VBScript program demonstrating the use of an efficient IsMember function to test for group membership for a single user or computer. The function reveals membership in nested groups. However, it does not reveal membership in the "Primary Group". The IsMember function uses a dictionary object, so that group memberships only have to be enumerated once, no matter how many times the function is called. The function uses a recursive subroutine to populate the dictionary object. The subroutine is coded to prevent an infinite loop if the "nested" groups are circular.

This program uses the LDAP provider to bind to the user or computer object in Active Directory.

This program should work on any 32-bit Windows client that can log onto the domain. Windows NT and Windows 98/95 clients should have DSClient installed. If DSClient is not installed, WSH and ADSI should be installed.

Typically, this IsMember function would be used in a logon script to map drives to network shares according to user group membership. It can also be used to map local ports to shared printers according to computer group membership. However, it can't be used to test both user and computer group membership in the same program.

IsMember2.txt <<-- Click here to view or download the program