#75969 - 2003-07-2202:52 PMRe: Error in expression.!
ViggenViggen
Starting to like KiXtart
Registered: 2002-03-22
Posts: 110
Hi! Sorry I haven't answered earlier, but a big thunderstorm fried my ISPs equipment so I haven't had a stable connection to the Internet since last Friday.
Howard...
Since I'm not to god with Ad I'll try and explain what i'm after.
This is how I have structured my Ad:
I have a script that creates users in Ad, and now I want to ad the users to specific groups in the creation process.
The school and the groups are specified earlier in the script as: $gg1 = $gg2 = $lg = $sc = (trying to use the old U.G.L.P system on the groups) ($gg2 is a member of $lg1)
So when the script has created the user it then checks for a group and if the group exist it adds the user OR If the group doesn't exit it first creates the group and then adds the user.
Hope that I'm not to unclear here but then again... AD isn't my strong suite.
/V
[edit: Hmmm adding an image doesn't seem to work... Here is an link to the image.]
[ 22. July 2003, 14:58: Message edited by: Viggen ]
#75971 - 2003-07-2203:56 PMRe: Error in expression.!
ViggenViggen
Starting to like KiXtart
Registered: 2002-03-22
Posts: 110
Strange, I can get into it. Let's try this then.
I have a root called schools.mycompany.com under it I have an OU called schools. under that I have a few OUs called "school 1","school 2" and so on. Under them I have 3 OUs. Groups, Students & Teachers.
Posting the code... hmm... 417 lines...
I think i'll put some snippets in instead.
This is what I use to connect with:
code:
$adsDomain = GetObject("LDAP://$ou,$dc") if $adsDomain=0 ? "Kan inte ansluta till servern" ? @SERROR + " (" + @ERROR + ")" quit 1 endif
And here's what I'm using for searching and adding groups:
code:
$cn = $adsUser.sAMAccountname $year = RIGHT(LEFT($cn,4),2) $dn = "OU=$ou2,OU=$ou3,$dc" $temp = @Curdir + "\dsquery.txt" $cmd = "%ComSpec% /C" shell '$cmd dsquery group $dn -scope subtree -name $gg1 -q > $temp' $NUL = OPEN(1,$temp) $dsq = Readline(1) $NUL = CLOSE(1) Del $temp IF NOT INSTR($dsq,$gg1) shell 'dsadd group CN=$gg1,OU=Groups,OU=$ou2,OU=$ou3,$dc -desc "Alla Elever På Skolan" -q' ENDIF shell '$cmd dsquery group $dn -scope subtree -name $lg > $temp' $NUL = OPEN(1,$temp) $dsq = Readline(1) $NUL = CLOSE(1) Del $temp IF NOT INSTR($dsq,$lg) shell 'dsadd group CN=$lg,OU=Groups,OU=$ou2,OU=$ou3,$dc -scope l -desc "Lokal Grupp Med Elever Födda -$year" -q' ENDIF shell '$cmd dsquery group $dn -scope subtree -name $gg2 > $temp' $NUL = OPEN(1,$temp) $dsq = Readline(1) $NUL = CLOSE(1) Del $temp IF NOT INSTR($dsq,$gg2) shell 'dsadd group CN=$gg2,OU=Groups,OU=$ou2,OU=$ou3,$dc -desc "Global Grupp Med Elever Födda -$year" -memberof CN=$lg,OU=Groups,OU=$ou2,OU=$ou3,$dc -q' ENDIF shell "dsmod group CN=$gg1,OU=Groups,OU=$ou2,OU=$ou3,$dc -addmbr CN=$cn,$ou,$dc -q" shell "dsmod group CN=$gg2,OU=Grupper,OU=$ou2,OU=$ou3,$dc -addmbr CN=$cn,$ou,$dc -q"
(note. $ou2 is for example "school 1" and $ou3 is Schools)
Yes, yes... I know I'm shelling out, and it isn't the nicest formating around, but it works and with not to many lines of code.
#75975 - 2003-07-2305:27 PMRe: Error in expression.!
Howard BullockHoward Bullock
KiX Supporter
Registered: 2000-09-15
Posts: 5809
Loc: Harrisburg, PA USA
To add a member to the group you can use pre-existing UDFs. Try looking up "GroupAdd"
Here is a function to create an AD group in a specified container. I will be formalizing this and posting it to the UDF Library later today or tomorrow.
[ 23. July 2003, 17:43: Message edited by: Howard Bullock ]
![[Big Grin]](images/icons/grin.gif){kind=icon}
![[Smile]](images/icons/smile.gif){kind=icon}
