script to add computer object into security group
02 October 2012, 02:10 PM
#1
Scooby Regular
Thread Starter
Join Date: Apr 2004
Location: Cardiff
Posts: 1,928
Likes: 0
Received 0 Likes
on
0 Posts
script to add computer object into security group
Hi all,
We are running a 2k3 domain.
I have the below script which can add all users from the mp6.txt into the security group KasperReadyMP4.
users are are one per line.
for /f %%i in (mp6.txt) do net group KasperReadyMP4 %%i /ADD
However I am struggling to get this to work for computer objects. I have seen powershell scripts but they are for a 2k8 domain functional level and a script that can be done one machine per time.
Does anyone know if there is an easy way to add all the computers objects in the text file into a security group?
Mike
We are running a 2k3 domain.
I have the below script which can add all users from the mp6.txt into the security group KasperReadyMP4.
users are are one per line.
for /f %%i in (mp6.txt) do net group KasperReadyMP4 %%i /ADD
However I am struggling to get this to work for computer objects. I have seen powershell scripts but they are for a 2k8 domain functional level and a script that can be done one machine per time.
Does anyone know if there is an easy way to add all the computers objects in the text file into a security group?
Mike
02 October 2012, 07:33 PM
#2
Scooby Regular
a bodge would be to use the
Net localgroup <group> <domain name>\<computer name>$ /ADD
command in your excel/csv file, then use the concatonate command to create a addcomp.bat file
that will run and add all the machines to the group
Net localgroup <group> <domain name>\<computer name>$ /ADD
command in your excel/csv file, then use the concatonate command to create a addcomp.bat file
that will run and add all the machines to the group
Last edited by hodgy0_2; 02 October 2012 at 07:34 PM.
03 October 2012, 03:16 PM
#3
You could try this VBScript:
On Error Resume Next
Const ForReading = 1
Const ADS_SCOPE_SUBTREE = 2
Set objFSO = CreateObject("Scripting.FileSystemObject")
Set objConnection = CreateObject("ADODB.Connection")
Set objCommand = CreateObject("ADODB.Command")
objConnection.Provider = "ADsDSOObject"
objConnection.Open "Active Directory Provider"
Set objCommand.ActiveConnection = objConnection
objCommand.Properties("Page Size") = 1000
objCommand.Properties("Searchscope") = ADS_SCOPE_SUBTREE
' change the path of the text file as required
Set objTextFile = objFSO.OpenTextFile ("c:\temp\mp6.txt", ForReading)
' change this to your group on the domain
Set objGroup = GetObject("LDAP://cn=KasperReadyMP4,ou=TestOU,dc=MyDomain,dc=com")
Do Until objTextFile.AtEndOfStream
strNextLine = objTextFile.Readline
IF strNextLine = "" then
WScript.Echo "End of List"
WScript.Quit
End If
objCommand.CommandText = "SELECT ADsPath FROM 'LDAP://dc=MyDomain,dc=com' WHERE objectCategory='computer' " & "AND name=' " & strNextLine & "'"
Set objRecordSet = objCommand.Execute
objRecordSet.MoveFirst
Do Until objRecordSet.EOF
strComputer = objRecordSet.Fields("ADsPath").Value
objRecordSet.MoveNext
' the line below isplays the DN of the computer, you can remove this line
WScript.Echo strComputer
objGroup.Add strComputer
Loop
Loop
Try it with a small list and a test group and adapt it for your environment, obviously you'll need to use credentials that allow you to modify groups.
On Error Resume Next
Const ForReading = 1
Const ADS_SCOPE_SUBTREE = 2
Set objFSO = CreateObject("Scripting.FileSystemObject")
Set objConnection = CreateObject("ADODB.Connection")
Set objCommand = CreateObject("ADODB.Command")
objConnection.Provider = "ADsDSOObject"
objConnection.Open "Active Directory Provider"
Set objCommand.ActiveConnection = objConnection
objCommand.Properties("Page Size") = 1000
objCommand.Properties("Searchscope") = ADS_SCOPE_SUBTREE
' change the path of the text file as required
Set objTextFile = objFSO.OpenTextFile ("c:\temp\mp6.txt", ForReading)
' change this to your group on the domain
Set objGroup = GetObject("LDAP://cn=KasperReadyMP4,ou=TestOU,dc=MyDomain,dc=com")
Do Until objTextFile.AtEndOfStream
strNextLine = objTextFile.Readline
IF strNextLine = "" then
WScript.Echo "End of List"
WScript.Quit
End If
objCommand.CommandText = "SELECT ADsPath FROM 'LDAP://dc=MyDomain,dc=com' WHERE objectCategory='computer' " & "AND name=' " & strNextLine & "'"
Set objRecordSet = objCommand.Execute
objRecordSet.MoveFirst
Do Until objRecordSet.EOF
strComputer = objRecordSet.Fields("ADsPath").Value
objRecordSet.MoveNext
' the line below isplays the DN of the computer, you can remove this line
WScript.Echo strComputer
objGroup.Add strComputer
Loop
Loop
Try it with a small list and a test group and adapt it for your environment, obviously you'll need to use credentials that allow you to modify groups.
Last edited by jonc; 03 October 2012 at 03:18 PM.
Thread
Thread Starter
Forum
Replies
Last Post
Sam Witwicky
Engine Management and ECU Remapping
17
13 November 2015 10:49 AM
The Joshua Tree
Computer & Technology Related
30
28 September 2015 02:43 PM
