Re: Add all users to a grouop - Help please
- From: "Richard Mueller [MVP]" <rlmueller-nospam@xxxxxxxxxxxxxxxxxxxx>
- Date: Tue, 20 May 2008 17:10:38 -0500
"Cmor" <cmor1701d@xxxxxxxxx> wrote in message
news:18491687-32c2-4884-8c3a-668c819ecaee@xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx
Hi,
I need to all all domain users to a group. I previously wrote a
script that read all the members of Group1 and added them in this new
group. I re-ran the script for Group2 when asked. That took care of
90% of our users. Now I have been asked to add all users to this
group. To the end I wrote the following code. It is not working and
I'm not sure why. As I am not a domain admin I have to get someone
else to run the script. Please let me know where I am going wrong and
what needs to be done to 'add all domain users to groupX".
TIA --
CODE:
Option Explicit
On Error Resume Next
Const ForReading = 1, ForWriting = 2, ForAppending = 8
Dim objConn, objComm, objRS, objUser, objFSO, oLogFile
Dim strBase, strFilter, strAttrs, strScope, strUser, objNewGroup
'**********************************************************************
'Set the ADO search criteria
'**********************************************************************
strBase = "<LDAP://dc=mydomain,dc=com>;"
strFilter = "(&(objectclass=user)(objectcategory=person));"
strAttrs = "ADsPath;"
strScope = "Subtree"
Set objFSO = CreateObject ("Scripting.FileSystemObject")
Set oLogFile = objFSO.OpenTextFile ("M:\scripts\DNS
\DWA_All_GROUP_Report.txt", ForWriting, True)
oLogFile.WriteLine vbTab & "DWA Group Changes made on: " & Now
set objConn = CreateObject("ADODB.Connection")
objConn.Provider = "ADsDSOObject"
objConn.Open
Set objComm = CreateObject("ADODB.Command")
Set objComm.ActiveConnection = objConn
objComm.CommandText = strBase & strFilter & strAttrs & strScope
objComm.Properties("Page Size") = 1000
Set objNewGroup = GetObject("LDAP://
CN=DWA,OU=No5,OU=No4,OU=No3,OU=No2,OU=Departments,DC=mydomain,DC=com")
Set objRS = objComm.Execute()
While not objRS.EOF
Set objUser = GetObject( objRS.Fields.Item("ADsPath").Value )
objNewGroup.Add "LDAP://"; & objUser.distinguishedName
objNewGroup.SetInfo
If Err.Number <> 0 Then
oLogFile.WriteLine vbTab & objUser.name & " Already exists"
Else
oLogFile.WriteLine vbTab & objUser.name & " Added"
End If
objRS.MoveNext
Wend
oLogFile.Close
WScript.Quit
Using "On Error Resume Next" makes it hard to troubleshoot. One thought.
When you use the Add method of the group object there is no need to invoke
the SetInfo method. I would use the IsMember method to check first if the
user is a member. Also, there is no need to bind to the user object. You
could just pass the value of the ADsPath attribute you retrieved to both the
IsMember and Add methods of the group object. The extra binding slows down
the script considerably.
I would suggest not using "On Error Resume Next" and using code similar to:
==========
Dim strADsPath
While not objRS.EOF
strADsPath = objRS.Fields.Item("ADsPath").Value
If (objNewGroup.IsMember(strADsPath) = False) Then
objNewGroup.Add(strADsPath)
oLogFile.WriteLine vbTab & objUser.name & " Added"
Else
oLogFile.WriteLine vbTab & objUser.name & " Already exists"
End If
objRS.MoveNext
Wend
--
Richard Mueller
MVP Directory Services
Hilltop Lab - http://www.rlmueller.net
--
.
- Follow-Ups:
- Re: Add all users to a grouop - Help please
- From: Cmor
- Re: Add all users to a grouop - Help please
- References:
- Add all users to a grouop - Help please
- From: Cmor
- Add all users to a grouop - Help please
- Prev by Date: Re: how to decrease user level?
- Next by Date: Re: DNS timestamp conversion
- Previous by thread: Add all users to a grouop - Help please
- Next by thread: Re: Add all users to a grouop - Help please
- Index(es):
Relevant Pages
|
