MICROSOFT CORPORATION AND/OR ITS RESPECTIVE SUPPLIERS MAKE NO REPRESENTATIONS ABOUT THE SUITABILITY, RELIABILITY, OR ACCURACY OF THE INFORMATION AND RELATED GRAPHICS CONTAINED HEREIN. ALL SUCH INFORMATION AND RELATED GRAPHICS ARE PROVIDED "AS IS" WITHOUT WARRANTY OF ANY KIND. MICROSOFT AND/OR ITS RESPECTIVE SUPPLIERS HEREBY DISCLAIM ALL WARRANTIES AND CONDITIONS WITH REGARD TO THIS INFORMATION AND RELATED GRAPHICS, INCLUDING ALL IMPLIED WARRANTIES AND CONDITIONS OF MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE, WORKMANLIKE EFFORT, TITLE AND NON-INFRINGEMENT. YOU SPECIFICALLY AGREE THAT IN NO EVENT SHALL MICROSOFT AND/OR ITS SUPPLIERS BE LIABLE FOR ANY DIRECT, INDIRECT, PUNITIVE, INCIDENTAL, SPECIAL, CONSEQUENTIAL DAMAGES OR ANY DAMAGES WHATSOEVER INCLUDING, WITHOUT LIMITATION, DAMAGES FOR LOSS OF USE, DATA OR PROFITS, ARISING OUT OF OR IN ANY WAY CONNECTED WITH THE USE OF OR INABILITY TO USE THE INFORMATION AND RELATED GRAPHICS CONTAINED HEREIN, WHETHER BASED ON CONTRACT, TORT, NEGLIGENCE, STRICT LIABILITY OR OTHERWISE, EVEN IF MICROSOFT OR ANY OF ITS SUPPLIERS HAS BEEN ADVISED OF THE POSSIBILITY OF DAMAGES.
Exchange Server and Active Directory do not contain a simple feature that lets you export the names of users who are members of a particular distribution group. This article explains how to programmatically extract this information using a script. You can run this script directly from the server or any domain workstation.
The steps in extracting the information is as follows. Using a batch file, extract a Distribution List in LDF format using LDIFDE. This will include the distribution list members, but the output will not be formatted the way we want it – each line would start with the word “member:” and will contain the full LDAP Path. We are interested in only the display names of the users. So we write another VBS script that opens the LDF file and cleanses the data by removing the “member:” prefix and the unwanted portion of the LDAP Path. In the end we just have a normal list of display names of the users. This article requires that you have the LDIFDE.exe tool in your system path.
1. Write the batch file that runs LDIFDE against your Active Directory. Save the file as ExportDL.BAT
using a text editor like Notepad. If you’re using Notepad, make sure that the file extension is .bat
and not .bat.txt
when you save the file.
@echo offldifde -f groups.ldf -d "cn=GroupName1,ou=myOU, dc=mydomain,dc=com" -l member -s mydc1cscript modify.vbs //Nologo > "GroupName1.txt"ldifde -f groups.ldf -d "cn=GroupName2,ou=myOU,dc=mydomain,dc=com" -l member -s mydc1cscript modify.vbs //Nologo > "GroupName2.txt"...ldifde -f groups.ldf -d "cn=GroupNameN,ou=myOU,dc=mydomain,dc=com" -l member -s mydc1cscript modify.vbs //Nologo > "GroupNameN.txt"
Here the two lines starting with LDIFDE
are repeated for each distribution group in the active directory. The example shows how to write the script for distribution groups named GroupName1
, where they represent the display name of the individual distribution groups in Active Directory. In this example, all the distribution groups are placed in the OU named myOU
. If your distribution groups are scattered in separate OUs, take care to give the complete LDAP path in the –d
switch. Also, in this example, it is assumed that the Active Directory domain name as mydomain.com
(represented by dc=mydomain,dc=com
in this code snippet) and the domain controller as mydc1
. You will need to change these parameters in your script to reflect actual values.
The function of each iteration in the batch file is to extract (using LDIFDE
) each distribution group into an LDIF file named groups.ldf
. The groups.ldf
file is a temporary file. The next statement (cscript modify.vbs
) invokes the modify.vbs
script (described below). The modify.vbs
script works on the groups.ldf
file to produce meaningful output.
2. Write the MODIFY.VBS
file. Again, you can use Notepad
. You may not need to make any changes to the below code. This file opens the groups.ldf file created by LDIFDE
in the batch file you created in step 1. It then extracts only the display names of each member of the group and places it into a new text file. The text file containing the group members is created automatically and is given the name of the distribution group from which the users were extracted. If the file already exists, it is overwritten automatically every time you run the script.
Dim objFileSystem, objInputFileDim strOutputFile, inputData, strData, strTemp Const OPEN_FILE_FOR_READING = 1 ' generate a filename base on the script namestrOutputFile = "groups.ldf"Set objFileSystem = CreateObject("Scripting.fileSystemObject")Set objInputFile = objFileSystem.OpenTextFile(strOutputFile, OPEN_FILE_FOR_READING) ' read everything in an arrayinputData = Split(objInputFile.ReadAll, vbNewline)For each strData In inputData if Mid(strData, 1,2)="me" and len(strdata)>10 then strTemp=Mid(strData, 12, InStr(1, strData,",",1)-12) WScript.Echo strTemp end if if Mid(strData,1,2)=" C" then strTemp=Mid(strData, 5, InStr(1, strData,",",1)-5) WScript.Echo strTemp end ifNextobjInputFile.CloseSet objFileSystem = NothingWScript.Quit(0)
3. Run the ExportDL.bat
file. Once execution completes, see the folder where you put the above two files. You should see that you have new text files with the names all your distribution groups.