No announcement yet.

How to enumerate GPOs and settings with VBS

  • Filter
  • Time
  • Show
Clear All
new posts

  • How to enumerate GPOs and settings with VBS


    I would like to know if someone have some god ideas of how to enumerate the GPOs in the AD. I know that installing the GPMC gives the tools for GPO magic but i'm in the situation that i can't install anything on the systems that will be enumerated. I can attach EXE files and DLL files.. but not install or reconfigure the systems. I work as an consultant and is supposed to only observe the systems.

    So far i have collected the following pices.
    • GPO name can be found with installing the Support tools and using the IADS.dll. Can't use since it involves registering the dll to script.
    • GPO information can be enumerated to some parts with file handling and dumping the inf files in the sysvol\domain\policies folder..
    • GPO links can be found by enumerating the AD with LDAP queries..

    What i want ultimatly is to dump the entire AD with all objects to a textfile.. so any tools that can do that is a workaround.

    Best Regards

  • #2
    Re: How to enumerate GPOs and settings with VBS

    try this piece of code:

    Option Explicit
    'Declare Variables:
    Dim oRootDSE, oCon, oCom, oRS, oDic, oKey
    Dim sDNC, sGPOQuery, sOUQuery
    'Retrieve LDAP Naming Context:
    Set oRootDSE = GetObject("LDAP://rootDSE")
    sDNC = "LDAP://" & oRootDSE.Get("defaultNamingContext")
    Set oRootDSE = Nothing
    'Define LDAP Queries:
    sGPOQuery = "<" & sDNC & ">;(objectClass=groupPolicyContainer);cn,displayName;subtree"
    sOUQuery = "<" & sDNC & ">;(|(objectClass=domainDNS)(objectClass=organizationalUnit));distinguishedName,gPLink;subtree"
    'Connect to AD with ADODB:
    Set oCon = CreateObject("ADODB.Connection")
    Set oCom = CreateObject("ADODB.Command")
    oCon.Provider = "ADsDSOObject"
    oCon.Open "Active Directory Provider"
    Set oCom.ActiveConnection = oCon
    Set oDic = CreateObject("Scripting.Dictionary")
    'Retrieve GPOs:
    oCom.CommandText = sGPOQuery
    Set oRS = oCom.Execute
    While Not oRS.EOF
    	oDic.Add oRS.Fields("cn").Value, oRS.Fields("displayName").Value
    Set oRS = Nothing
    'Retrieve OUs:
    oCom.CommandText = sOUQuery
    Set oRS = oCom.Execute
    While Not oRS.EOF
    	Wscript.Echo oRS.Fields("distinguishedName").Value
    	For Each oKey In oDic.Keys
    		If InStr(oRS.Fields("gPLink").Value, oKey) > 0 Then
    			Wscript.Echo vbTab & "GPO Link: " & oDic(oKey)
    		End If
    	Wscript.Echo ""
    'Clean Objects:
    Set oRS = Nothing
    Set oCom = Nothing
    Set oCon = Nothing
    and have you tried anything from here?



    • #3
      Re: How to enumerate GPOs and settings with VBS

      Yes.. this was what i was looking for.. sort of.

      I have managed to enumerate the GPO links.. but the gpo name is new.

      Is it also possible to dump the GPO information this way??

      I will look into the scripts that you sent the link to.. thank you very much for the info.


      • #4
        Re: How to enumerate GPOs and settings with VBS

        Hi Martin.

        Now i have looked in to the script that you sent and made some changes to my script.
        I still would like to know if it is possible to dump a GPO in the same way as GPMC does when you export a GPO to HTML..

        If you look run this script you will se what kind of information i'm looking for.. Simply a lot of of text dump.

        TAB = CHR( 9 )
        set objrootdse = getobject("LDAP://RootDSE")
        strDNSDomain = objrootdse.get("DefaultNamingContext")
        set strRoot = getobject("LDAP://" & strDNSDomain)
        wscript.echo strDNSDomain
        fqn = strDNSDomain
        	wscript.echo strroot.get("gplink")
        	Nest strRoot,"",fqn
        Sub Nest(objparent, tabcount, fqn)
        	dim counter, objchild
        	For each objchild in objparent
        		Select Case ObjChild.class
        			case "groupPolicyContainer"
        				wscript.echo tabcount & &  "," & objchild.displayname & "(" & objchild.class &")" 
        			case else
        				wscript.echo tabcount & & "(" & objchild.class &")" 
        		end select
        		if objchild.class = "organizationalUnit" or objchild.class = "container" then
        			set ADinfo = getobject("LDAP://" & & "," & fqn)
        				on error resume next
        				wscript.echo tabcount & Adinfo.get("GPLink")
        			nest objchild, tabcount & Tab, & "," & fqn
        		end if
        end sub
        It is not hte RSOP i'm looking for.. but the real information in each GPO.

        Thanks for the help so far.


        • #5
          Re: How to enumerate GPOs and settings with VBS

          Sorry bader,
          I don't know of any way to dump the GPO information other than using GPMC or looking into the *.inf file itself.

          If you cannot install GPMC and not even register GPRSoP.dll... go with the inf.

          good luck,