Solved

VBSCRIPT help - Active Directory

Posted on 2010-11-23
8
427 Views
Last Modified: 2012-08-14
I wrote a VBscript that will create security groups for me in AD.
If the group exists, i get a VB error 'the object exists'.
Is there a way to check if that group already exists, display a 'friendlier' message then quit the script before trying to create it.
Thanks
Set objGroup1 = objOU1.Create("Group", "cn=wachs-sw " & site & " "  & strLine & " (M)")
	objGroup1.Put "sAMAccountName", "wachs-sw " & site & " " &  strLine & " (M)"
	objGroup1.Put "groupType", ADS_GROUP_TYPE_GLOBAL_GROUP Or _
	ADS_GROUP_TYPE_SECURITY_ENABLED
	objGroup1.Put "Description", "SC: " & ServiceCall
	objGroup1.SetInfo
	

Open in new window

0
Comment
Question by:jalamdar
  • 3
  • 2
  • 2
  • +1
8 Comments
 
LVL 3

Expert Comment

by:msimn
ID: 34202840
Try adding the following lines before your create scripts.

Set objOU = GetObject("LDAP://ou=hr, dc=fabrikam,dc=com")
If objOU is Nothing Then
     MsgBox("This group is already there!")
     WScript.Quit
End If

Set objGroup1 = objOU1.Create("Group", "cn=wachs-sw " & site & " "  & strLine & " (M)")
	objGroup1.Put "sAMAccountName", "wachs-sw " & site & " " &  strLine & " (M)"
	objGroup1.Put "groupType", ADS_GROUP_TYPE_GLOBAL_GROUP Or _
	ADS_GROUP_TYPE_SECURITY_ENABLED
	objGroup1.Put "Description", "SC: " & ServiceCall
	objGroup1.SetInfo

Open in new window

0
 
LVL 3

Expert Comment

by:msimn
ID: 34202842
** Do not forgot to change the "ou=hr" and "dc=fabrikam,dc=com"
0
 

Author Comment

by:jalamdar
ID: 34203252
how is this checking if the GROUP exits!
If i read that properly, you are checking if the OU is not valid...but the OU is there, it is actually where the group is to be created.
What i need to find out inside that OU if the group i am trying to create already exists i.e. was created earlier.
0
 
LVL 12

Expert Comment

by:Daz_1234
ID: 34204124
Hi,

The following should do the check you want.

Hope this helps,
Daz.


Set objGroup1 = objOU1.Create("Group", "cn=wachs-sw " & site & " "  & strLine & " (M)")
    objGroup1.Put "sAMAccountName", "wachs-sw " & site & " " &  strLine & " (M)"
    objGroup1.Put "groupType", ADS_GROUP_TYPE_GLOBAL_GROUP Or _
    ADS_GROUP_TYPE_SECURITY_ENABLED
    objGroup1.Put "Description", "SC: " & ServiceCall
    On Error Resume Next
    objGroup1.SetInfo
    If Err.Number = &h80071392 Then
        MsgBox "Group " & sName & " already exists", vbExclamation + vbSystemModal, "ERROR"
    ElseIf Err.Number <> 0 Then
        MsgBox "Error creating group " & sName & " - Error: " & Err.Number & " - " & Err.Description, vbExclamation + vbSystemModal, "ERROR"
    End If
    On Error Goto 0

Open in new window

0
Find Ransomware Secrets With All-Source Analysis

Ransomware has become a major concern for organizations; its prevalence has grown due to past successes achieved by threat actors. While each ransomware variant is different, we’ve seen some common tactics and trends used among the authors of the malware.

 
LVL 12

Expert Comment

by:Daz_1234
ID: 34204314
Sorry: because I copied / pasted from a working script of mine, I forgot to change the lines.

2nd try below.

