I see, you want a conditional branch based on group membership. I can't
think of a way to do that in a batch file. You could redirect the output of
the dsget command to a text file. I thought I used to be able to check if a
text file was empty (zero bytes) in a batch file by copying it. If the file
was zero bytes the target file would not be created, which can be checked in
a batch file with "If Exists". I can't do it now. Either the copy command
behaves differently or I forget the exact technique. Maybe someone else
knows how.

Also, I find the /i switch is necessary in the find command to make it case
insensitive. The batch file I was testing with was:
========
@echo off
dsget group "cn=MyGroup,ou=Sales,dc=MyDomain,dc=com" -expand -members |
dsget user -samid -c | find /i "%username%" > temp1.txt

copy temp1.txt temp2.txt > nul

If Exist temp2.txt GoTo YES
Echo User not a member of the group
GoTo END

:YES
Echo User is a member of the group
del temp2.txt

:END
del temp1.txt
============
If temp.txt is zero bytes the current user is not a member of the group.
However, temp2.txt is created even if temp1.txt is zero bytes, to the above
always reports that the user is a member of the group.

--
Richard Mueller
Microsoft MVP Scripting and ADSI
Hilltop Lab - http://www.rlmueller.net
--

"Kshaeta" <visual.eyes@telus.net> wrote in message
news:%23MeahwK8HHA.5184@TK2MSFTNGP03.phx.gbl...
> The problem isn't finding out if the person is in the group, the problem
> is using that script in say, an if/then statement.
> Sort of like
> IF (dsget group "CN=Dudes,OU=OurOU,OU=ABC
> Network,DC=abcdef,DC=ca" -expand -members | dsget user -samid -c | find
> "%USERNAME%" == %USERNAME%) DEL file.txt ELSE DEL file2.txt
>
> However, I can't do the above; It won't let me compare the "dsget..." to
> the %USERNAME%.
>
> PS - I don't know if the del things works, thats not the problem. It's
> just to figure out how to get a true/false comparison.
>
> bill
>
>
> Richard Mueller [MVP] wrote:
>> Bill Tkach wrote:
>>
>>> I have a batch file script, that needs to see if a person belongs to a
>>> certain group. So I'm trying to compare the %USERNAME% (logged on user)
>>> to the members of the group, to see if I can get either a "doesn't
>>> match" or a "does match".
>>>
>>> Here's my query
>>>
>>> dsget group "CN=Dudes,OU=OurOU,OU=ABC
>>> Network,DC=abcdef,DC=ca" -expand -members | dsget user -samid -c | find
>>> "%USERNAME%"
>>>
>>> So, if you pass it the %username%, and there's a match, it returns the
>>> username.
>>> So, this gives me a name, but I can't match it the %USERNAME%... I can
>>> only get it to return the value. I can't get past this step.
>>>
>>> Is there another way to compare this, or, am I almost there?
>>>
>>> --
>>> Bill Tkach
>>> MSP, CCNA, A+
>>> visual{period}eyes{at}telus{period}net
>>
>> It seems to work. If a name is echoed, the current user is a member. If
>> nothing is echoed, the current user is not a member of the group. What do
>> you want to accomplish?
>>
>
>
> --
> Bill Tkach
> MSP, CCNA, A+
> visual{period}eyes{at}telus{period}net