Need all users with emails addresses to be put in global group. 1

[StumpedTechy]

Okay I have a dilema. We have a global distribution group we created for exchange emailing. The problem is from time to time people create an ID without remembering to put them into the group in question.

I was thinking to modify a script I collaborated on creating (someone from here helped out on that one as well) for a GAL dump to make it so that when the VBS is ran all of the users this script finds will be added to the correct global group. Can anyone help me out?

Dim rootDSE, domain

Set rootDSE = GetObject("LDAP://RootDSE")

Set domain = GetObject("LDAP://" & rootDSE.Get("defaultNamingContext"))

Set fso = CreateObject("Scripting.FileSystemObject")
Set outfile = fso.CreateTextFile("Gal Export.csv")

Call EnumUsers(domain.ADsPath)
Call EnumContacts(domain.ADsPath)
Call EnumOUs(domain.ADsPath)

Sub EnumOUs(adspath)
    Dim container, ou

    Set container = GetObject(adspath)

    container.Filter = Array("OrganizationalUnit")

    Call EnumUsers(container.ADsPath)
    Call EnumContacts(container.ADsPath)

    For Each ou In container

        Call EnumOUs(ou.ADsPath)

    Next


End Sub


Sub EnumUsers(adspath)
    Dim container, user

    Set container = GetObject(adspath)

    container.Filter = Array("User")

    For Each user In container

        If user.Mail <> "" and user.sn <> "" and user.givenName <> "" Then

            outfile.WriteLine user.sn & ", " & user.givenName & ", " & user.Mail

        End If

    Next


End Sub
Sub EnumContacts(adspath)
    Dim container, contact

    Set container = GetObject(adspath)

    container.Filter = Array("Contact")

    For Each contact In container

        If contact.Mail <> "" and contact.sn <> "" and contact.givenName <> "" Then

            outfile.WriteLine contact.sn & ", " & contact.givenName & ", " & contact.Mail

        End If

    Next

End Sub

I was thinking instead of doing an outfile in each section I then add the users it parses out to to the distribution group. Would that be a simple as changing the outfile section to something like objGroup.Add ? -

Maybe put this at the beginning of the script - Set objGroup = GetObject("LDAP://yadda yadda")
then in each section do an objGroup.Add(objUser.AdsPath)

Is this too hard with the current script and possibly I should start over?

What we want is every user/contact in our AD system that has an email account listed in the e-mail field to be in this distribution group.

 

[solec]

hI StumpedTechy
Can you please share me this script that is working?>

Thanks,

Solec

 

[solec]

Hello?

Please i badly need a script that a new user will have to be added to a distrib group, regardless if its mail enabled, etc, how can i run this? login script?

Thanks
Solec

 

[markdmac]

Joining a group requires two lines of code at minimum. You first bind to the user, then join the group.

Set objGroup = GetObject _
 ("LDAP://CN=atl-users,ou=hr,dc=fabrikam,dc=com")
objGroup.Add _
 "LDAP://cn=MyerKen,OU=management,dc=fabrikam,dc=com"

I hope you find this post helpful.

Regards,

Mark

Check out my scripting solutions at

http://www.thespidersparlor.com/vbscript

 

[solec]

Hi Mark !

Thanks for the script, do u have the whole script?
What if my domain is solec.man.com, and the OU is Intoit, and the group is Mygroup? What to do? My goal is when a new user is created, when he is in the OU Intoit,the logon startup script will kick in, and he will be automatically be joined to the security group Mygroup? Sorry , i a m stupid in scripting. Please help. Thanks.


Solec

 

[markdmac]

Use ADSIEdit to locate the full LDAP path of your group. Put that path in the first line above.

Look in the FAQ faq329-5688 for how to take a user name and find the LDAP path (distinguished name) for use int he above script. You can also look at my FAQ faq329-5798 for some additional explanations. Check out the section of my FAQ for speaking the name, I use the function there so you can see how to do it.

Post what you put together for additional advice.

I hope you find this post helpful.

Regards,

Mark

Check out my scripting solutions at

http://www.thespidersparlor.com/vbscript

 

[solec]

Hi Mark,

How bout this script? My goal is i want the new nt logins when i put them to Intuit OU, the login script will function when they log and be automatically join to the SMTP Restricted Intuit group. Is the below script correct? Thanks for your support

Solec

Option Explicit
Dim objRootLDAP, objGroup, objUser, objOU
Dim strOU, strGroup, strDNSDomain
Dim intCounter

' Check these objects referenced by strOU, strGroup exist in strOU
strOU = "OU=Intuit"
strGroup = "SMTP Restricted Intuit"

' Bind to Active Directory and get LDAP name
Set objRootLDAP = GetObject("LDAP://RootDSE")
strDNSDomain = objRootLDAP.Get("DefaultNamingContext")

' Prepare the OU and the Group
Set objGroup = GetObject _
("LDAP://CN=SMTP Restricted Intuit,OU=Intuit,OU=Users,OU=CLK,OU=MAN,OU=PHL,DC=corp,DC=bluck,DC=com"& strGroup _
& strOU & strDNSDomain)
Set objOU =GetObject("LDAP://OU=Intuit,OU=Users,OU=CLK,OU=MAN,OU=PHL,DC=corp,DC=bluck,DC=com" & strOU & strDNSDomain)
objGroup.Add _
"LDAP://CN=SMTP Restricted Intuit,OU=Intuit,OU=Users,OU=CLK,OU=MAN,OU=PHL,DC=corp,DC=bluck,DC=com"


' On Error Resume next
intCounter = 1
For Each objUser In objOU
If objUser.Class = lcase("User") then
objGroup.add(objUser.ADsPath)
intCounter = intcounter +1
End If
Next
WScript.Echo strGroup & " has " & intCounter & " new members"

Wscript.Quit

'End of Add lots of members to group VBScript

 

[solec]

HI Mark! Is this code OK or should be modified? Please help please. Thanks.

