VBScript: How do I assign a group to another group in Win2K?
L.S.,
I'm working on an automated procedure to implement a security model on a server, like doing user to group assignments, user creation, file system rights, things like that.
There's one thing I can't get done: assigning groups to other groups. I keep getting error 'A new member could not be added to a local group because the member has the wrong account type.'
Here's the code I use:
Sub doAddGroupsToGroup(strDoma
Dim objDomain
Dim objParentGroup
Dim objNestedGroup
Set objDomain = GetObject("WinNT://" & strDomain)
Set objParentGroup = GetObject("WinNT://" & strDomain & "/" & strParentGroup & ",group")
Set objNestedGroup = GetObject("WinNT://" & strDomain & "/" & strNestedGroup & ",group")
doLog 4, "Adding group '" & objNestedGroup.Name & "' to group '" & objParentGroup.Name & "'..."
objParentGroup.Add(objNest
' most-common error trapping
If (Hex(Err.Number) = 80070562) Then ' user already resides in that group
doLog 4, "Group '" & objNestedGroup.Name & "' already resides in group '" & objParentGroup.Name & "'."
Else
doLog 0, "Group '" & objNestedGroup.Name & "' was added to group '" & objParentGroup.Name & "' successfully."
End If
Set objGroup = Nothing
Set objDomain = Nothing
End Sub
Notes:
- the doLog subroutine is a routine that basically does nothing but echo to the console log and log the same thing to a log file.
- I know the error handling is NOT what it should be right now, I'll get to that later...
Thanks for any help! Regards,
Steven Dijkman.
I'm working on an automated procedure to implement a security model on a server, like doing user to group assignments, user creation, file system rights, things like that.
There's one thing I can't get done: assigning groups to other groups. I keep getting error 'A new member could not be added to a local group because the member has the wrong account type.'
Here's the code I use:
Sub doAddGroupsToGroup(strDoma
Dim objDomain
Dim objParentGroup
Dim objNestedGroup
Set objDomain = GetObject("WinNT://" & strDomain)
Set objParentGroup = GetObject("WinNT://" & strDomain & "/" & strParentGroup & ",group")
Set objNestedGroup = GetObject("WinNT://" & strDomain & "/" & strNestedGroup & ",group")
doLog 4, "Adding group '" & objNestedGroup.Name & "' to group '" & objParentGroup.Name & "'..."
objParentGroup.Add(objNest
' most-common error trapping
If (Hex(Err.Number) = 80070562) Then ' user already resides in that group
doLog 4, "Group '" & objNestedGroup.Name & "' already resides in group '" & objParentGroup.Name & "'."
Else
doLog 0, "Group '" & objNestedGroup.Name & "' was added to group '" & objParentGroup.Name & "' successfully."
End If
Set objGroup = Nothing
Set objDomain = Nothing
End Sub
Notes:
- the doLog subroutine is a routine that basically does nothing but echo to the console log and log the same thing to a log file.
- I know the error handling is NOT what it should be right now, I'll get to that later...
Thanks for any help! Regards,
Steven Dijkman.
ASKER CERTIFIED SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
Cheers
Julian