Ok. I did some very basic testing on this here, but it should definitely be tested a lot more. It makes use of fnLDAPQuery() from Chris S.
It's also kind of sloppy, i didn't dim any of my vars or do a lot of error checking, so you should probably tweak it to make more robust.
Let me know if you have any questions/problems.
Code:
break on
$ = setoption('wrapateol','on')
; get the defautl naming context
; open the source file for reading
; loop through the file
$sADsPath = "LDAP://"+GetObject("LDAP://rootDSE").Get("defaultNamingContext")
$ = open(1,'c:\Groups.txt')
$curLine = trim(readline(1))
while @error = 0
; split the line to grab the new and old group
$curGroup = split($curLine,';')[0]
$newGroup = split($curLine,';')[1]
; using the fnLDAPQuery function, try to get the
; adsPath of the new group
$strFilter = "(&(objectClass=group)(Name=" + $newGroup + "))"
$aAttributes ="adsPath"
$grpAdsPath = ""
$aResults = fnLDAPQuery($aAttributes,$sADsPath,$strFilter)
For Each $Result in $aResults
$grpAdsPath = $Result
Next
; If the group does not exist (adsPath not found), then create it
if not $grpAdsPath
;get the adsPath of the current Group
$strFilter = "(&(objectClass=group)(Name=" + $curGroup + "))"
$aResults = fnLDAPQuery($aAttributes,$sADsPath,$strFilter)
For Each $Result in $aResults
$grpAdsPath = $Result
Next
; from the adsPath of the current group
; get the adsPath of its container
$grpOU= 'LDAP://' + substr($grpAdsPath,instr($grpAdsPath,',') + 1)
; create new group by getting the OU object and using the create method
; pass it the name of the new group
; (creates a global security group by default i think)
$objNewGroup = getobject($grpOU).Create("group", "cn=" + $newGroup)
$objNewGroup.SetInfo()
else
; if the group already exists, get that group object
$objNewGroup = getobject($grpAdsPath)
endif
; using the fnLDAPQuery function, get the members of the current group
; Add those memebers to the new group (using the object from above)
$strFilter = "(&(objectClass=group)(Name=" + $curGroup + "))"
$aAttributes ="member"
$aResults = fnLDAPQuery($aAttributes,$sADsPath,$strFilter)
for each $aRes in $aResults
for each $res in $aRes
$objNewGroup.Add('LDAP://' + $res)
get $some
next
next
$curLine = trim(readline(1))
loop
Function fnLDAPQuery($What,$From,Optional $Filter,Optional $OrderBy,Optional $Scope,Optional $User,Optional $Pswd)
Dim $oCon,$oCMD,$oRS,$sQ,$sF,$sGV,$R,$vP,$aR[0],$nul
If $Scope <> "base" AND $Scope <> "onelevel" AND $Scope <> "subtree" $Scope = "subtree" EndIf
$sQ = "<"+$From+">;"+$Filter+";"+Iif(VarType($What)>8192,Join($What,','),$What)+";"+$Scope
If VarType($What)>8192
For Each $sF in $What $sGV=$sGV+'$'+'oRS.Fields("'+$sF+'").Value,' Next
$sGV=Substr($sGV,1,Len($sGV)-1)
Else
$sGV='$'+'oRS.Fields("'+$What+'").Value'
EndIf
$oCon=CreateObject("ADODB.Connection")
$oCon.Provider = "ADsDSOObject"
$oCon.Properties("Encrypt Password").Value=1
$oCon.Properties("ADSI Flag").Value=1
If $User AND $Pswd
$oCon.Properties("User ID").Value=$User
$oCon.Properties("Password").Value=$Pswd
EndIf
$oCon.Open("Active Directory Provider")
$oCMD=CreateObject("ADODB.Command")
$oCMD.ActiveConnection=$oCon
$oCMD.CommandText=$sQ
$oCMD.Properties("Page Size").Value=1000
$oCMD.Properties("Timeout").Value=30
$oCMD.Properties("Cache Results").Value=0
If $OrderBy="distinguishedName"
$oRS = CreateObject("ADODB.Recordset")
$oRS.CursorLocation=3
$oRS.Sort=$OrderBy
$oRS.Open($sQ,$oCon,0,1,1)
Else
If $OrderBy
$oCMD.Properties("Sort On").Value=$OrderBy
EndIf
$oRS = $oCMD.Execute
EndIf
If @ERROR Exit @ERROR EndIf
If $oRS.BOF AND $oRS.EOF Exit @ERROR EndIf
Do
$nul=Execute('$'+'vP='+$sGV)
$aR[$R]=$vP
$oRS.MoveNext
$R=$R+1
ReDim Preserve $aR[$R]
Until $oRS.EOF
ReDim Preserve $aR[$R-1]
$fnLDAPQuery=$aR
EndFunction
