Regardless of whether you have a Windows 2000 Active Directory domain or a Windows NT 4.0 domain, the scripts on this page will allow you to generate various user property reports, even if you have minimal scripting skills.

NOTE: The scripts MUST be run on a Windows 2000 / Windows NT 4.0 member workstation or server.

If you open a CMD prompt and type NET USER UserName /Domain, you would receive output similar to:

The request will be processed at a domain controller for domain <Domain Name>

User name                    Test
Full Name                    Test Tester
Comment                      Test account
User's comment               A comment
Country code                 (null)
Account active               Yes
Account expires              Never
Password last set            02/12/2001 21:34
Password expires             03/13/2001 20:00
Password changeable          02/12/2001 21:34
Password required            Yes
User may change password     Yes
Workstations allowed         JSI005,JSI006,JSI007
Logon script                 logon.bat
User profile                 \\JSI001\Profiles\Jerry
Home directory               \\JSI001\Home\Jerry  
Last logon                   02/24/2001 09:34
Logon hours allowed          Monday 06:00 - 18:00
                             Tuesday 06:00 - 18:00
                             Wednesday 06:00 - 18:00
                             Thursday 06:00 - 18:00
                             Friday 06:00 - 18:00
Local Group Memberships      *Users              
Global Group memberships     *Sales                *Marketing
                             *Accounting           *Domain Users
                             *Personnel
The command completed successfully.
For any user, the first 18 lines of the display have the same line titles. Since Logon hours allowed, Local Group Memberships, and Global Group memberships can each have a variable number of entries, lines 19 - XX can have variable (or no) titles, but these scripts make it easy to identify the data.

To use the scripts, type:

JSIDUGet Full_Path_To_YourBat.bat File

where Full_Path_To_YourBat.bat can be as simple as:

@echo off
If "%Final%" EQU "Y" goto end
call jsiduser
:end
This would product a report of every user, displaying the non-default data. The report, written to File, would look similar to:
User name                    Guest
Comment                      Built-in account for guest access to the computer/domain
Account active               No
Password last set            02/25/2001 06:26
Password changeable          02/25/2001 06:26
Password required            No
User may change password     No
Last logon                   Never
Local Group Memberships      *Guests                
Global Group memberships     *Domain Guests        *Domain Users          
_______________________________________________________________________________________________
                                                                                              *
User name                    Jennifer
Full Name                    Jennifer V. Schulman
Password last set            02/12/2000 21:47
Password changeable          02/12/2000 21:47
Last logon                   02/24/2001 07:14
Global Group memberships     *Domain Users          
_______________________________________________________________________________________________
                                                                                              *
User name                    Test
Full Name                    Test Tester
Comment                      Test account
User's comment               A comment
Password last set            02/12/2001 21:34
Password expires             03/13/2001 20:00
Password changeable          02/12/2001 21:34
Workstations allowed         JSI005,JSI006,JSI007
Logon script                 logon.bat
User profile                 \\JSI001\Profiles\Jerry
Home directory               \\JSI001\Home\Jerry  
Last logon                   02/24/2001 09:34
Logon hours allowed          Monday 06:00 - 18:00
                             Tuesday 06:00 - 18:00
                             Wednesday 06:00 - 18:00
                             Thursday 06:00 - 18:00
                             Friday 06:00 - 18:00
Global Group memberships     *Sales                *Marketing
                             *Accounting           *Domain Users
                             *Personnel
_______________________________________________________________________________________________
NOTE: If you prefer, You can call your own reporting script.

The following environment variables are available to Full_Path_To_YourBat.bat:

