Hi all,

I was wondering if anyone has every seen something like this. I am using the script below to get a visual on what users are in incorrect groups. While I was looking for a way to denote the primary group, I noticed in the generated list however that the user's primary group is not in the list of groups generated.

Any Ideas? I am running this against a Windows 2003 AD from on of the DC's of the domain in question.

 Code:
 Break on
$rc=SetOption('wrapateol','on')
$oDomain = GetObject("WinNT://" + 'MyDomain')
$oDomain.filter = "User", ""
$iniPath='c:\logon\groupslist.ini'

For Each $user In $oDomain
	$name='MyDomain\'+$user.name
	$userhome = TranslateName(3, "", 3, $name, 1)
	$c=1

	For Each $group In Getadusergroups($name)
		$rc=WriteProfileString($iniPath,$userhome[0],'Group #'+$c,$group)
		$c=$c+1
	Next


Next






Function TranslateName($InitType, $BindName, $LookupNameType, $LookupName, $ReturnNameType)
			
	DIM $InitType, $BindName, $LookupNameType, $LookupName, $ReturnNameType
	DIM $NameTranslate, $ReturnName, $Error, $ErrorText
			
	$Error = 0
	$ErrorText = ""
	$ReturnName = ""
	$NameTranslate = CreateObject("NameTranslate")
	$Error = @ERROR
	$ErrorText = @SERROR
	If $Error = 0
		$NameTranslate.Init($InitType, $BindName)
		$Error = @ERROR
		$ErrorText = @SERROR
		If $Error = 0
			$NameTranslate.Set($LookupNameType, $LookupName)
			$Error = @ERROR
			$ErrorText = @SERROR
			If $Error = 0
				$ReturnName = $NameTranslate.Get($ReturnNameType)
				$Error = @ERROR
				$ErrorText = @SERROR
			EndIf
		EndIf
	EndIf
	$TranslateName = $ReturnName, $Error, $ErrorText
EndFunction



Function getADUserGroups(optional $username, optional $mode)
  DIM $objTrans, $objUser, $group, $array[0], $i
  If $username=""
    $username=@LDOMAIN + "\"+ @USERID
  EndIf
  If not InSTR($username,"\")
    $username=@LDOMAIN + "\" + $username
  EndIf
  $objTrans = CreateObject("NameTranslate")
  If @ERROR
    Exit @ERROR
  Else
    $objTrans.Init(3, "")
    $objTrans.Set(3,$username)
    $username = $objTrans.Get(1)
    If @ERROR
      Exit @ERROR
    Else
      For Each $group In GetObject("LDAP://" + $username).GetEx("memberof")
        ReDIM preserve $array[$i]
        If $mode=0
          $array[$i]=GetObject("LDAP://" + $Group).cn
        Else
          $array[$i]=$group          
        EndIf
        $i=$i+1
      Next
      $getADUserGroups=$array  
    EndIf
  EndIf
EndFunction