WilliamAnderson
Tue Dec 04 12:42:00 PST 2007
Richard, you're awesome! Thanks!
"Richard Mueller [MVP]" wrote:
> William Anderson wrote:
>
> > I'm looking for a script to add a computer account to an AD Group by
> > NetBios
> > name. Anyone got one handy? Thanks!
>
> If both the computer and the group names are NetBIOS names, perhaps it makes
> sense to use the WinNT provider. For example:
> =======
> ' Specify (or prompt for or retrieve) NetBIOS names.
> strGroup = "MyGroup"
> strComputer = "MyComputer"
> strDomain = "MyDomain"
>
> ' Bind to the group and computer objects.
> Set objGroup = GetObject("WinNT://" & strDomain & "/" & strGroup & ",group")
> Set objComputer = GetObject("WinNT://" & strDomain & "/" & strComputer &
> ",computer")
>
> ' Check if computer already a member of the group.
> If (objGroup.IsMember(objComputer.ADsPath) = False) Then
> ' Add the computer to the group.
> objGroup.Add(objComputer.ADsPath)
> End If
> =========
> Generally, the WinNT provider is not recommended. For one thing it is
> slower. To use the LDAP provider you can use the NameTranslate object to
> convert the NetBIOS names to Distinguished Names. For example:
> ==========
> ' Specify (or prompt for or retrieve) NetBIOS names.
> strGroup = "MyGroup"
> strComputer = "MyComputer"
>
> ' Constants for the NameTranslate object.
> Const ADS_NAME_INITTYPE_GC = 3
> Const ADS_NAME_TYPE_NT4 = 3
> Const ADS_NAME_TYPE_1779 = 1
>
>
>
> ' Determine DNS name of domain from RootDSE.
> Set objRootDSE = GetObject("LDAP://RootDSE")
> strDNSDomain = objRootDSE.Get("defaultNamingContext")
>
> ' Use the NameTranslate object to find the NetBIOS domain
>
> ' name from the DNS domain name.
> Set objTrans = CreateObject("NameTranslate")
> objTrans.Init ADS_NAME_INITTYPE_GC, ""
> objTrans.Set ADS_NAME_TYPE_1779, strDNSDomain
> strNetBIOSDomain = objTrans.Get(ADS_NAME_TYPE_NT4)
> ' Remove trailing backslash.
> strNetBIOSDomain = Left(strNetBIOSDomain, Len(strNetBIOSDomain) - 1)
>
>
>
> ' Use the Set method to specify the NT format of the group name.
>
> objTrans.Set ADS_NAME_TYPE_NT4, strNetBIOSDomain & "\" & strGroup
>
> ' Use the Get method to retrieve the RPC 1779 Distinguished Name.
> strGroupDN = objTrans.Get(ADS_NAME_TYPE_1779)
>
> ' Bind to the group object.
>
> Set objGroup = GetObject("LDAP://" & strGroupDN)
>
>
>
> ' Use the Set method to specify the NT format of the computer name.
>
> objTrans.Set ADS_NAME_TYPE_NT4, strNetBIOSDomain & "\" & strComputer
>
> ' Use the Get method to retrieve the RPC 1779 Distinguished Name.
> strComputerDN = objTrans.Get(ADS_NAME_TYPE_1779)
>
> ' Bind to the computer object.
>
> Set objComputer = GetObject("LDAP://" & strComputerDN)
>
>
>
> ' Check if computer already a member of the group.
> If (objGroup.IsMember(objComputer.ADsPath) = False) Then
> ' Add the computer to the group.
> objGroup.Add(objComputer.ADsPath)
> End If
> ============
> Finally, note that you can always retrieve the Distinguished Name of the
> current computer directly from the ADSystemInfo object. For example:
> ========
> Set objSysInfo = CreateObject("ADSystemInfo")
> strComputerDN = objSysInfo.ComputerName
> Set objComputer = GetObject("LDAP://" & strComputerDN)
> =========
> And of course you could hard code the Distinguished Name of the group in
> your script as easily as the NetBIOS name. If you are prompting for names,
> however, you will need to use the NameTranslate object in order to use the
> LDAP provider.
>
> --
> Richard Mueller
> Microsoft MVP Scripting and ADSI
> Hilltop Lab -
http://www.rlmueller.net
> --
>
>
>