<b>actv</b>         <b>Y</b>-account is active, <b>N</b>-not active.
<b>file</b>         The output report path.
<b>Final</b>        <b>Y</b>-all records have been processed, <b>N</b>-process the current record.
<b>First</b>        <b>Y</b>-a switch you can use and set.
<b>line<i>NN</i></b>       line01=User name                    Joe
             line02=Full Name                    Joe User
             line03=Comment                      Just a sample
             line04=User's comment
             line05=Country code                 000 (System Default)
             line06=Account active               Yes
             line07=Account expires              Never
             line08=Password last set            02/12/2001 20:27
             line09=Password expires             02/28/2001 19:13
             line10=Password changeable          02/12/2001 20:27
             line11=Password required            Yes
             line12=User may change password     Yes
             line13=Workstations allowed         All
             line14=Logon script                 logon.bat
             line15=User profile                 profile path
             line16=Home directory               home folder path
             line17=Last logon                   02/27/2001 00:32
             line18=Logon hours allowed          All
             +line19=Local Group Memberships      *Users
             +line20=Global Group memberships     *Sales                *Domain Users
<b>max</b>          The number of lines.
<b>NOWDD</b>        The current day.
<b>NOWHH</b>        The current hour.
<b>NOWMM</b>        The current month.
<b>NOWMX</b>        The current minute
<b>NOWYMD</b>       The current year/month/day
<b>NOWYMDHM</b>     The current year/month/day/hour/minute
<b>NOWYY</b>        The current year.
<b>UserAcnt</b>     The current UserName.
<b>XDD07</b>        The account Expires day.
<b>XDD08</b>        The password last set day.
<b>XDD09</b>        The password expires day.
<b>XDD10</b>        The password changeable day.
<b>XDD17</b>        The last logon day.
<b>XHH07</b>        The account Expires hour.
<b>XHH08</b>        The password last set hour.
<b>XHH09</b>        The password expires hour.  
<b>XHH10</b>        The password changeable hour.
<b>XHH17</b>        The last logon hour.
<b>XMM07</b>        The account Expires month.
<b>XMM08</b>        The password last set month.
<b>XMM09</b>        The password expires month.
<b>XMM10</b>        The password changeable month.
<b>XMM17</b>        The last logon month.
<b>XMX07</b>        The account Expires minute.
<b>XMX08</b>        The password last set minute.
<b>XMX09</b>        The password expires minute.
<b>XMX10</b>        The password changeable minute.
<b>XMX17</b>        The last logon minute.
<b>XYMD07</b>       The Account Expires year/month/day.
<b>XYMD08</b>       The Password last set year/month/day.
<b>XYMD09</b>       The password expires year/month/day.
<b>XYMD10</b>       The password changeable year/month/day.
<b>XYMD17</b>       The last logon year/month/day.
<b>XYMDHM07</b>     The Account Expires year/month/day/hour/minute.
<b>XYMDHM08</b>     The password last set year/month/day/hour/minute.
<b>XYMDHM09</b>     The password expires year/month/day/hour/minute.
<b>XYMDHM10</b>     The password changeable year/month/day/hour/minute.
<b>XYMDHM17</b>     The last logon year/month/day/hour/minute.
<b>XYY07</b>        The Account Expires year.
<b>XYY08</b>        The password last set year.
<b>XYY09</b>        The password expires year
<b>XYY10</b>        The password changeable year.
<b>XYY17</b>        The last logon year.
On any <b>line<i>NN</i></b>, the data at the beginning of the line can be addresses as
 <b>%line<i>NN</i>:~0,<length></b> and the data in the right hand column can be address as
 <b>%line<i>NN</i>:~29,<length></b>.
