Link to home
Start Free TrialLog in
Avatar of ShuttleDIK
ShuttleDIK

asked on

VB or Batch script to add Domain Users to local Power Users group

Hi,

I've tried searching for an answer on this and found some useful material, but nothing that addresses my problem exactly.  I was hoping someone could direct me further.

I would like to run a script that goes accross the network and adds "Domain Users" to the local "Power Users" group on selected PCs.  I don't need a true loop function, though that wouldn't hurt.  I don't have a problem hard coding the computer names.

i guess my main questions are syntax and whether VBS or straight batch.

Thanks so much for your help.

-Dik
Avatar of Krys_K
Krys_K
Flag of United Kingdom of Great Britain and Northern Ireland image
Hi there
I've written a VBScript that should do what you want.
It takes a list of computers from a file (1 per line) and uses that to go to the computer and add the AD group to the Local computers group (I've specified the names of the groups but check them)
Things to note:
  • Specify the filename and path
  • Specify the Group Names
  • Specify the Domain Name
  • Computer names 1 per line in the file
Copy the whole script to notepad and save as a .vbs
Open a command prompt and run the script like
 cscript.exe scriptname.vbs
 
Hope it's what you are looking for :-)
Regards
Krystian

Option Explicit
 
 
' Start the script
	Call GetComputerList
 
 
' Tell us when its complete
		WScript.Echo "Complete!"
 
	
Sub GetComputerList()
' Version 1.0
' Written by Krystian Karia
' Dated 21-Apr-2009
 
' Gets a list of computers from a file
' specified  and creates  an array  to 
' then loop each one and call  the sub
' passing the ComputerName, DomainName
' and both Group Names specified below
 
' Declare variables and constants
 	Dim fso, oFile
	Dim arrComputers
	Dim sDomain
	Dim sGlobalGrp, sLocalGrp
	Dim strResults
	Dim i
	
	Const ForReading = 1
	Const sFileLocation = "C:\ComputerList.txt" ' <_______Change to suit
 
 
' CHANGE THESE TO SUIT
' **********************************************************************
' Global and Local Group Name
		sGlobalGrp = "Domain Users"
		sLocalGrp = "Power Users"
		
' NetBIOS Name of Domain
		sDomain = "MyDomainName"		' i.e. MyDomain.Com = MyDomain
' **********************************************************************
 
 
' Create Objects and open file for reading
	Set fso = CreateObject("Scripting.FileSystemObject")
 
' Open File for reading
	Set oFile = fso.OpenTextFile(sFileLocation, ForReading, False)
	
		If Err.Number <> 0 Then
			WScript.Echo "Error reading File " & sfileLocation
			WScript.Quit
		End If
	
' Read the whole contents of the File
	Do While oFile.AtEndOfStream <> True
		strResults = oFile.ReadAll
	Loop
	
' Close the file and release the object from memory
	oFile.Close
	Set oFile = Nothing
 
' Create an array of compuiters from the file
	arrComputers - Split(strResults, vbNewLine)
		strResults = ""
	
' Loop Computers
	For i = 0 To Ubound(arrComputers)
		If arrComputers(i) = "" Then
			Exit For	' Catches end of file blank line if present
		End If
	
		' Call the Procedure passing each of the above aprameters
		Call ADGrpToLocalGrp(arrComputers(i), sGlobalGrp, sLocalGrp, sDomain)
 
	Next ' i
 
End Sub ' GetComputerList
 
 
Sub ADGrpToLocalGrp(strComputer, strGlobalGrp, strLocalGrp, strDomain)
' Version 1.0
' Written by Krystian Karia
' Dated 21-Apr-2009
 
' Script to take some  parameters and add the AD global
' group to a  local group of  the specified machine. It 
' checks if the groups exists first so as not to do any
' uneccessary work.
 
