|
Home > Articles
Browsing Windows NT groups with ASP and ADSI
The ASP code described in this article will allow you to find a list of Windows NT
groups in a specific domain or on a specific computer, then view a list of users and
groups within that group.
How it works
The ASP code uses Microsoft’s Active Directory Service Interfaces (ADSI). ADSI is
a directory system that makes it straightforward to administer and obtain information from
a variety of data stores on the system (e.g. Exchange Server, Internet Information Server,
and Windows NT itself). ADSI can run on Windows 95, 98, NT 4.0 and Windows 2000. Due to
the lack of security features in Windows 95 and 98 it is advisable to not run ADSI
services on these operating systems. The examples described here have been tested with
Windows NT 4.0.
ADSI is particularly useful under Windows 2000, as it allows access to the Windows 2000
Active Directory. The Active Directory is one of the cornerstones of Windows 2000, so it
is worth getting to grips with. If you want to learn ADSI, there are a number of tutorials
listed at the bottom of this article.
In order to get the examples to work, you will need to install ADSI. The current
version (2.5) is a free download from Microsoft’s website (see links at the bottom of
this article).
The code
There are four parts to the example page, which should be saved as
UserGroupBrowser.asp.
The first part of the page should be added to above the opening <HTML> tag:
<%
Dim sCurrentGroup
Dim sDomainName
sCurrentGroup = Request.QueryString("Group")
sDomainName = Request.QueryString("Domain")
'Change the following line so that sDomainName is your machine name
or domain name
If sDomainName = "" Then sDomainName = "MYDOMAIN"
%>
Note that the 8th line of this code should be changed to replace MYDOMAIN with the name
of your Windows NT Domain (or your machine name).
The second piece of code should be placed in the <BODY> part of the ASP document.
It contains calls to the functions that display the groups within a domain and also the
users within a specific group:
<P>Exploring the Domain <%=sDomainName%></P>
<form name="frmGroupSelector" action="UserGroupBrowser.asp"
method="GET">
<input type="hidden" name="Domain"
value="<%=sDomainName%>">
<%=ListGroups(sDomainName, sCurrentGroup, "submitFrm()")%>
</form>
<%
If sCurrentGroup <> "" Then
Response.Write ListUsers(sDomainName, sCurrentGroup)
End if
%>
The third piece of code is a small piece of JavaScript containing a function to submit
the Group select list if a group has been selected:
<script language="JavaScript"><!--
function submitFrm() {
if
(document.frmGroupSelector.Group.options[document.frmGroupSelector.Group.selectedIndex].value
!= '') {
document.frmGroupSelector.submit();
}
}
//--></script>
Finally, there are two VBScript functions: ListGroups and ListUsers. The code for these
is shown below:
<%
'function to create a select list containing a list of groups
within a computer
'or domain. Function must be supplied with three arguments:
'sDomainName: The domain name or computer name
'sSelectedGroup: The name of the group that should have the selected attribute
'sOnChangeScript: The name of the JavaScript function that should be executed
' when the onChange event is triggered for this select list
Function ListGroups(sDomainName, sSelectedGroup,
sOnChangeScript)
Dim sSelectListHTML
Dim sGroupName
sSelectListHTML = "<select name=""Group""
id=""Group"" "
sSelectListHTML = sSelectListHTML & "onChange=""" &
sOnChangeScript & """>" & vbCRLF
sSelectListHTML = sSelectListHTML & "<option
value="""">---------------"
sSelectListHTML = sSelectListHTML & "Select a group"
sSelectListHTML = sSelectListHTML & "---------------</option>" &
vbCRLF
Set Domain = GetObject("WinNT://" & sDomainName)
For Each Member in Domain
If Member.Class = "Group" Then
sGroupName = null
sGroupName = Member.Name
If sGroupName = sSelectedGroup Then
sSelectListHTML = sSelectListHTML & "<option selected value="""
& sGroupName & """>"
sSelectListHTML = sSelectListHTML & sGroupName & "</option>" &
vbCRLF
Else
sSelectListHTML = sSelectListHTML & "<option value="""
sSelectListHTML = sSelectListHTML & sGroupName & """>"
& sGroupName & "</option>" & vbCRLF
End If
End if
Next
sSelectListHTML = sSelectListHTML + "</select>" & vbCRLF
ListGroups = sSelectListHTML
End Function
%>
<%
'function to list the users and groups within a specific user
group.
