Got a question from Matthew this week:
“I was wondering if you guys have a script that could determine what OU a user is a member of…sort of an if then else clause, If a member of “Said Group” then do this, Else End If…”
Good question Matthew. This turns out to be more difficult than it sounds. The reason: To determine this we need to setup an LDAP query that selects the OU, and then loops through all the users to see if the current user is a member.
The LDAP query looks like this:
LDAP://{DOMAIN} WHERE objectCategory='organizationalUnit' and ou='{OU NAME}'
Once the VBScript runs the query, we simply loop through the results and look for our account name. If it is there, then we have a match.
To use the script, simply open it up and go to the bottom. You will see these lines:
if IsMember("Testers") then
Wscript.Echo "This user is a member of the OU"
else
Wscript.Echo "This user is not a member of the OU"
end if
Just change “Testers” to the OU you want to see if the current user is a member of, and you can have your script take different actions based on their current membership (Map drives, add printers, etc).
Get the script from here:
http://www.intelliadmin.com/IsOUMember.dat
Remember to rename it to .vbs after downloading.