Sunday, January 31, 2010

Enumeration of All Users in a Group (traversing nested groups) in Active Directory

As a counter part to my previous post, I created a dual of the script which enumerates Groups and their members. 

#
#    Enumerate All Users for a Group (including traversing nested groups) 
#        @param distinguishedName - The distinguished name of the object you want to traverse
#    Brock Moeller
#    12/16/2009
#
param (
    $distinguishedName = "CN=SuperGroup,OU=Groups,DC=serv,DC=ubercorp,DC=com" 
)

$roles = @{};
$indent = -1;
filter EnumMember {
    $indent += 1;
    if ($_ -is [System.DirectoryServices.DirectoryEntry]){
        $adsiObj = $_;
    } else {
        $adsiObj = New-Object System.DirectoryServices.DirectoryEntry("LDAP://" + $_);
    }
    if ((-not [String]::IsNullOrEmpty($adsiObj.cn)) -and (-not $roles.ContainsKey($adsiObj.cn))){
        $roles[$adsiObj.cn] = 1;
        $memberOfCount = $adsiObj.member.Count;
        $("`t"*$indent) + $adsiObj.cn + " [$memberOfCount]";
        if (($memberOfCount -gt 0) -and ($indent -lt 900)) {
            $adsiObj.member | EnumRoles;
        }
    }
    $indent -= 1;
}

$user = [adsi]"LDAP://$distinguishedName";
$user;
$buffer = $user.Path + "`n";
$user | EnumMember | % { $buffer += $_ + "`n" };
"Buffer: " + $buffer.ToString();
[System.IO.File]::WriteAllText("$pwd\$($user.cn).txt", $buffer.ToString());
Posted by Brock at 11:20 AM 0 comments
Labels: , ,

Friday, January 29, 2010

Enumeration of All Groups for a User (traversing nested groups) in Active Directory

I ran into an odd situation where I needed to be able to enumerate all of the groups that a user was a member. I found a lot of programs and scripts that will list the groups for a user, but none that would traverse nested groups.

The script writes the information to a file for better reviewing later. The output adds indentation to help readability.

Here is my solution.

#
#    Enumerate All Groups for a User (including traversing nested groups) 
#        @param distinguishedName - The distinguished name of the object you want to traverse
#        Brock Moeller
#        12/16/2009
#
param (
    $distinguishedName = "CN=Joe Dirt,OU=Users,DC=serv,DC=ubercorp,DC=com" 
)

$roles = @{};
$indent = -1;
filter EnumRoles {
    $indent += 1;
    if ($_ -is [System.DirectoryServices.DirectoryEntry]){
        $adsiObj = $_;
    } else {
        $adsiObj = New-Object System.DirectoryServices.DirectoryEntry("LDAP://" + $_);
    }
    if ((-not [String]::IsNullOrEmpty($adsiObj.cn)) -and (-not $roles.ContainsKey($adsiObj.cn))){
        $roles[$adsiObj.cn] = 1;
        $memberOfCount = $adsiObj.memberOf.Count;
        $("`t"*$indent) + $adsiObj.cn + " [$memberOfCount]";
        if (($memberOfCount -gt 0) -and ($indent -lt 900)) {
            $adsiObj.memberOf | EnumRoles;
        }
    }
    $indent -= 1;
}

$user = [adsi]"LDAP://$distinguishedName";
$user;
$buffer = $user.Path + "`n";
$user | EnumRoles | % { $buffer += $_ + "`n" };
"Buffer: " + $buffer.ToString();
[System.IO.File]::WriteAllText("$pwd\$($user.cn).txt", $buffer.ToString());
Posted by Brock at 9:09 PM 0 comments
Labels: , ,

Tuesday, January 26, 2010

Google Reader Grease Monkey Script

I was bored one day and decided that I wanted to fix up the Google Reader interface a little bit and this was the result. Sure there are more useful GM scripts, but this is a start.
// ==UserScript==
// @name           Google Reader Fixup
// @namespace      http://intellectualponderings.blogspot.com
// @version        1.0
// @description    Hides the sliding navigation pane.  Hides header below the blog name and the footer bar.  Adds "Info" button next to the blog name to toggle header and footer bar.  
// @include        htt*://www.google.*/reader*
// @include        http://www.google.com/reader/view/*
// ==/UserScript==

var cssHidechromeheader = <><![CDATA[
    #viewer-header, #viewer-footer { display: none; }
    ]]></>.toString();
var cssShowchromeheader = <><![CDATA[
    #viewer-header, #viewer-footer { display: inline; }
    ]]></>.toString();
var cssHideNav= <><![CDATA[
    #chrome-lhn-toggle { display: none; }
    ]]></>.toString();
 
function getElementPosition(element) {
    var pos = {x:0, y:0};
    if (element.offsetParent) {
        while (element.offsetParent) {
            pos.x += element.offsetLeft;
            pos.y += element.offsetTop;
            element = element.offsetParent;
        }
    } else if (element.x) {
        pos.x += element.x;
        pos.y += element.y;
    }
    return pos; 
}

function InfoMouseClick(e) {
    var gei = document.getElementById,
        header = gei('viewer-header'),
        hDisplay = header.style.display,
        footer = gei('viewer-footer'),
        entries = gei('entries'),
        entriesStatus = gei('entries-status');
    if ((hDisplay == "none")||(hDisplay == null)||(hDisplay == "")) {
        header.style.display = footer.style.display = "inline";
        entriesStatus.style.right = "0.5em";
    } else {
        header.style.display = footer.style.display = "none";
    }
    entries.style.height = String(d.documentElement.clientHeight - getElementPosition(entries).y - footer.offsetHeight) + "px";
}

(function () {
    //Initial Styles
    GM_addStyle( cssHidechromeheader );
    GM_addStyle( cssHideNav );
    var chrome = document.getElementById('chrome-header');
    //Button Element
    var buttonStr = " 
 
Info
";
    var googbutton=document.createElement('div');
    googbutton.className='goog-button-base goog-button-base-outer-box goog-inline-block';
    googbutton.style.margin = "0px 0px 0px 6px";
    googbutton.innerHTML=buttonStr;
    chrome.appendChild(googbutton);
    googbutton.addEventListener('click', InfoMouseClick, false); 
})();
Posted by Brock at 10:02 PM 0 comments
Labels: , ,
Subscribe to: Posts (Atom)