,DC=fabrikam,DC=com")
For Each strUser in objGroup.Member
Set objUser = GetObject("LDAP://" & strUser)
ReDim Preserve arrNames(intSize)
arrNames(intSize) = objUser.CN
intSize = intSize + 1
Next
For i = (UBound(arrNames) - 1) to 0 Step -1
For j= 0 to i
If UCase(arrNames(j)) > UCase(arrNames(j+1)) Then
strHolder = arrNames(j+1)
arrNames(j+1) = arrNames(j)
arrNames(j) = strHolder
End If
Next
Next
For Each strName in arrNames
Wscript.Echo strName
Next
intSize = 0
Set objGroup = GetObject("LDAP://CN=Accountants,OU=Finance,DC=fabrikam,DC=com")
For Each strUser in objGroup.Member
Set objUser = GetObject("LDAP://" & strUser)
ReDim Preserve arrNames(intSize)
arrNames(intSize) = objUser.CN
intSize = intSize + 1
Next
For i = (UBound(arrNames) - 1) to 0 Step -1
For j= 0 to i
If UCase(arrNames(j)) > UCase(arrNames(j+1)) Then
strHolder = arrNames(j+1)
arrNames(j+1) = arrNames(j)
arrNames(j) = strHolder
End If
Next
Next
For Each strName in arrNames
Wscript.Echo strName
Next
Tuesday, January 10, 2012
Print List of Groups in OU
Ref: http://blogs.technet.com/b/heyscriptingguy/archive/2005/09/21/how-can-i-list-all-the-groups-in-an-ou.aspx
Ref: http://www.devguru.com/technologies/vbscript/quickref/filesystemobject_createtextfile.html
Set objOU = GetObject("LDAP://OU=Users,OU=Groups,OU=City,OU=Work,OU=Dept,DC=xx,DC=yy,DC=zz")
objOU.Filter = Array("Group")
Set fso = CreateObject("Scripting.FileSystemObject")
Set fsoFile = fso.CreateTextFile("C:\Windows\Temp\listgroupsinou.txt")
For Each objGroup in objOU
fsoFile.WriteLine(objGroup.Name)
' Wscript.Echo objGroup.Name
Next
fsoFile.Close
Ref: http://www.devguru.com/technologies/vbscript/quickref/filesystemobject_createtextfile.html
Set objOU = GetObject("LDAP://OU=Users,OU=Groups,OU=City,OU=Work,OU=Dept,DC=xx,DC=yy,DC=zz")
objOU.Filter = Array("Group")
Set fso = CreateObject("Scripting.FileSystemObject")
Set fsoFile = fso.CreateTextFile("C:\Windows\Temp\listgroupsinou.txt")
For Each objGroup in objOU
fsoFile.WriteLine(objGroup.Name)
' Wscript.Echo objGroup.Name
Next
fsoFile.Close
Thursday, December 8, 2011
Tuesday, November 22, 2011
Administrative Template Point and Print Restrictions
This worked for me... found this after I posted the above. hope it helps some of you having the same issue. I did this on my local pc not the Domain GPO so it would work in either place.
There are TWO "Point and Print Restrictions" settings
* Computer Configuration/Policies/Administrative Templates/Printers/Point and Print Restrictions
* User Configuration/Policies/Administrative Templates/Control Panel/Printers/Point and Print Restrictions
Of these two, the one under Computer Configuration seems to be the important one. But guess what? The original Server 2008 doesn't include this setting in the list -- you need Server 2008R2 for this setting to show up. If you download the administrative templates from Server 2008 R2, extract, and copy the PolicyDefinitions folder to C:\Windows\sysvol\domain\Policies\PolicyDefinitions, this missing policy will show up magically in Group Policy Management Editor. Of course, the ADMX files from Server 2008 R2 causes Group Policy Management Editor from Server 2008 tocomplain about parse errors, but it works just fine to click "OK".
Once you've installed the proper ADMX files, for this to work in Windows 7, configure both of these "Point and Print Restrictions" settings to:
* Enabled
* Security Prompts, When Installing Drivers for a new connection = Do not show warning or elevation prompt
* Security Prompts, When Installing Drivers for a new connection = Do not show warning or elevation prompt
Also, don't forget to make sure the users have permission to install printer drivers, since you're not even going to try to use Admin privileges any more:
* Computer Configuration\Policies\Administrative Templates\System\Driver Installation
* The setting is called "Allow non-administrators to install drivers for these devices setup classes".
* You will need to add thedevice class GUID of printers: {4d36e979-e325-11ce-bfc1-08002be10318}
Don't forget to update the computer policy on the workstation by running "gpupdate /force". Then log on as a non-admin user, and test! It worked for me with an annoying Konica Minolta bizhub C550 fax driver that was prompting my Win7 non-admin users for privileges when the logon script tried to install the driver for them. YMMV.
Good luck!
There are TWO "Point and Print Restrictions" settings
* Computer Configuration/Policies/Administrative Templates/Printers/Point and Print Restrictions
* User Configuration/Policies/Administrative Templates/Control Panel/Printers/Point and Print Restrictions
Of these two, the one under Computer Configuration seems to be the important one. But guess what? The original Server 2008 doesn't include this setting in the list -- you need Server 2008R2 for this setting to show up. If you download the administrative templates from Server 2008 R2, extract, and copy the PolicyDefinitions folder to C:\Windows\sysvol\domain\Policies\PolicyDefinitions, this missing policy will show up magically in Group Policy Management Editor. Of course, the ADMX files from Server 2008 R2 causes Group Policy Management Editor from Server 2008 tocomplain about parse errors, but it works just fine to click "OK".
Once you've installed the proper ADMX files, for this to work in Windows 7, configure both of these "Point and Print Restrictions" settings to:
* Enabled
* Security Prompts, When Installing Drivers for a new connection = Do not show warning or elevation prompt
* Security Prompts, When Installing Drivers for a new connection = Do not show warning or elevation prompt
Also, don't forget to make sure the users have permission to install printer drivers, since you're not even going to try to use Admin privileges any more:
* Computer Configuration\Policies\Administrative Templates\System\Driver Installation
* The setting is called "Allow non-administrators to install drivers for these devices setup classes".
* You will need to add thedevice class GUID of printers: {4d36e979-e325-11ce-bfc1-08002be10318}
Don't forget to update the computer policy on the workstation by running "gpupdate /force". Then log on as a non-admin user, and test! It worked for me with an annoying Konica Minolta bizhub C550 fax driver that was prompting my Win7 non-admin users for privileges when the logon script tried to install the driver for them. YMMV.
Good luck!
Subscribe to:
Comments (Atom)