Solec

Option Explicit 
Dim objRootLDAP, objGroup, objUser, objOU
Dim strOU, strGroup, strDNSDomain
Dim intCounter

' Check these objects referenced by strOU, strGroup exist in strOU
strOU = "OU=Intuit"
strGroup = "SMTP Restricted Intuit"

' Bind to Active Directory and get LDAP name
Set objRootLDAP = GetObject("LDAP://RootDSE")
strDNSDomain = objRootLDAP.Get("DefaultNamingContext")

' Prepare the OU and the Group
Set objGroup = GetObject _
 ("LDAP://CN=SMTP Restricted Intuit,OU=Intuit,OU=Users,OU=CLK,OU=MAN,OU=PHL,DC=corp,DC=bluck,DC=com"& strGroup _
& strOU & strDNSDomain)
Set objOU =GetObject("LDAP://OU=Intuit,OU=Users,OU=CLK,OU=MAN,OU=PHL,DC=corp,DC=bluck,DC=com" & strOU & strDNSDomain)
objGroup.Add _
 "LDAP://CN=SMTP Restricted Intuit,OU=Intuit,OU=Users,OU=CLK,OU=MAN,OU=PHL,DC=corp,DC=bluck,DC=com"


' On Error Resume next
intCounter = 1
For Each objUser In objOU
   If objUser.Class = lcase("User") then
      objGroup.add(objUser.ADsPath)
      intCounter = intcounter +1
   End If
Next
WScript.Echo strGroup & " has " & intCounter & " new members"

Wscript.Quit

'End of Add lots of members to group VBScript

 

[markdmac]

This part is wrong for what you have described you want to do:

objGroup.Add _
 "LDAP://CN=SMTP Restricted Intuit,OU=Intuit,OU=Users,OU=CLK,OU=MAN,OU=PHL,DC=corp,DC=bluck,DC=com"


' On Error Resume next
intCounter = 1
For Each objUser In objOU
   If objUser.Class = lcase("User") then
      objGroup.add(objUser.ADsPath)
      intCounter = intcounter +1
   End If
Next

Use the following to get the user name

Set WSHNetwork = CreateObject("WScript.Network")
'Grab the user name
UserString = WSHNetwork.UserName

Then knowing the username call the function as I described above to get the users distinguishedName.

When you have the Distinguished name you can use

objGroup.Add _
 "LDAP://" & userdistinguishedName

where userdistinguishedName is whatever variable you assigned when calling the function.

As you have written it, your objGroup.Add is trying to add your OU location to the group. That will cause an error. Then you are enumerating every user in the OU and adding them to the group. That will accomplish your goal in the end but not the way you wanted. It is also a waste of time since it will have to enumerate all the users every time a user logs on.

If you are going to set this as a login script, then you will want to use On Error Resume Next since the next time the user logs in the scritp will error when trying to join them to the group since they are alredy in it.

Another option is to add code to the top of the script to check for group membership and if they are in that group to exit the script. Refer to my login script FAQ for the code to check the users group memberships. You would then just add WSCRIPT.QUIT inside the Case Statement to exit out.

Give that a try and post your results for further help.


I hope you find this post helpful.

Regards,

Mark

Check out my scripting solutions at

http://www.thespidersparlor.com/vbscript

 

[solec]

HI Mark,

This is what i gathered so far, sorry im really stuppid in scripting. Please take a look for your perusal.
Thankyou.

Solec

ON ERROR RESUME NEXT

Dim WSHShell, WSHNetwork, objDomain, DomainString, UserString, UserObj, Path


Set WSHShell = CreateObject("WScript.Shell")

'==========================================================================
'
' NAME: LogonScript.vbs
'
' AUTHOR:  Mark D. MacLachlan, The Spider's Parlor
' URL   : [URL unfurl="true"]http://www.thespidersparlor.com[/URL]
' DATE  : 4/10/2003


Set WSHNetwork = CreateObject("WScript.Network")
'Automatically find the domain name
Set objDomain = getObject("LDAP://rootDse")
DomainString = objDomain.Get("dnsHostName")
WinDir = WshShell.ExpandEnvironmentStrings("%WinDir%")

'Now check for group memberships 
For Each GroupObj In UserObj.Groups
    Select Case GroupObj.Name
    'Check for group memberships and take needed action
 
        Case "SMTP Restricted Intuit"
            WSHNetwork.UserName
'Quit the Script
wscript.quit

'Grab the user name
UserString = WSHNetwork.UserName
'Bind to the user object to get user name and check for group memberships later
Set UserObj = GetObject("WinNT://" & DomainString & "/" & UserString)

'When you have the Distinguished name you can use

objGroup.Add _
 "LDAP://" & userdistinguishedName


' Prepare the OU and the Group
Set objGroup = GetObject _
 ("LDAP://CN=SMTP Restricted Intuit,OU=Intuit,OU=Users,OU=CLK,OU=MAN,OU=PHL,DC=corp,DC=bluck,DC=com"& strGroup _
& strOU & strDNSDomain)
Set objOU =GetObject("LDAP://OU=Intuit,OU=Users,OU=CLK,OU=MAN,OU=PHL,DC=corp,DC=bluck,DC=com" & strOU & strDNSDomain)

 

[markdmac]

Well, you are trying I suppose. Time to go and get yourself a vbscritp for dumy's book so you understand some basics. I've already given you references for all the code you need to put this together, you just need to understand what it is you are trying to put together.

I hope you find this post helpful.

Regards,

Mark

Check out my scripting solutions at

http://www.thespidersparlor.com/vbscript