VBscript to add AD Computer accounts into AD Security Groups via a txt file

Ask a question

Wednesday, April 25, 2012 8:35 PM

0

I'm hoping someone can assist me with this problem.

I need to add multiple AD computer objects to a specific AD security group via a txt file. Since I'm new to VBscripting I've been searching the forums for an answer but have been having trouble locating a solution.

Can someone post a VBscript that I can modify accordingly to accomplish this?

Any help would be greatly appreciated!!

Thank you.
- Reply
- Quote

All Replies

Wednesday, April 25, 2012 8:53 PM

Moderator

1
If the text file has the distinguished names of the computers, the script will be fairly straightforward. For example:

Option Explicit

Dim strFile, objGroup, objFSO, objFile, strComputerDN, objComputer
Const ForReading = 1

' Specify the text file of computer distinguished names.
strFile = "c:\Scripts\Computers.txt"

' Bind to the group object.
Set objGroup = GetObject("LDAP://cn=Test Group,ou=West,dc=MyDomain,dc=com")

' Open the file for read access.
Set objFSO = CreateObject("Scripting.FileSystemObject")
Set objFile = objFSO.OpenTextFile(strFile, ForReading)

' Read each line of the file.
Do Until objFile.AtEndOfStream
    strComputerDN = Trim(objFile.ReadLine)
    ' Skip blank lines.
    If (strComputerDN <> "") Then
        ' Bind to the computer object.
        Set objComputer = GetObject("LDAP://" & strComputerDN)

        ' Check if computer a member of the group.
        If (objGroup.IsMember(objComputer.ADsPath) = False) Then
            ' Add the computer to the group.
            objGroup.Add(objComputer.ADsPath)
        End If
    End If
Loop

' Clean up.
objFile.Close
```
-----
```
If the text file has just the NetBIOS names of the computers, then you must use the NameTranslate object to convert the NetBIOS names into distinguished names. Reply if you need that.

Richard Mueller - MVP Directory Services
- Edited by Richard MuellerMVP, Moderator Sunday, April 29, 2012 12:05 AM Fixed format of code block
- Reply
- Quote
Wednesday, April 25, 2012 9:10 PM

0

Hi Richard,

The text file will only contain NetBIOS names of the computers in it.

Thank you.
- Reply
- Quote
Wednesday, April 25, 2012 9:15 PM

Moderator

1
This code looks more complex, but it is actually efficient:

Option Explicit

Dim strFile, objGroup, objFSO, objFile, strComputerDN, objComputer
Dim objRootDSE, strDNSDomain, objTrans, strNetBIOSDomain, strComputer

Const ForReading = 1
' Constants for the NameTranslate object.
Const ADS_NAME_INITTYPE_GC = 3
Const ADS_NAME_TYPE_NT4 = 3
Const ADS_NAME_TYPE_1779 = 1

' Specify the text file of computer NetBIOS names.
strFile = "c:\Scripts\Computers.txt"

' Bind to the group object.
Set objGroup = GetObject("LDAP://cn=Test Group,ou=West,dc=MyDomain,dc=com")

' Determine DNS name of domain from RootDSE.
Set objRootDSE = GetObject("LDAP://RootDSE")
strDNSDomain = objRootDSE.Get("defaultNamingContext")

' Use the NameTranslate object to find the NetBIOS domain name from the
' DNS domain name.
Set objTrans = CreateObject("NameTranslate")
objTrans.Init ADS_NAME_INITTYPE_GC, ""
objTrans.Set ADS_NAME_TYPE_1779, strDNSDomain
strNetBIOSDomain = objTrans.Get(ADS_NAME_TYPE_NT4)
' Remove trailing backslash.
strNetBIOSDomain = Left(strNetBIOSDomain, Len(strNetBIOSDomain) - 1)

' Open the file for read access.
Set objFSO = CreateObject("Scripting.FileSystemObject")
Set objFile = objFSO.OpenTextFile(strFile, ForReading)

' Read each line of the file.
Do Until objFile.AtEndOfStream
    strComputer = Trim(objFile.ReadLine)
    ' Skip blank lines.
    If (strComputer <> "") Then
        ' Use the Set method to specify the NT format of the computer name.
        ' The sAMAccountName of the computer will be the NetBIOS name with trailing "$".
        ' Trap error if computer does not exist.
        On Error Resume Next
        objTrans.Set ADS_NAME_TYPE_NT4, strNetBIOSDomain & "\" & strComputer & "$"
        If (Err.Number <>  0) Then
            On Error GoTo 0
            Wscript.Echo "Computer " & strComputer & " does not exist"
        Else
            On Error GoTo 0
            ' Use the Get method to retrieve the Distinguished Name.
            strComputerDN = objTrans.Get(ADS_NAME_TYPE_1779)

            ' Bind to the computer object.
            Set objComputer = GetObject("LDAP://" & strComputerDN)

            ' Check if computer a member of the group.
            If (objGroup.IsMember(objComputer.ADsPath) = False) Then
                ' Add the computer to the group.
                objGroup.Add(objComputer.ADsPath)
            End If
        End If
    End If
Loop

' Clean up.
objFile.Close
```
-----
```
Richard Mueller - MVP Directory Services
- Proposed As Answer by Richard MuellerMVP, Moderator Thursday, April 26, 2012 10:29 PM
- Edited by Richard MuellerMVP, Moderator Sunday, April 29, 2012 12:06 AM Fixed format of code block
- Reply
- Quote
Wednesday, April 25, 2012 9:41 PM

0

So in the script the main area where I have to modify this script to fit my environment is

' Bind to the group object.
Set objGroup = GetObject("LDAP://cn=Test Group,ou=West,dc=MyDomain,dc=com")

Would that be correct? Everything else I can leave as is?
- Reply
- Quote
Wednesday, April 25, 2012 10:00 PM

Moderator

1
You also need to modify the name and path of the text file of computer names (the value assigned to strFile). Everything else is generic. The script retrieves information about your domain from the RootDSE object.

Richard Mueller - MVP Directory Services
- Marked As Answer by NeverSummer155 Friday, April 27, 2012 6:10 PM
- Reply
- Quote
Wednesday, April 25, 2012 10:03 PM

0

Thank you so much for this! I'll give this a try!
- Reply
- Quote

VBscript to add AD Computer accounts into AD Security Groups via a txt file

All Replies

Products

Resources

Solutions

Updates

Trials

Related Sites

Training

Certifications

Other resources

Support by product

Other support links

Not an IT pro?