Tek-Tips is the largest IT community on the Internet today!

Members share and learn making Tek-Tips Forums the best source of peer-reviewed technical information on the Internet!

Register Log in
  • Congratulations TouchToneTommy on being selected by the Tek-Tips community for having the most helpful posts in the forums last week. Way to Go!

How Can I change a users primary group through script ?? 1

Status
Not open for further replies.
Aslamvs

Aslamvs

Technical User
Jul 8, 2002
472
HI,

How Can I change a users primary group through script ??


Is it possible to do so ??

Thanks in Advance



Aslam
 
Sort by date Sort by votes
Hello Aslamvs,

Sure it can. Put the user to the targeted primary group other than the one it is in. Change the PrimaryGroupID attribute of the user (get & setinfo). For samples, you should google as you pose such a general question.

regards - tsuji
 
Upvote 0 Downvote
Would you be able to give me the script ?..

I'll really appritiate ur help..

Thanks

Aslam
 
Upvote 0 Downvote
Aslamvs,

If you know the (primary) group and the user's dn, it would be something like this.
[tt]
set ogroup=getobject("LDAP://cn=gbl_group,dc=NA,dc=fabrikam,dc=com")
ogroup.getinfoex array("PrimaryGroupToken"),0
groupid=ogroup.get("PrimaryGroupToken")

set ouser=getobject("LDAP://cn=jsmith,ou=Sales,dc=NA,dc=fabrikam,dc=com")
ouser.put "PrimaryGroupID",groupid
ouser.setinfo
[/tt]
- tsuji
 
Upvote 0 Downvote
HI I got this one to do the same.. n works perfectly fine :)

Option Explicit

Dim objConnection, objCommand, objRootDSE, strDNSDomain, strQuery
Dim objUser, strUserDN, strFilter, strAttributes, strPriGroup
Dim objRecordSet, intGroupToken, strGroupDN, objGroup

' Specify the user and primary group.
strUserDN = "cn=Test user,ou=Users,ou=sales,dc=mydomain,dc=com"
strPriGroup = "Domain Users"

' Bind to the user object in Active Directory with the LDAP provider.
On Error Resume Next
Set objUser = GetObject("LDAP://" & strUserDN)
If Err.Number <> 0 Then
On Error GoTo 0
Wscript.Echo "User not found" & vbCrLf & strUserDN
Wscript.Quit(1)
End If
On Error GoTo 0

' Determine the DNS domain from the RootDSE object.
Set objRootDSE = GetObject("LDAP://RootDSE")
strDNSDomain = objRootDSE.Get("DefaultNamingContext")

' Use ADO to search Active Directory for the specified group. Return the
' PrimaryGroupToken attribute of the group. This forces this attribute
' to be calculated.
Set objConnection = CreateObject("ADODB.Connection")
Set objCommand = CreateObject("ADODB.Command")
objConnection.Provider = "ADsDSOObject"
objConnection.Open "Active Directory Provider"
Set objCommand.ActiveConnection = objConnection
strFilter = "(sAMAccountName=" & strPriGroup & ")"
strAttributes = "DistinguishedName,PrimaryGroupToken"
strQuery = "<LDAP://" & strDNSDomain & ">;" & strFilter & ";" _
& strAttributes & ";subtree"
objCommand.CommandText = strQuery
objCommand.Properties("Page Size") = 100
objCommand.Properties("Timeout") = 30
objCommand.Properties("Cache Results") = False
Set objRecordSet = objCommand.Execute
If objRecordSet.EOF Then
Wscript.Echo "Group token not found"
objConnection.Close
Set objConnection = Nothing
Set objCommand = Nothing
Set objRootDSE = Nothing
Set objRecordSet = Nothing
Wscript.Quit(1)
End If

' Determine the PrimaryGroupToken of the specified group.
Do Until objRecordSet.EOF
intGroupToken = objRecordSet.Fields("PrimaryGroupToken")
strGroupDN = objRecordSet.Fields("DistinguishedName")
objRecordSet.MoveNext
If Not objRecordSet.EOF Then
Wscript.Echo "Error finding Primary Group"
objConnection.Close
Set objConnection = Nothing
Set objCommand = Nothing
Set objRootDSE = Nothing
Set objRecordSet = Nothing
Wscript.Quit(1)
End If
Loop

' Bind to the group object in Active Directory with the LDAP provider.
Set objGroup = GetObject("LDAP://" & strGroupDN)

' Verify the user is a member of the group.
If Not objGroup.IsMember(objUser.AdsPath) Then
Wscript.Echo "User" & vbCrLf & strUserDN & vbCrLf _
& "is either NOT a member of the group " & strPriGroup & vbCrLf _
& "or already has this group set as the primary group."
objConnection.Close
Set objConnection = Nothing
Set objCommand = Nothing
Set objRootDSE = Nothing
Set objRecordSet = Nothing
Set objGroup = Nothing
Wscript.Quit(1)
End If

' Assign the primary group of the user.
objUser.PrimaryGroupID = intGroupToken
On Error Resume Next
objUser.SetInfo
If Err.Number = 0 Then
On Error GoTo 0
Wscript.Echo "Primary Group of user" & vbCrLf & strUserDN & vbCrLf _
& "set to group " & strPriGroup
Else
On Error GoTo 0
Wscript.Echo "Primary Group of user" & vbCrLf & strUserDN & vbCrLf _
& "could NOT be set to group " & strPriGroup
End If

' Clean up.
objConnection.Close
Set objConnection = Nothing
Set objCommand = Nothing
Set objRootDSE = Nothing
Set objUser = Nothing
Set objGroup = Nothing
Set objRecordSet = Nothing




Aslam
 
Upvote 0 Downvote
Status
Not open for further replies.

Similar threads

bdwilcox
  • Question
Trying to adapt VBScript to search if machine is in an AD group 6
Replies
8
Views
801
SoftwareRT
SoftwareRT
bdwilcox
  • Question
Script seeing input variable value as blank but sees hard-coded value 4
Replies
6
Views
525
bdwilcox
bdwilcox
wchull
  • Locked
  • Question
How do I resolve this permissions error in my script?
Replies
0
Views
150
wchull
wchull
Don Child
  • Locked
  • Question
How to validate an INSERT, after Executing
Replies
1
Views
192
Don Child
Don Child
lunter
  • Locked
  • Question
How to create vbArray+vbByte (8209) in *.vbs stript
Replies
0
Views
155
lunter
lunter

Part and Inventory Search

Sponsor

Back
Top