Need Script to add Users to local Group

[Soundlover4711]

Hi All,

I'd need a script which adds selected (domain)users on selected (domain)computers to the local "Power Users" group of the PC.

For example only >DomainUser1< should get a member of the "Power Users" group of >DomainComputer1< (only on this computer).

Is that possible?!? Please Heeeeeeelp!

Thanks!!!!

 

[cchipman]

Yah, I suspect it is.

There will be be two parts...

#1 selecting the list of computesr. If you want all of them, do something like this:

Sub Enumerate ()
	strADsPath = "LDAP://dc=yourdomain,dc=com"
	WalkTree strADsPath, "|-->"
End Sub

' recursive function to walk down through the tree
Sub WalkTree(strPath, buffer)
	Set oContainer = GetObject(strPath)
	
	For Each object In oContainer
		If object.Class = "computer" Then
			WScript.STDOUT.WriteLine buffer & object.Name
			strComputer = Mid(object.Name,4)
			AddUsersToPowerUsers(strComputer)
		Else
			Set oClass = GetObject(object.Schema)
			If (oClass.Container) and object.Schema = "LDAP://schema/organizationalUnit" Then 
				WalkTree object.ADsPath, buffer & object.Name & "| "
			End If
		End If
	Next
End Sub

#2 Connect to the Power Users Group, and add members to the group. I do it like this:

Sub AddUsersToPowerUsers(strComputer)
	On Error Resume Next
        membersToAdd.Add("user1", 1)
        membersToAdd.Add("user2", 1)
        membersToAdd.Add("user3", 1)


	Set objPwGroup = GetObject("WinNT://" & strComputer & "/Power Users")
	If Err.Number Then
		Wscript.Echo  "An error (" & CStr(Err.Number) & ") has occurred getting the power user group on " & strComputer
		Err.Clear
	Else
               AddMembersToGroup(membersToAdd, objPwGroup)
		
		If Err.Number Then
		Wscript.Echo  "An error (" & CStr(Err.Number) & ") has occurred getting the power user group on " & strComputer
			Err.Clear
		Else
				WScript.Echo "Completed."
		End If
	End If
End Sub



'******************************************************************************
' Add members to group.  
'******************************************************************************
' the add members to group expects pMembers to be a dictionary of distinguished names
' and newgroup to be an object retreived from a LDAP query.
'******************************************************************************
Sub AddMembersToGroup(pMembers, newGroup)
	theMembers = Array()
	ReDim theMembers(pMembers.Count - 1)

	Dim idx:idx = 0
	
	For Each idxMember in pMembers
		theMembers(idx) = pMembers.Item(idxMember)
		idx = idx + 1
	Next
	
	newGroup.PutEx ADS_PROPERTY_APPEND, "Member", theMembers
	newGroup.SetInfo
End Sub

 

[markdmac]

Actually there si a much simpler way of going about this if you don't mnd employing a third party (free) tool. Grab a copy of SysInternals PSEXEC which will let you remotely execute commands on the local PC. You can then use the Net LocalGroup command.

I do this to add users to the local admins group for our Quickbooks users.

'==========================================================================
'
' NAME: AddUserToLocalAdminGroup.vbs
'
' AUTHOR: Mark D. MacLachlan , The Spider's Parlor
' URL: [URL unfurl="true"]http://www.thespidersparlor.com[/URL]
' DATE  : 8/8/2004
'
' COMMENT: <comment>
'
'==========================================================================
On Error Resume Next

Set WSHShell = CreateObject("WScript.Shell")
Set WSHNetwork = CreateObject("WScript.Network")

'Edit the next line with your domain name
DomainString = "DomainName"
UserString = WSHNetwork.UserName

'Add the user to the local admins group
Call WSHShell.Run("cmd.exe /C net localgroup administrators " & DomainString & "\" & UserString & " /add")

'Remove the user from the local admins group
'Call WSHShell.Run("cmd.exe /C net localgroup administrators " & DomainString & "\" & UserString & " /delete")

Check the PSEXEC help file and you will see how easy it is to use.

Also, take a quick look at this FAQ for info on how to run the script easily against multiple computers of your choosing. faq329-4871

I hope you find this post helpful.

Regards,

Mark