Solved

VBSCRIPT help - Active Directory

Posted on 2010-11-23
8
432 Views
Last Modified: 2012-08-14
I wrote a VBscript that will create security groups for me in AD.
If the group exists, i get a VB error 'the object exists'.
Is there a way to check if that group already exists, display a 'friendlier' message then quit the script before trying to create it.
Thanks
Set objGroup1 = objOU1.Create("Group", "cn=wachs-sw " & site & " "  & strLine & " (M)")
	objGroup1.Put "sAMAccountName", "wachs-sw " & site & " " &  strLine & " (M)"
	objGroup1.Put "groupType", ADS_GROUP_TYPE_GLOBAL_GROUP Or _
	ADS_GROUP_TYPE_SECURITY_ENABLED
	objGroup1.Put "Description", "SC: " & ServiceCall
	objGroup1.SetInfo
	

Open in new window

0
Comment
Question by:jalamdar
  • 3
  • 2
  • 2
  • +1
8 Comments
 
LVL 3

Expert Comment

by:msimn
ID: 34202840
Try adding the following lines before your create scripts.

Set objOU = GetObject("LDAP://ou=hr, dc=fabrikam,dc=com")
If objOU is Nothing Then
     MsgBox("This group is already there!")
     WScript.Quit
End If

Set objGroup1 = objOU1.Create("Group", "cn=wachs-sw " & site & " "  & strLine & " (M)")
	objGroup1.Put "sAMAccountName", "wachs-sw " & site & " " &  strLine & " (M)"
	objGroup1.Put "groupType", ADS_GROUP_TYPE_GLOBAL_GROUP Or _
	ADS_GROUP_TYPE_SECURITY_ENABLED
	objGroup1.Put "Description", "SC: " & ServiceCall
	objGroup1.SetInfo

Open in new window

0
 
LVL 3

Expert Comment

by:msimn
ID: 34202842
** Do not forgot to change the "ou=hr" and "dc=fabrikam,dc=com"
0
 

Author Comment

by:jalamdar
ID: 34203252
how is this checking if the GROUP exits!
If i read that properly, you are checking if the OU is not valid...but the OU is there, it is actually where the group is to be created.
What i need to find out inside that OU if the group i am trying to create already exists i.e. was created earlier.
0
 
LVL 12

Expert Comment

by:Daz_1234
ID: 34204124
Hi,

The following should do the check you want.

Hope this helps,
Daz.


Set objGroup1 = objOU1.Create("Group", "cn=wachs-sw " & site & " "  & strLine & " (M)")
    objGroup1.Put "sAMAccountName", "wachs-sw " & site & " " &  strLine & " (M)"
    objGroup1.Put "groupType", ADS_GROUP_TYPE_GLOBAL_GROUP Or _
    ADS_GROUP_TYPE_SECURITY_ENABLED
    objGroup1.Put "Description", "SC: " & ServiceCall
    On Error Resume Next
    objGroup1.SetInfo
    If Err.Number = &h80071392 Then
        MsgBox "Group " & sName & " already exists", vbExclamation + vbSystemModal, "ERROR"
    ElseIf Err.Number <> 0 Then
        MsgBox "Error creating group " & sName & " - Error: " & Err.Number & " - " & Err.Description, vbExclamation + vbSystemModal, "ERROR"
    End If
    On Error Goto 0

Open in new window

0
Is Your Active Directory as Secure as You Think?

More than 75% of all records are compromised because of the loss or theft of a privileged credential. Experts have been exploring Active Directory infrastructure to identify key threats and establish best practices for keeping data safe. Attend this month’s webinar to learn more.

 
LVL 12

Expert Comment

by:Daz_1234
ID: 34204314
Sorry: because I copied / pasted from a working script of mine, I forgot to change the lines.

2nd try below.

Daz.
strGroup = "wachs-sw " & site & " "  & strLine & " (M)"

    Set objGroup1 = objOU1.Create("Group", "cn=" & strGroup)

    objGroup1.Put "sAMAccountName", strGroup

    objGroup1.Put "groupType", ADS_GROUP_TYPE_GLOBAL_GROUP Or _

    ADS_GROUP_TYPE_SECURITY_ENABLED

    objGroup1.Put "Description", "SC: " & ServiceCall

    On Error Resume Next

    objGroup1.SetInfo

    If Err.Number = &h80071392 Then

        MsgBox "Group " & strGroup & " already exists", vbExclamation + vbSystemModal, "ERROR"

    ElseIf Err.Number <> 0 Then

        MsgBox "Error creating group " & strGroup & " - Error: " & Err.Number & " - " & Err.Description, vbExclamation + vbSystemModal, "ERROR"

    End If

    On Error Goto 0

Open in new window

0
 

Author Comment

by:jalamdar
ID: 34210056
Thank You so much Daz...exactly what i needed :)
0
 
LVL 3

Accepted Solution

by:
chillbill01 earned 500 total points
ID: 34218637
Just add if you didn't want to simply check the error but query add to see if it existed and place this as a function you could use:

wscript.echo FindGroup("Domain Users")


Function FindGroup(strGroupname)
   
    dim objrootdse, strdnsdomain, adoconnection, adocommand, strquery
      dim adorecordset, strmember, strbase, strfilter, strattributes
      dim arrProxy, objUser, strMailAddress

      ' determine dns domain name from rootdse object.
      set objrootdse = getobject("LDAP://RootDSE")
      strdnsdomain = objrootdse.get("defaultnamingcontext")
      
      ' use ado to search active directory for all computers.
      set adocommand = createobject("adodb.command")
      set adoconnection = createobject("adodb.connection")
      
      adoconnection.provider = "adsdsoobject"
      adoconnection.open "active directory provider"
      adocommand.activeconnection = adoconnection
      
      ' search entire domain.
      strbase = "<LDAP://" & strdnsdomain & ">"
      
      strfilter = "(&(objectclass=group)(name=" & strGroupname & "))"
      
      ' comma delimited list of attribute values to retrieve.
      strattributes = "displayname,distinguishedName"
      
      ' construct the ldap syntax query.
      strquery = strbase & ";" & strfilter & ";" & strattributes & ";subtree"
   
    adocommand.commandtext = strquery
      adocommand.properties("page size") = 1000
      adocommand.properties("timeout") = 30
      adocommand.properties("cache results") = false
      
      set adorecordset = adocommand.execute

      if adorecordset.recordcount <= 0 then
        FindGroup = "Group does not exist"
    else
        FindGroup = "Group does exist"
    end if

end function
0
 
LVL 12

Expert Comment

by:Daz_1234
ID: 34237590
Thank You so much Daz...exactly what i needed :)

... I guess not so much exactly what you needed ;o)

Daz
0

Featured Post

Is Your Active Directory as Secure as You Think?

More than 75% of all records are compromised because of the loss or theft of a privileged credential. Experts have been exploring Active Directory infrastructure to identify key threats and establish best practices for keeping data safe. Attend this month’s webinar to learn more.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Recently I finished a vbscript that I thought I'd share.  It uses a text file with a list of server names to loop through and get various status reports, then writes them all into an Excel file.  Originally it was put together for our Altiris server…
If you need to start windows update installation remotely or as a scheduled task you will find this very helpful.
This video shows how to remove a single email address from the Outlook 2010 Auto Suggestion memory. NOTE: For Outlook 2016 and 2013 perform the exact same steps. Open a new email: Click the New email button in Outlook. Start typing the address: …
This is a video describing the growing solar energy use in Utah. This is a topic that greatly interests me and so I decided to produce a video about it.

914 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

18 Experts available now in Live!

Get 1:1 Help Now