The JSIDUGet.bat script is responsible for retrieving all the users. For each user, it creates the environment variables and calls Full_Path_To_YourBat.bat. JSIDUGet.bat contains:
@echo off
if NOT \{%1\}<h1><a name="_goto_begin_syntax_echo_Syntax_JSIDUGet_YourBat_bat_File_goto_end_begin_if_2_">\{\} goto begin
:syntax
@echo Syntax: JSIDUGet YourBat.bat File
goto end
:begin
if \{%2\}</a></h1>\{\} goto Syntax
if not exist %1 goto Syntax
setlocal
set yourbat=%1
set file=%2
if exist %file% del /q %file%
for /f "tokens=2,3,4* delims=/ " %%i in ('date /t') do set NOWMM=%%i&set NOWDD=%%j&set NOWYY=%%k
for /f "tokens=1,2 delims=:" %%i in ('time /t') do set NOWHH=%%i&set NOWMX=%%j
set NOWHH=%NOWHH: =0%
set NOWYMD=%NOWYY%%NOWMM%%NOWDD%
set NOWYMDHM=%NOWYMD%%NOWHH%%NOWMX%
set wrk=           #
set blank=%wrk:~0,10%
set Final=N
set First=Y
for /f "Skip=6 Tokens=*" %%i in ('net users /domain') do call :parse "%%i"
set Final=Y
set /a max=0
set actv=N
call %yourbat%
endlocal
goto end
:parse
set str=#%1#
set str=%str:#"=%
set str=%str:"#=%
if "%str%"<h1><a name="_The_command_completed_successfully_goto_end_set_substr_str_0_25_#_set_substr_substr_set_substr_substr_#_set_substr_substr_#_if_substr_">"The command completed successfully." goto end
set substr=%str:~0,25%#
set substr=%substr:  =%
set substr=%substr: #=%
set substr=%substr:#=%
if "%substr%"</a></h1>"" goto end
set /a cnt=0
set UserAcnt=%substr%
for /f "Skip=1 Tokens=*" %%i in ('net user "%substr%" /domain') do call :parse1 "%%i"
set substr=%str:~25,25%#
set substr=%substr:  =%
set substr=%substr: #=%
set substr=%substr:#=%
if "%substr%"<h1><a name="_goto_end_set_a_cnt_0_set_UserAcnt_substr_for_f_Skip_1_Tokens_i_in_net_user_substr_domain_do_call_parse1_i_set_substr_str_50_25_#_set_substr_substr_set_substr_substr_#_set_substr_substr_#_if_substr_">"" goto end
set /a cnt=0
set UserAcnt=%substr%
for /f "Skip=1 Tokens=*" %%i in ('net user "%substr%" /domain') do call :parse1 "%%i"
set substr=%str:~50,25%#
set substr=%substr:  =%
set substr=%substr: #=%
set substr=%substr:#=%
if "%substr%"</a></h1>"" goto end
set /a cnt=0
set UserAcnt=%substr%
for /f "Skip=1 Tokens=*" %%i in ('net user "%substr%" /domain') do call :parse1 "%%i"
goto end
:dates
if "%ustr:~29,5%"<h1><a name="_Never_set_XMM_12_amp_set_XDD_31_amp_set_XYY_9999_amp_set_XHH_24_amp_set_XMX_00_amp_goto_datesf_set_edt_ustr_29_16_for_f_Tokens_1_5_Delims_j_in_echo_edt_do_set_XMM_j_amp_set_XDD_k_amp_set_XYY_l_amp_set_XHH_m_amp_set_XMX_n_datesf_set_XHH_XHH_0_set_XYMD_XYY_XMM_XDD_set_XYMDHM_XYMD_XHH_XMX_set_XMM_lne_XMM_set_XDD_lne_XDD_set_XYY_lne_XYY_set_XHH_lne_XHH_set_XMX_lne_XMX_set_XYMD_lne_XYMD_set_XYMDHM_lne_XYMDHM_goto_end_parse1_set_a_cnt_cnt_1_set_ustr_1_if_ustr_">"Never" set XMM=12&set XDD%=31&set XYY=9999&set XHH=24&set XMX=00&goto datesf
set edt=%ustr:~29,16%
for /f "Tokens=1-5 Delims=/: " %%j in ('@echo %edt%') do set XMM=%%j&set XDD=%%k&set XYY=%%l&set XHH=%%m&set XMX=%%n
:datesf
set XHH=%XHH: =0%
set XYMD=%XYY%%XMM%%XDD%
set XYMDHM=%XYMD%%XHH%%XMX%
set XMM%lne%=%XMM%
set XDD%lne%=%XDD%
set XYY%lne%=%XYY%
set XHH%lne%=%XHH%
set XMX%lne%=%XMX%
set XYMD%lne%=%XYMD%
set XYMDHM%lne%=%XYMDHM%
goto end
:parse1
set /a cnt=%cnt% + 1
set ustr=%1
if %ustr%</a></h1>"The command completed successfully." goto User
set ustr=%ustr:"=%
set /a wrk=%cnt% + 100
set wrk=%wrk%
set lne=%wrk:~1,2%
set line=%ustr%
if "%lne%" LSS "19" goto parse2
if "%line:~0,1%" EQU "*" set line=%line%
if "%line:~0,8%" EQU "Local Gr" goto parse2
if "%line:~0,8%" EQU "Global G" goto parse2
set line=                             %line%
:parse2
if "%line:~29,1%" EQU "" set line=%line%%blank%&goto parse2
set line%lne%=%line%
if %cnt% EQU 6 set actv=%ustr:~29,1%&goto end
if %cnt% LSS 7 goto end
if %cnt% LSS 11 goto dates
if %cnt% EQU 17 goto dates
goto end
:user
set /a max=%cnt% - 1
call %yourbat%
:end
NOTE: If you wanted the run JSIDUGet.bat on a domain controller, you must replace the 3 occurrences of "Skip=1 Tokens=*" with "Tokens=*".