'Function must be supplied with two arguments:
'sDomainName: The domain name or computer name
'sGroupName: The name of the user group
Function ListUsers(sDomainName, sGroupName)
Dim sUserList
Dim sMyParent
Set Group = GetObject("WinNT://" & sDomainName & "/" &
sGroupName)
For Each Member in Group.Members
On Error Resume Next
sMyParent = Member.Parent
sMyParent = Right(sMyParent, Len(sMyParent) - InStrRev(sMyParent, "/"))
If Member.Class = "User" Then
sUserList = sUserList & "<b>" & Member.Name &
"</b><br>"
sUserList = sUserList & " Full Name: " & Member.FullName &
"<br>"
sUserList = sUserList & " Description: " & Member.Description &
"<br>"
sUserList = sUserList & " Account Disabled: " & Member.AccountDisabled
& "<br>"
sUserList = sUserList & "<p>"
ElseIf Member.Class = "Group" Then
sUserList = sUserList & "<b><a
href=""UserGroupBrowser.asp?"
sUserList = sUserList & "Group=" & Server.URLEncode(Member.Name)
sUserList = sUserList & "&Domain=" & Server.URLEncode(sMyParent)
sUserList = sUserList & """>" & Member.Name &
"</a></b>< br>"
sUserList = sUserList & " Description: " & Member.Description &
"<br>"
sUserList = sUserList & "<p>"
End If
Next
If sUserList = "" Then
sUserList = "<p>This group does not contain any
users</p>"
End If
ListUsers = sUserList
End Function
The first function (ListGroups) will generate the HTML required for a select list
containing a list of all the groups within a specified Windows domain (or an individual
computer). It achieves this by first binding the Domain object to the Active Directory
object for the specified Windows domain or individual machine. It then enumerates the list
of members within the domain, and if the member is found to be a group it adds an OPTION
tag to the select list.
The second function (ListUsers) will display a list of users and groups within a
specific group [under Windows NT it is possible to make groups members of other groups,
such as adding Power Users to the Administrators group].
The ListUsers function will display a number of attributes of users it finds;
specifically their full name, description, and whether or not their account is disabled.
Further attributes can be obtained using ADSI - a full list is shown in Microsoft’s
ADSI documentation (link at the bottom of this article).
Note that On Error Resume Next should be used when using Active Directory,
because the ASP document will stop being processed if a certain attribute cannot be found.
If you don’t want to cut and paste the code into an ASP document, the complete
code may be downloaded in a ZIP file:
Further reading
Useful Development Tools
| ASP
Documentation Tool™ |
| Automatically creates developer documentation for ASP 2.0
and 3.0 web applications written in VBScript and JScript. Documentation for Microsoft
Access, SQL Server 7/2000 databases and Visual Basic 6.0 components associated with the
web application can also be incorporated into the reports. Documentation is created in
HTML, HTML Help and plain text formats. |
 View Sample
Output (HTML Help format).
 View Sample Output (HTML Format).
 Download
Trial Version (5.2Mb ZIP file). |
| .NET Documentation Tool |
| Automatically creates technical documentation for .NET Framework Windows and ASP.NET applications written in C# or VB.NET and SQL Server 7/2000/2005 or Microsoft Access databases associated with the
application. Documentation is created in HTML, HTML Help and plain text formats. |
View Sample
Output (HTML Help format).
View Sample Output (HTML Format).
Download
Trial Version (5Mb ZIP file). |
| SQL
Documentation Tool |
| The SQL Documentation Tool creates technical documentation for Microsoft SQL Server 7.0 and 2000 databases. Technical documentation is created in HTML and HTML Help formats. The HTML Help format documentation is fully searchable and cross referenced. The SQL Documentation Tool documents SQL Server Tables, Views, Stored Procedures, Triggers and Table Relationships. |
View Sample
Output (HTML Help format).
View Sample Output (HTML Format).
Download
Trial Version (10.3Mb ZIP file). |
| Indexing Service Companion |
|
The Indexing Service Companion is a Windows application that extends the functionality of the Microsoft Windows Indexing Service so that it is able to index content from remote websites and also from ODBC databases. As such it can be used as a low cost alternative to Sharepoint Portal Search Services.
|
Try Sample Search Facility.
Download
Trial Version (1.7Mb ZIP file). |
| The Website Utility |
| The Website Utility examines websites for errors and
areas that need to be optimised for search engines by using a built in web crawling engine.
Errors checked for include broken or moved hyperlinks, missing page titles and missing meta tags.
It also generates HTML for use in creating website site maps (table of contents pages - like this one), and is
able to create both client-side JavaScript Search Engines and server-side ASP Search Engines for a website. |
View Sample Output (HTML Format).
Download
Trial Version (3Mb ZIP file). |
|
