get_all_zone_users command to check Active Directory and return a list of zone users defined within the specified zone and all of its parent zones. If executed in a script, this command does not output its list to stdout, and no output appears in the shell where the script is executed.
Note that this command does not use the currently selected zone to find its list of users. It uses instead the zone specified as an argument for the command. It ignores the currently selected zone. The selected zone remains the selected zone after the command executes.
get_all_zone_users [-upn] zone_DN
This command takes the following option:
Return user names in the Tcl list as universal principal names (UPNs).
This command takes the following argument:
Required. The distinguished name (DN) of the zone for which to return users.
This command returns a Tcl list of zone users defined in the currently selected zone and all of its parent zones. Each entry in the list is in the format sAMAccountName@domain. If a zone user is an orphan user (its corresponding Active Directory user no longer exists), the user is listed by its security identifier (SID) instead of the sAMAccountName.
-upn option is present, each entry in the returned Tcl list is a universal principal name (UPN).
The example returns the list of zone users:
email@example.com firstname.lastname@example.org email@example.com firstname.lastname@example.org email@example.com
Related Tcl library commands
The following commands perform actions related to this command:
- create_user creates a new zone user and user profile based on a specified Active Directory user.
- create_group creates a new zone group and group profile based on a specified Active Directory group.
- get_effective_groups returns a Tcl list of groups to which a specified user belongs.