The standard reporting script, JSIUser.bat, contains:

@echo off
setlocal
set /a seq=0
for /l %%i in (1,1,%max%) do call :parse1
@echo __________________________________________________________________________________ >> %file%
@echo                                                                                  * >> %file%
endlocal
goto end
:num5
if "%line:~29,3%"<h1><a name="_000_goto_end_if_line_29_3_">"000" goto end
if "%line:~29,3%"</a></h1>"(nu" goto end
goto out1
:num6
if "%line:~29,3%"<h1><a name="_Yes_goto_end_goto_out1_num7_if_line_29_3_">"Yes" goto end
goto out1
:num7
if "%line:~29,3%"</a></h1>"Nev" goto end
goto out1
:num8
:num9
:num10
:num11
:num12
if "%line:~29,3%"<h1><a name="_Yes_goto_end_goto_num7_num13_if_line_29_3_">"Yes" goto end
goto num7
:num13
if "%line:~29,3%"</a></h1>"All" goto end
goto out1
:num18
if "%line:~29,3%"<h1><a name="_All_goto_end_goto_out1_parse1_set_a_seq_seq_1_set_a_wrk_seq_100_set_wrk_wrk_set_lne_wrk_1_2_for_f_Tokens_2_Delims">"All" goto end
goto out1
:parse1
set /a seq=%seq% + 1
set /a wrk=%seq% + 100
set wrk=%wrk%
set lne=%wrk:~1,2%
for /f "Tokens=2 Delims</a></h1>" %%i in ('set line%lne%') do @set line=%%i
goto num%seq%
:num2
goto out
:num3
goto out
:num4
goto out
:num14
goto out
:num15
goto out
:num16
goto out
:num17
goto out
:num19
goto out
:num20
goto out
:num21
goto out
:num22
goto out
:num23
goto out
:num24
goto out
:num25
goto out
:num26
goto out
:num27
goto out
:num28
goto out
:num29
goto out
:num30
goto out
:num31
goto out
:num32
goto out
:num33
goto out
:num34
goto out
:num35
goto out
:num36
:out
if "%line:~29,1%"<h1><a name="_goto_end_num1_out1_echo_line_gt_gt_file_end_pre_hr_size_3_If_you_wanted_to_report_the_user_accounts_whose_passwords_have_expired_your_b_Full_Path_To_YourBat_bat_b_would_contain_pre_echo_off_If_Final_EQU_Y_goto_end_REM_Select_only_active_accounts_if_actv_EQU_N_goto_end_If_NOWYMDHM_GTR_XYMDHM09_goto_end_REM_If_you_wish_to_include_the_accounts_whose_password_will_expire_today_use_If_NOWYMD_GTR_XYMD09_goto_end_call_jsiduser_end_pre_hr_size_3_To_report_all_expired_accounts_pre_echo_off_If_Final_EQU_Y_goto_end_If_NOWYMDHM_GTR_XYMDHM07_goto_end_REM_If_you_wish_to_include_the_accounts_that_will_expire_today_use_If_NOWYMD_GTR_XYMD07_goto_end_call_jsiduser_end_pre_hr_size_3_To_report_all_accounts_that_do_not_have_a_logon_script_configured_pre_echo_off_If_Final_EQU_Y_goto_end_if_actv_EQU_N_goto_end_if_line14_29_1_GTR_goto_end_call_jsiduser_end_pre_hr_size_3_To_report_all_active_accounts_that_have_never_logged_on_pre_echo_off_If_Final_EQU_Y_goto_end_if_actv_EQU_N_goto_end_if_not_line17_29_5_EQU_Never_goto_end_call_jsiduser_end_pre_hr_size_3_To_report_all_active_users_who_are_members_of_the_b_Domain_Admins_b_group_pre_echo_off_If_Final_EQU_Y_goto_end_if_actv_EQU_N_goto_end_If_max_LSS_19_goto_end_set_DA_N_for_l_i_in_19_1_max_do_call_parse_i_if_DA_EQU_N_goto_end_call_jsiduser_goto_end_parse_if_DA_EQU_Y_goto_end_set_lne_1_for_f_Tokens_2_Delims">" " goto end
:num1
:out1
@echo %line% >> %file%
:end</a></h1>

If you wanted to report the user accounts whose passwords have expired, your Full_Path_To_YourBat.bat would contain:
@echo off
If "%Final%" EQU "Y" goto end
REM Select only active accounts
if "%actv%" EQU "N" goto end
If "%NOWYMDHM%" GTR "%XYMDHM09%" goto end  
REM If you wish to include the accounts whose password will expire today, use: If "%NOWYMD%" GTR "%XYMD09%" goto end
call jsiduser
:end

