How to get all the members in user group by using LDAP in Pe

About LDAP:

LDAP stands for Lightweight Directory Access Protocol. It is usually used to fetch (and sometimes update) data in a directory of people.

Using Net::LDAP?module in Perl?can provide a way to interact with this database.

?

Perl script to get this:

#! /usr/bin/perl

# Owner: Rebecca

# Creation date: 2014-12-29

# Usage:

# ./script.pl > yourfile.scv

?

use strict;

use Win32;

use Win32::OLE;

use Net::LDAP;

use warnings;

?

sub getmembersingroup

{

(my $subldap,my $groupname) = @_;

?

#************************************Get distinguished name by using group name*****************************************

my $mesg = $subldap->search(

base => "dc=global,dc=ds,dc=company,dc=com",

filter => "(&(CN=".$groupname."))",

);

?

if($mesg->code)

{

??????????????? print $mesg->error,"n";

??????????????? exit;

}

?

my @entries = $mesg->entries;

my $distinguishedName;

foreach my $entry(@entries)

{

??????????????? $distinguishedName = $entry->get_value("distinguishedName");

}

?

#**********************Get members by using the newly got distinguished Name*********************************************

$mesg = $subldap->search(

???????????? base => $distinguishedName,

???????????? scope => "sub",

???????????? filter => "(&(objectClass=*))",

???????? );

@entries = $mesg->entries;

?

my $entry;

foreach $entry(@entries)

{

??????????????? my @member = $entry->get_value("member");

?

??????????????? foreach (@member)

??????????????? {

??????????????????????????????? my $line = $_;

??????????????????????????????? my $para = $line;

?

??????????????????????????????? my $string_dl = "OU=Distribution Lists";

?? ???????????????????????????? ?$line =~ /DC=(.*?),/;

??? ??????????????????????????? my $str_domain = $1;

???

??????????????????????????????? if (!/$string_dl/)

??????????????????????????????? {

??????????????????????????????????????????????? #--------------get the account name and domain name---------------------

??????????????????????????????????????????????? my $str_obj = Win32::OLE->GetObject("LDAP://".$para) or die "$@";

???????????????????????????????????????????????????????????????????????????????????????????????

??????????????????????????????????????????????? my $status_able = "disabled";

??????????????????????????????????????????????? if ($str_obj->{accountdisabled} eq 0)

??????????????????????????????????????????????? {

??????????????????????????????????????????????????????????????? $status_able = "enabled";

??????????????????????????????????????????????? }

???????????????????????????????????????????????

??????????????????????????????????????????????? $str_obj->{displayName} =~ s/,//g; # remove the,in the name

?

??????????????????????????????????????????????? print "$str_obj->{displayName},$str_obj->{sAMAccountName},$str_domain,$status_able n" ;

??????????????????????????????? }

??????????????????????????????? else

??????????????????????????????? {

??????????????????????????????????????????????? #it is a DL need to get the members inside

??????????????????????????????????????????????? $line = ~/CN=(.*?),/;

??????????????????????????????????????????????? my $sub_group_name = $1;

??????????????????????????????????????????????? &getmembersingroup($subldap,$sub_group_name);???????????????????

??????????????????????????????? }

??????????????? }

}

}

?

my $ldap = Net::LDAP->new('global.ds.company.com') or die "$@";

my $mesg = $ldap->bind('yourid@yourdomian.ds.company.com',password =>"youraccountpassword");

?

if($mesg->code)

{

??????????????? print $mesg->error,"n";

}

?

&getmembersingroup($ldap,"GroupName");