Daz.
strGroup = "wachs-sw " & site & " "  & strLine & " (M)"

    Set objGroup1 = objOU1.Create("Group", "cn=" & strGroup)

    objGroup1.Put "sAMAccountName", strGroup

    objGroup1.Put "groupType", ADS_GROUP_TYPE_GLOBAL_GROUP Or _

    ADS_GROUP_TYPE_SECURITY_ENABLED

    objGroup1.Put "Description", "SC: " & ServiceCall

    On Error Resume Next

    objGroup1.SetInfo

    If Err.Number = &h80071392 Then

        MsgBox "Group " & strGroup & " already exists", vbExclamation + vbSystemModal, "ERROR"

    ElseIf Err.Number <> 0 Then

        MsgBox "Error creating group " & strGroup & " - Error: " & Err.Number & " - " & Err.Description, vbExclamation + vbSystemModal, "ERROR"

    End If

    On Error Goto 0

Open in new window

0
 

Author Comment

by:jalamdar
ID: 34210056
Thank You so much Daz...exactly what i needed :)
0
 
LVL 3

Accepted Solution

by:
chillbill01 earned 500 total points
ID: 34218637
Just add if you didn't want to simply check the error but query add to see if it existed and place this as a function you could use:

wscript.echo FindGroup("Domain Users")


Function FindGroup(strGroupname)
   
    dim objrootdse, strdnsdomain, adoconnection, adocommand, strquery
      dim adorecordset, strmember, strbase, strfilter, strattributes
      dim arrProxy, objUser, strMailAddress

      ' determine dns domain name from rootdse object.
      set objrootdse = getobject("LDAP://RootDSE")
      strdnsdomain = objrootdse.get("defaultnamingcontext")
      
      ' use ado to search active directory for all computers.
      set adocommand = createobject("adodb.command")
      set adoconnection = createobject("adodb.connection")
      
      adoconnection.provider = "adsdsoobject"
      adoconnection.open "active directory provider"
      adocommand.activeconnection = adoconnection
      
      ' search entire domain.
      strbase = "<LDAP://" & strdnsdomain & ">"
      
      strfilter = "(&(objectclass=group)(name=" & strGroupname & "))"
      
      ' comma delimited list of attribute values to retrieve.
      strattributes = "displayname,distinguishedName"
      
      ' construct the ldap syntax query.
      strquery = strbase & ";" & strfilter & ";" & strattributes & ";subtree"
   
    adocommand.commandtext = strquery
      adocommand.properties("page size") = 1000
      adocommand.properties("timeout") = 30
      adocommand.properties("cache results") = false
      
      set adorecordset = adocommand.execute

      if adorecordset.recordcount <= 0 then
        FindGroup = "Group does not exist"
    else
        FindGroup = "Group does exist"
    end if

end function
0
 
LVL 12

Expert Comment

by:Daz_1234
ID: 34237590
Thank You so much Daz...exactly what i needed :)

... I guess not so much exactly what you needed ;o)

Daz
0

Featured Post

Why You Should Analyze Threat Actor TTPs

After years of analyzing threat actor behavior, it’s become clear that at any given time there are specific tactics, techniques, and procedures (TTPs) that are particularly prevalent. By analyzing and understanding these TTPs, you can dramatically enhance your security program.

Join & Write a Comment

This script will sweep a range of IP addresses (class c only, 255.255.255.0) and report to a log the version of office installed. What it does: 1.)      Creates log file in the directory the script is run from (if it doesn't already exist) 2.)      Sweep…
Not long ago I saw a question in the VB Script forum that I thought would not take much time. You can read that question (Question ID  (http://www.experts-exchange.com/Programming/Languages/Visual_Basic/VB_Script/Q_28455246.html)28455246) Here (http…
Sending a Secure fax is easy with eFax Corporate (http://www.enterprise.efax.com). First, Just open a new email message.  In the To field, type your recipient's fax number @efaxsend.com. You can even send a secure international fax — just include t…
Illustrator's Shape Builder tool will let you combine shapes visually and interactively. This video shows the Mac version, but the tool works the same way in Windows. To follow along with this video, you can draw your own shapes or download the file…

705 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

18 Experts available now in Live!

Get 1:1 Help Now