To report all expired accounts:
@echo off
If "%Final%" EQU "Y" goto end
If "%NOWYMDHM%" GTR "%XYMDHM07%" goto end  
REM If you wish to include the accounts that will expire today, use: If "%NOWYMD%" GTR "%XYMD07%" goto end
call jsiduser
:end

To report all accounts that do not have a logon script configured:
@echo off
If "%Final%" EQU "Y" goto end
if "%actv%" EQU "N" goto end
if "%line14:~29,1%" GTR " " goto end
call jsiduser
:end

To report all active accounts that have never logged on:
@echo off
If "%Final%" EQU "Y" goto end
if "%actv%" EQU "N" goto end
if not "%line17:~29,5%" EQU "Never" goto end
call jsiduser
:end

To report all active users who are members of the Domain Admins group:
@echo off
If "%Final%" EQU "Y" goto end
if "%actv%" EQU "N" goto end
If %max% LSS 19 goto end
set DA=N
for /l %%i in (19,1,%max%) do call :parse %%i
if "%DA%" EQU "N" goto end
call jsiduser
goto end
:parse
if "%DA%" EQU "Y" goto end
set lne=%1
for /f "Tokens=2 Delims" %%j in ('set line%lne%') do @set line=%%j
if "%line:~29,14%" EQU "*Domain Admins" set DA=Y&goto end
if "%line:~51,14%" EQU "*Domain Admins" set DA=Y
:end

To report all active accounts that have logon hour restrictions on Wednesday:
@echo off
If "%Final%" EQU "Y" goto end
if "%actv%" EQU "N" goto end
set Wed=N
for /l %%i in (18,1,%max%) do call :parse %%i
if "%Wed%" EQU "N" goto end
call jsiduser
goto end
:parse
if "%Wed%" EQU "Y" goto end
set lne=%1
for /f "Tokens=2 Delims<h1><a name="_j_in_set_line_lne_do_set_line_j_if_line_29_1_EQU_goto_end_If_line_29_3_EQU_Wed_set_Wed_Y_end_pre_hr_size_3_To_report_all_active_users_that_have_workstation_restriction_who_are_allowed_to_log_onto_JSI006_pre_echo_off_If_Final_EQU_Y_goto_end_if_actv_EQU_N_goto_end_if_line13_29_3_EQU_All_goto_end_set_Work_N_REM_A_maximum_of_8_workstations_and_a_maximum_computer_name_of_20_and_up_to_7_commas_1_for_good_measure_set_worklist_line13_29_168_for_f_Tokens_1_8_Delims_i_in_echo_worklist_do_call_parse_i_j_k_l_m_n_o_p_if_Work_EQU_N_goto_end_call_jsiduser_goto_end_parse_loop_if_1_EQU_goto_end_set_workstn_1_If_i_workstn_0_6_EQU_JSI006_set_Work_Y_amp_goto_end_shift_goto_loop_end_pre_hr_size_3_To_report_all_active_accounts_that_haven_t_logged_on_in_30_days_pre_echo_If_Final_EQU_Y_goto_end_if_actv_EQU_N_goto_end_Call_a_href_article_jsifaq_jsi_tip_0863_time_math_aspx_JSIDateM_a_XYY_XMM_XDD_NOWYY_NOWMM_NOWDD_If_NDD_GTR_30_goto_end_call_jsiduser_end_pre_hr_size_3_To_generate_a_sorted_report_of_domain_group_membership_your_b_Full_Path_To_YourBat_bat_b_would_contain_pre_echo_off_If_Final_EQU_Y_goto_phase2_if_First_EQU_N_goto_phase1_set_First_N_if_exist_TEMP_sortin_tmp_del_q_TEMP_sortin_tmp_if_exist_TEMP_sortou_tmp_del_q_TEMP_sortou_tmp_phase1_if_actv_EQU_N_goto_end_If_max_LSS_19_goto_end_set_Glob_N_for_l_i_in_19_1_max_do_call_parse_i_goto_end_phase2_sort_TEMP_sortin_tmp_O_TEMP_sortou_tmp_del_q_TEMP_sortin_tmp_set_pgrp_#_set_blank_#_set_spac_blank_0_20_for_f_Tokens_i_in_TEMP_sortou_tmp_do_call_report_i_del_q_TEMP_sortou_tmp_goto_end_report_set_line_1_set_line_line_if_pgrp_EQU_line_0_20_goto_detail_set_pgrp_line_0_20_echo____________________________________________gt_gt_File_echo_gt_gt_File_echo_line_gt_gt_File_goto_end_detail_set_data_line_20_99_echo_spac_data_gt_gt_File_goto_end_parse_set_lne_1_for_f_Tokens_2_Delims">" %%j in ('set line%lne%') do @set line=%%j
if "%line:~29,1%" EQU "*" goto end
If "%line:~29,3%" EQU "Wed" set Wed=Y
:end</a></h1>

