Hello everyone. Firstly, I'm sorry if i posted this in the wrong area, I couldn't find a specific "batch" forum. I've been working on a batch script to query active diretory for a supplied user account and report back with the users group memberships. Stupidly i did this with a batch file. I know I should have went to WSH or whatever, but I don't have time to learn a new language right now. It's not the best script, and I'm sure all the temp files could be eliminated. But here is the issue. It works on about 7 out of 10 user accounts in our domain. The other 3 return "referral from server". I assume this has something to do with the beginning of the script. Instead of forcing the user to enter a full DN, it set it up so they enter the logon name i.e. "robm" and DSQUERY will find the account and pull out the DN. The problem is, DSQUERY can't take a whole name, just a part of a name with a wildcard(*) don't ask me why. So the script gets the username, and only takes the first 3 letters. I'm thinking the problem is there, with certain accounts, because the naming sceme is suppsoed to be firstnameFirstInitialofLastname i.e rob mac = robm. The script also references a vbscript to replace certain text in the temp files to format that to be used as variable values. I know it works, but jsut not on all accounts. If someone can spot a problem, please fill me in. Aswell, it would be great if someone could show me a way to set it to only trim the last character off the user account, instead of taking the first 3 letters, I think that's where the problem is starting. If i rem out all the delete tempfile parts, everything is pulling out the right information (i get the list of matching accounts, DN, etc) Here's the script *** ECHO OFF TITLE Group Membership Scanner By: Rob MacDonald 2005 CLS COLOR 0a REM Ask user for username, pass it to variable USER set /p user=[Please Enter The Full User name:] REM pass USER value to USERTRIM, which only takes the first 3 letters SET usertrim=%user:~0,3% REM Query Active directory for all users with names starting with value of USERTRIM REM Pipe DSQUERY results to DSGET, which pulls out the DN and dumps to DN.TXT dsquery user forestroot -limit 0 -name %usertrim%* | dsget user -dn -upn > dn.txt CLS REM Searches DN.TXT for value of USER then dumps that line to USER.TXT FIND "%user%" dn.txt > user.txt REM Pass value of USER to USER2.TXT echo %user% > user2.txt REM set value of VAR to text contained in USER2.TXT SET /P VAR=<user2.txt REM delete temp files del dn.txt del user2.txt CLS REM Call hopeso.vbs to clean up USER.TXT cscript hopeso.vbs user.txt "@atlantic.cgi.ca" "" CLS cscript hopeso.vbs user.txt "---------- DN.TXT" "" CLS cscript hopeso.vbs user.txt %var% "" CLS REM Remove empty line at beginning of USER.TXT and dump that to USER3.TXT For /F "tokens=* delims=" %%A in (user.txt) Do Echo %%A >> user3.txt REM Delete temp file DEL user.txt CLS REM Call hopeso.vbs to clean up USER3.TXT cscript hopeso.vbs user3.txt " CN=" "CN=" CLS cscript hopeso.vbs user3.txt "DC=ca " "DC=ca" CLS REM Set value of CONTEXT to the text in USER3.TXT SET /p context=<user3.txt REM use value of CONTEXT to get users group membership and dump that to %VAR%groups.txt REM %VAR%groups.txt will appear as "username groups.txt" dsget user "%context%" -memberof -expand -l > "%var%groups.txt" REM Delete temp file del user3.txt CLS REM Call hopeso.vbs to cleanup %VAR%GROUPS.TXT cscript hopeso.vbs "%var%groups.txt" "CN=" "" CLS cscript hopeso.vbs "%var%groups.txt" "OU=" "" CLS cscript hopeso.vbs "%var%groups.txt" "DC=" "" CLS cscript hopeso.vbs "%var%groups.txt" ",,,atlantic,cgi,ca" "" CLS cscript hopeso.vbs "%var%groups.txt" ",atlantic,cgi,ca" "" cls REM Open %VAR%GROUPS.TXT in notepad to display users group membership start notepad.exe "%var%groups.txt" *** thanks everyone for your time Cannucks do it in the snow

opps, should tell you. It's a 2003 server environment, and the script is being created/run from an XP machine. I have access to view all accounts in the forest, so I don't think it's a permission issue. Cannucks do it in the snow

Hi, I don't have a server, but if you like, post a few lines from each temp file and I'll have a go at it. If at first you don't succeed, you're about average. M2