 
' Catch errors ourselves
	On Error Resume Next
	
' Declare variables
	Dim fso, objGroup, objGrpMember, objGlobalGrp
	Dim bolGrpExists
 
' Create Objects
	Set fso = CreateObject("Scripting.FileSystemObject")
 
' Bind to Local Group
	Set objGroup = GetObject("WinNT://" & strComputer & "/" & strLocalGrp & ",group")
 
' Check no error occurs
	If Err.Number = 0 Then
		bolGrpExists = False
 
' Check if global group exists in the local group
	    For Each objGrpMember in objGroup.Members
 
	        If Instr(Ucase(objGrpMember.Name), Ucase(strGlobalGrp)) > 0 Then
				bolGrpExists = True
					WScript.Echo "Group already exists on " & strComputer
				Exit For
			End If
		Next ' objGrpMember
 
' Add the global group if it doesn't already exist
			If bolGrpExists = False Then
 
				Set objGlobalGrp = GetObject("WinNT://" & strDomain & "/" & strGlobalGrp & ",group")
					objGroup.Add(objGlobalGrp.ADsPath)
					
					If Err.Number <> 0 Then
						WScript.Echo "There was a problem addin the AD group: '" & _
							strGlobalGrp & "' to the local group: " & strLocalGrp
						Exit Sub
					End If 
			End If 
	
	Else ' Err
 
		WScript.Echo "There was a problem binding to the local group: " & strLocalGrp
	End If ' Err
 
	If Err.Number = 0 And bolGrpExists = False Then 
		WScript.Echo "Successfully added the Global Group: '" & _
			strGlobalGrp & "' to the local group: " & strLocalGrp
	End If 
	
End Sub

Open in new window

Avatar of Krys_K
Krys_K
Flag of United Kingdom of Great Britain and Northern Ireland image
It should be obvious but just to be clear, you need to change/amend the items on line 32, 38, 39, and 42
Krystian
Avatar of ShuttleDIK
ShuttleDIK

ASKER

Wow!  That's awesome.  Thank you so much for such a complete addressing of my request.

I'll test it out tomorrow morning and let you know if I run into any trouble.  It doesn't look like I will, though.

i was thinking about running a script to reverse the assignments, but with the problem I'm addressing, it looks like manual reversal of the change on a 'per case' basis is actually the way to go.

Thanks again for your thorough assistance!
Avatar of ShuttleDIK
ShuttleDIK

ASKER

I was able to test the script today and I immediately ran into an error:

"(52, 2)  Microsoft VBScript runtime error: ActiveX component can't create object: 'Scripting.FileSystemObject'"

Any ideas?
Avatar of ShuttleDIK
ShuttleDIK

ASKER

Ok, I researched that error some and for the most part it seems to show that Scripting isn't fully or properly installed on the machine(s) on which I was running the script.

I have tried it on a third machine and am not getting that error - HOWEVER (isn't there always one of these??)  I'm now getting :
    ChgLGrp.vbs(68, 2) Microsoft VBScript runtime error: Type mismatch

The section of script pertaining to the error is in the snippet.  It seems as though the engine has a problem with the ("") designation.
' Create an array of compuiters from the file
	arrComputers - Split(strResults, vbNewLine)
		strResults = ""

Open in new window

ASKER CERTIFIED SOLUTION
Avatar of Krys_K
Krys_K
Flag of United Kingdom of Great Britain and Northern Ireland image
Link to home
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
Start Free Trial
Avatar of ShuttleDIK
ShuttleDIK

ASKER

That makes sense  ;]

And since I'm not getting the Object error on this workstation, let's wait on that error.  I don't need to go around installing scripting updates if I have a machine that will run it...   ;]

Thanks again!!
Avatar of ShuttleDIK
ShuttleDIK

ASKER

Great!  Just ran the script successfully.

I added the computer name to the confirmation Echo, too.

Thanks for the awesome assistance!
Avatar of ShuttleDIK
ShuttleDIK

ASKER

I've been known to 'Fat Finger' code from time to time, too  ;]

Thanks for the assistance, Krystian.