Tips & Tweaks for Windows

User Rating:  / 4

Overview nested groups

I worked in an organization with an active directory that was build in a way that an average user was member of at least 80 nested groups. As you can imagine, group nesting made it hard to determine where certain rights originated.

During that time, I created two GUI scripts:

1. MemberOfTree.hta shows all memberships of an AD user, computer or group, including nested subgroup memberships.

2. GroupMemberTree.hta shows all members of an AD group, including members of subgroups

I adjusted this script recently for generic use (downloadable as freeware). After double clicking the .hta file, you will be prompted for a keyword. Enter the name (CN or Pre-Windows 2000 name) of the active directory group or user to search.

It's also possible to use the wildcard *. In this case, a tree is shown for each found object.

Download and install

Open the zip file and unzip it to a folder as a whole. That's all there is to it.

Download scripts: ZEDA_GroupTree.zip

You see the 2 .hta files and a folder named bin. This folder contains the used images. It's important to maintain this file structure. Further adjustments are not necessary for single domain environments.

Every AD user has read access to the used object attributes. No additional permissions are needed.

The scripts

A .hta script is a HTML based vbScript, allowing output in a graphical userinterface. Every default Windows system can open these files, just by double click.

This post applies to: Windows 2003, Windows 2008, Windows 2012, Windows XP, Windows Vista, Windows 7, Windows 8.


Tips & Tweaks for Windows

Most read:



EU e-Privacy Directive

This site uses cookies for analytics, advertising and functional purposes. Please accept or decline the use of coockies on this site.

You have declined cookies. This decision can be reversed.

You have allowed cookies to be placed on your computer. This decision can be reversed.