In order to query the log, in addtion to the builtin query viewer of ISA, you can install SQL client tools, then use SQL Analyzer to connect to ISA-SERVER\MSFW (replace ISA-SERVER with your actual server name) and query the log. See the example here.

The builtin query viewer of ISA can show only the first 10,000 log records.

In addition, you can use the script to show the log entries. A sample script can be downloaded here. It can query the last 30 days of log. Just download it, rename it to a *.vbs file, and run it on your ISA Server. Make sure to change the first 2 input data (LogDate and ClientUserName) in the script file to match your actual data before runing. And, don’t forget that the script syntax is cscript LogQuery.vbs [LogData.txt]

Below is a sample result of a script query.

To further customize the script, you can study the ISA constants in an SDK include file named comenum.h. Other ISA development topics can be found here.

Script That Displays Group Membership and Active Directory Location

The following code can be run to display the group membership of an Active Directory group and also let you know each member’s LDAP Distinguished Name.  The output will name the text file the group name and will include all the members and their location in Active Directory.  Just copy this into a txt file and rename to .vbs  Enjoy!

Set objGroup = GetObject(“LDAP://cn=GroupName,ou=OUName,DC=DomainName,DC=local“)
Set objFileSystem = CreateObject(“Scripting.FileSystemObject”)
Set objFile = objFileSystem.OpenTextFile(objGroup.Get(“name”) & ” – Members.txt“, 2, True, 0)
For Each objMember in objGroup.Members
objFile.WriteLine objMember.Get(“sAMAccountName”) & VbTab & _
objMember.Get(“cn”) & VbTab & _
objMember.Parent
Next
Set objFile = Nothing
Set objFileSystem = Nothing
Set objGroup = Nothing

Export Email Addresses from a Distribution Group

One thing that really bugs me is there is no easy way to grab some email addresses from a distribution group.  Usually I end up expanded the group to list all the users and then I have to go to the Outlook properties of each user to view the email address.  Heck, I can’t even copy the email address from there…instead I have to write it down.  This can be a pain for companies that have long complex email addresses.

I’ve finally figured out a way to export this info into a text file…no one said I was quick.    To do this you just need to use either CSVDE or LDIFDE.  I use mail as the attribute I pull from these commands but you could really use any AD attribute that you want to pull.

csvde -f c:\temp\report.txt -r “memberOf=cn=group name,ou=ou name,dc=domain,dc=name” -l mail

ldifde -f c:\temp\report.txt -r “memberOf=cn=group name,ou=ou name,dc=domain,dc=name” -l mail

This may not be the cleanest way to pull this data but at least now I can copy and paste the email addresses.

Script to Determine Members of a Group

DSGET GROUP CN=West_Coast_Sales,OU=Sales,OU=GROUPS,DC=adminprep,DC=com -MEMBERS –EXPAND

“CN=bmiller,OU=Sales,DC=adminprep,DC=com ”
“CN=jsmith,OU=Sales,DC=adminprep,DC=com ”
“CN=dregan,OU=Sales,DC=adminprep,DC=com ”
“CN=lramero,OU=Sales,DC=adminprep,DC=com ”
“CN=cpeters,OU=Sales,DC=adminprep,DC=com ”
“CN=jhorton,OU=Sales,DC=adminprep,DC=com “

How to Display the Groups a User is a Member of

I’ve been trying to work more and more with scripts and today I’m sharing a simple but useful one. How to display the groups a user account is a member of. To display a user’s groups via the command prompt you need to use the dsget command with the -memberof and -expand switches. The -expand command will list all of the groups that you belong to that are nested in other groups.
Below is an example of how this would look:

dsget user “CN=Brian W. McCann,OU=Users,OU=Sales,DC=Adminprep,DC=com” -memberof -expand

The output would look similar to this:

“CN=GG Sales,OU=Groups,OU=Sales,DC=Adminprep,DC=com”
“CN=Domain Admins,CN=Users,DC=Adminprep,DC=com”
“CN=Domain Users,CN=Users,DC=Adminprep,DC=com”
“CN=GG Inside Sales,OU=Groups,OU=Sales,DC=Adminprep,DC=com”
“CN=GG Outside Sales,OU=Groups,OU=Sales,DC=Adminprep,DC=com”
“CN=Administrators,CN=Builtin,DC=Adminprep,DC=com”
“CN=Users,CN=Builtin,DC=Adminprep,DC=com”

From Source.