You are not logged in. [Log In] KiXtart.org website » Forums » KiXtart » Advanced Scripting » ComputerInGroupNested - Advice Needed
Register User       Forum List       Calendar       FAQ
Page 1 of 1 1
Topic Options
#202914 - 2011-08-18 12:18 AM ComputerInGroupNested - Advice Needed
sixdoubleo Offline
Starting to like KiXtart

Registered: 2004-02-06
Posts: 118
Loc: California, US
After not being able to find a function that will evaluate a computer membership recursively, I finally went and wrote one. This function has been in use in my environment on about 100 pilot workstations. The function is part of an INI-based software deployment script whereby membership in various software installation groups will cause installation or uninstallation of software. Therefore, this function needs to work correctly.

Like I said, so far it has worked flawlessly for 6 months on about 100 Windows 7 workstations. Anyway, I've always been a bit of a top-down thinker when it comes to coding and tend to brute-force my way through things. Before I put it into production on our 1500-some odd workstations, I wanted to get some opinions...

1. Am I utilizing the most cost-effective method of querying AD group memberships?

2. Are there logic optimizations I can take advantage of to speed things up? For instance, once I find a match, stop processing any further groups. Currently it processes all the way through.

3. And while I don't care too much for single-letter variables, can this thing be golfed down a bit (and still be readable by an average coder) to make it smaller and more efficient?

Any help or advice anybody has would be much appreciated!
Top
#202916 - 2011-08-18 12:22 AM Re: ComputerInGroupNested - Advice Needed [Re: sixdoubleo]
sixdoubleo Offline
Starting to like KiXtart

Registered: 2004-02-06
Posts: 118
Loc: California, US 

Dim $rc
$rc = SetOption("Explicit","ON")
$rc = SetOption("NoVarsInStrings","ON")
 
If ComputerInGroupNested("Asset Management Exempt")
   ? "Computer is a member of the Asset Management Exempt group"
EndIf
 
If ComputerInGroupNested("Windows 7 Pilot Workstations")
   ? "Computer is a member of the Windows 7 Pilot Workstations group"
EndIf
 
 
 
Function ComputerInGroupNested($strGroup)
	Dim $bInGroup 
	Dim $objSysInfo, $objComputer, $colGroups, $objGroup
	Dim $DN
   
	$ComputerInGroupNested = 0
	$bInGroup = 0
	$strGroup = Trim($strGroup)   	
 
	$objSysInfo = CreateObject("ADSystemInfo")
	If @ERROR
		Exit @ERROR
	EndIf
   
	$DN = $objSysInfo.computername
   
	If $DN <> ""
		$objComputer=GetObject("LDAP://"+$DN) 
		If $objComputer
			; Get the first level groups the computer is a member of 
			$colGroups = $objComputer.Groups
			For Each $objGroup in $colGroups
				If Trim($objGroup.CN) = $strGroup
					$bInGroup = 1
				EndIf
				If $bInGroup <> 1
					; Recursively check membership of each group 
					$bInGroup = GetNested($objGroup,$strGroup,0)
				EndIf
			Next
		EndIf
	Else
		Exit @ERROR
	EndIf
	$ComputerInGroupNested = $bInGroup
EndFunction
 
Function GetNested($objGroup, $CheckGroup, $nIterationCount)
	Dim $colMembers, $strMember, $objNestedGroup, $x, $strPath
	Dim $nMaxIterations
   
	$GetNested = 0
	
	; MaxIterations exists because I discovered certain siutations where it was possible to  
	; infinitely nest two groups into each other casuing an infinite loop.  This allows the script  
	; to quit after 30 levels of nesting. 
	$nMaxIterations = 30
    
	; Get groups that group is a member of 
	$colMembers = $objGroup.GetEx("memberOf")
    
	; Traverse group array 
	For Each $strMember in $colMembers
		$strPath = "LDAP://" + Trim($strMember)
		$objNestedGroup = GetObject($strPath)
 
		If Trim($objNestedGroup.CN) = $CheckGroup
			$GetNested = 1
		EndIf
 
		If $GetNested <> 1		
			; See if that group is a member of any groups, recurse infinitely 
			If $nIterationCount < $nMaxIterations
				$GetNested = GetNested($objNestedGroup,$CheckGroup,$nIterationCount + 1)
			Else
				Return
			EndIf	
		EndIf
	Next
EndFunction

Top
#202918 - 2011-08-18 03:43 AM Re: ComputerInGroupNested - Advice Needed [Re: sixdoubleo]
Allen Administrator Offline
KiX Supporter
*****

Registered: 2003-04-19
Posts: 4557
Loc: USA
Be sure to see http://www.kixtart.org/forums/ubbthreads.php?ubb=showflat&Number=165767&site_id=1#import
Top
Page 1 of 1 1


Moderator:  Glenn Barnas, NTDOC, Arend_, Jochen, Radimus, Allen, ShaneEP, Ruud van Velsen, Mart 
Hop to:
Shout Box

Who's Online
0 registered and 323 anonymous users online.
details
Newest Members
Audio, Hoschi, Comet, rrosell, PatrickPinto
17880 Registered Users
My Cookies · Mark all read Powered by UBB.threads™ Contact Us · KiXtart.org website · Top

Generated in 0.049 seconds in which 0.021 seconds were spent on a total of 13 queries. Zlib compression enabled.
Search the board with:
superb Board Search
or try with google:
Google
Web kixtart.org