To report all active users that have workstation restriction who are allowed to log onto JSI006:
@echo off
If "%Final%" EQU "Y" goto end
if "%actv%" EQU "N" goto end
if "%line13:~29,3%" EQU "All" goto end
set Work=N
REM A maximum of 8 workstations and a maximum computer name of 20 and up to 7 commas + 1 for good measure
set worklist=%line13:~29,168%
for /f "Tokens=1-8 Delims=, " %%i in ('@echo %worklist%') do call :parse %%i %%j %%k %%l %%m %%n %%o %%p
if "%Work%" EQU "N" goto end
call jsiduser
goto end
:parse
:loop
if \{%1\} EQU \{\} goto end
set workstn=%1
If /i "%workstn:~0,6%" EQU "JSI006" set Work=Y&goto end
shift
goto loop
:end

To report all active accounts that haven't logged on in 30 days:
@echo
If "%Final%" EQU "Y" goto end
if "%actv%" EQU "N" goto end
Call <a href="/article/jsifaq/jsi-tip-0863-time-math-.aspx">JSIDateM</a> %XYY% %XMM% %XDD% - %NOWYY% %NOWMM% %NOWDD%
If %NDD% GTR -30 goto end
call jsiduser
:end

To generate a sorted report of domain group membership, your Full_Path_To_YourBat.bat would contain:
@echo off
If "%Final%" EQU "Y" goto phase2
if "%First%" EQU "N" goto phase1
set First=N
if exist %TEMP%\sortin.tmp del /q %TEMP%\sortin.tmp
if exist %TEMP%\sortou.tmp del /q %TEMP%\sortou.tmp
:phase1
if "%actv%" EQU "N" goto end
If %max% LSS 19 goto end
set Glob=N
for /l %%i in (19,1,%max%) do call :parse %%i
goto end
:phase2
sort %TEMP%\sortin.tmp /O %TEMP%\sortou.tmp
del /q %TEMP%\sortin.tmp
set pgrp= #
set blank=                      #
set spac=%blank:~0,20%
for /f "Tokens=*" %%i in (%TEMP%\sortou.tmp) do call :report "%%i"
del /q %TEMP%\sortou.tmp
goto end
:report
set line=%1
set line=%line:"=%
if "%pgrp%" EQU "%line:~0,20%" goto detail
set pgrp=%line:~0,20%
@echo __________________________________________ >>%File%
@echo                                          * >>%File%
@echo %line%>>%File%
goto end
:detail
set data=%line:~20,99%
@echo %spac%%data%>>%File%
goto end
:parse
set lne=%1
for /f "Tokens=2 Delims" %%j in ('set line%lne%') do @set line=%%j
if "%line:~0,6%" EQU "Global" set Glob=Y
If "%Glob%" EQU "N" goto end
if not "%line:~29,1%" EQU "*" goto end
set grp=%line:~30,20%                          #
set group=%grp:~0,25%
@echo %group% %UserAcnt% >>%TEMP%\sortin.tmp
if not "%line:~51,1%" EQU "*" goto end
set grp=%line:~52,20%                          #
set group=%grp:~0,25%
@echo %group% %UserAcnt% >>%TEMP%\sortin.tmp
:end
The sorted report would look like:
__________________________________________
                                         *
Domain Admins             Administrator
                          Jerry
__________________________________________
                                         *
Domain Users              Administrator
                          Jennifer
                          Jerry
                          test
__________________________________________
                                         *
Enterprise Admins         Administrator
                          Jerry
__________________________________________
                                         *
Group Policy Creator      Administrator
__________________________________________
                                         *
Installers                Jerry
__________________________________________
                                         *
Schema Admins             Administrator
                          Jerry
NOTE: Other general routines include:

tip 0863 » Time Math.

tip 0721 » General purpose date math routine.