Re: Add all users to a grouop - Help please

From: Cmor <cmor1701d@xxxxxxxxx>
Date: Thu, 22 May 2008 05:33:45 -0700 (PDT)

Thanks Richard. That worked.

To Al & Allan,

The new group is used by a webmail appliance that can not deal with
nested groups. I originally added the members of the 'Site' groups
that should have contained all current users. It became apparant that
quite a few 'new hires' over the past year were never added to one of
those groups. Mgmt. decided it was more expediant to add all domain
users to the new webmail group rather than to fix the problem
correctly.

On May 20, 6:10 pm, "Richard Mueller [MVP]" <rlmueller-
nos...@xxxxxxxxxxxxxxxxxxxx> wrote:

"Cmor" <cmor17...@xxxxxxxxx> wrote in message

news:18491687-32c2-4884-8c3a-668c819ecaee@xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx

Hi,

I need to all all domain users to a group. I previously wrote a
script that read all the members of Group1 and added them in this new
group. I re-ran the script for Group2 when asked. That took care of
90% of our users. Now I have been asked to add all users to this
group. To the end I wrote the following code. It is not working and
I'm not sure why. As I am not a domain admin I have to get someone
else to run the script. Please let me know where I am going wrong and
what needs to be done to 'add all domain users to groupX".

TIA --

CODE:
Option Explicit
On Error Resume Next
Const ForReading = 1, ForWriting = 2, ForAppending = 8

Dim objConn, objComm, objRS, objUser, objFSO, oLogFile
Dim strBase, strFilter, strAttrs, strScope, strUser, objNewGroup
'**********************************************************************
'Set the ADO search criteria
'**********************************************************************
strBase = "<LDAP://dc=mydomain,dc=com>;"
strFilter = "(&(objectclass=user)(objectcategory=person));"
strAttrs = "ADsPath;"
strScope = "Subtree"

Set objFSO = CreateObject ("Scripting.FileSystemObject")
Set oLogFile = objFSO.OpenTextFile ("M:\scripts\DNS
\DWA_All_GROUP_Report.txt", ForWriting, True)
oLogFile.WriteLine vbTab & "DWA Group Changes made on: " & Now

set objConn = CreateObject("ADODB.Connection")
objConn.Provider = "ADsDSOObject"
objConn.Open
Set objComm = CreateObject("ADODB.Command")
Set objComm.ActiveConnection = objConn
objComm.CommandText = strBase & strFilter & strAttrs & strScope
objComm.Properties("Page Size") = 1000
Set objNewGroup = GetObject("LDAP://
CN=DWA,OU=No5,OU=No4,OU=No3,OU=No2,OU=Departments,DC=mydomain,DC=com")
Set objRS = objComm.Execute()
While not objRS.EOF
Set objUser = GetObject( objRS.Fields.Item("ADsPath").Value )
objNewGroup.Add "LDAP://"; & objUser.distinguishedName
objNewGroup.SetInfo
If Err.Number <> 0 Then
oLogFile.WriteLine vbTab & objUser.name & " Already exists"
Else
oLogFile.WriteLine vbTab & objUser.name & " Added"
End If
objRS.MoveNext
Wend
oLogFile.Close
WScript.Quit

Using "On Error Resume Next" makes it hard to troubleshoot. One thought.
When you use the Add method of the group object there is no need to invoke
the SetInfo method. I would use the IsMember method to check first if the
user is a member. Also, there is no need to bind to the user object. You
could just pass the value of the ADsPath attribute you retrieved to both the
IsMember and Add methods of the group object. The extra binding slows down
the script considerably.

I would suggest not using "On Error Resume Next" and using code similar to:
==========
Dim strADsPath

While not objRS.EOF
strADsPath = objRS.Fields.Item("ADsPath").Value
If (objNewGroup.IsMember(strADsPath) = False) Then
objNewGroup.Add(strADsPath)
oLogFile.WriteLine vbTab & objUser.name & " Added"
Else
oLogFile.WriteLine vbTab & objUser.name & " Already exists"
End If
objRS.MoveNext
Wend

--
Richard Mueller
MVP Directory Services
Hilltop Lab -http://www.rlmueller.net
--- Hide quoted text -

- Show quoted text -

References:
- Add all users to a grouop - Help please
  - From: Cmor
- Re: Add all users to a grouop - Help please
  - From: Richard Mueller [MVP]

Prev by Date: DNS Server Properties Configuration/Listing
Next by Date: how to get the file name from using a wildcard
Previous by thread: Re: Add all users to a grouop - Help please
Next by thread: Re: Add all users to a grouop - Help please
Index(es):
- Date
- Thread

Relevant Pages

Re: scripting newb
... I was able to hobble this together from another script posted by Dan ... Dim strSearch, strAdsPath, strServerName 'from search script ... 'Prompt for search criteria ... computerName, samAccountName, givenName, sn, AdsPath ...
(microsoft.public.scripting.vbscript)
Re: finding files
... I'm back and also my script as changed ever since. ... have to be an Array then.. ... For Each strComputer In arrComputers ... Function ReadTxtToArray ...
(microsoft.public.scripting.vbscript)
Re: 2 scripts w errors on compacting access db
... Script 1: ... This old newsgroup thread included code to compact an Access database: ... ' You must provide a path to the Access MDB which will be compacted ... On Error GoTo 0 ...
(microsoft.public.scripting.vbscript)
Re: BinaryStream.Write ByteArray erroring with Code 800A0BB9, Source ADODB.Stream
... script is reaching out to a SQLServer database and grabbing some data ... BinaryStream.Write method expects a byte array, ... Else ... I made the changes to the script using your code, ...
(microsoft.public.scripting.vbscript)
Re: Webster van Robot help
... Line: 19 ... Is the line number relative to the <script> statement? ... There is no such thing as associative arrays in JavaScript. ... table {border-collapse: collapse;} ...
(comp.lang.javascript)