Solved

script to migrate novell groups to ad groups

Posted on 2011-03-07
2
541 Views
Last Modified: 2012-05-11
Can anybody provide a way of getting netware 6.5 groups out of netware and creating the same named groups in AD? powershell? VBS? Perl? either would be good.

Neil.
0
Comment
Question by:Neil Russell
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
2 Comments
 
LVL 19

Accepted Solution

by:
deroode earned 500 total points
ID: 35056621
There are a coupe of possibilities:

You can use Microsoft services for Netware to sync eDirectory groups to Active Directory groups, but it is mainly targetted at Server 2003:

http://www.microsoft.com/downloads/en/details.aspx?FamilyID=a819838d-acb2-4794-87eb-82a6a3af4be8

What i did on our Server 2008 domain is the following:

- Create a list of groups using the Nlist utility (it's on your Netware server in the SYS:Public directory)

NLIST group show member /r /s /c > C:\temp\groups.txt

It will give you a file in the form:

NAME: ap-group-acrobat
    Member: johnb
    Member: malolmx
    Member: sarahw
NAME: ap-group-ie7
    Member: joshp
    Member: malolmx
    Member: sarahw


- Then created a script with Autoitscript (http://www.autoitscript.com/site/)
- This script creates groups in OU=GROUPTEST,DC=EUR,DC=LOCAL Change as appropriate

Basically what it does is read the Nlist output, for every group after Name: create a group with that name:
'DSADD GROUP "CN='& $group & ',OU=GROUPTEST,DC=EUR,DC=LOCAL

then add the members to that group
DSquery user domainroot -name '& $line & ' | dsmod group "CN=' & $group & ',OU=GROUPTEST,DC=EUR,DC=LOCAL" -addmbr'

I guess it's quite easy to rewrite that in any other language...or even do it in Excel...

 

 
#Region ;**** Directives created by AutoIt3Wrapper_GUI ****
#AutoIt3Wrapper_icon=C:\temp\ict.ico
#EndRegion ;**** Directives created by AutoIt3Wrapper_GUI ****
$groupfilename = FileOpenDialog("select groups file", "C:\temp\", "any (*.txt)", 1)
$groupfile = FileOpen($groupfilename, 0)

Dim $group, $member

; Check if file opened for reading OK
If $groupfile = -1 Then
    MsgBox(0, "Error", "Unable to open groupfile.")
    Exit
EndIf

$fileout = FileOpen (EnvGet("TEMP")&"\adgroups.cmd" ,2)

; Check if file opened for writing OK
If $fileout = -1 Then
    MsgBox(0, "Error", "Unable to open file.")
    Exit
EndIf
			

; Read in lines of text until the EOF is reached
	
do 
	$line = FileReadLine($groupfile)
Until StringLeft ( $line, 5)="Name:"
MsgBox (0,"",$line)
$group= StringRight ($line,StringLen($line)-6)
MsgBox (0,"",$group)
Do
	FileWriteLine ($fileout, 'DSADD GROUP "CN='& $group & ',OU=GROUPTEST,DC=EUR,DC=LOCAL"')
	Do
		$line = FileReadLine($groupfile)
				;MsgBox(0,"readline",$line)
		$eof = @error
		if $eof <> -1 Then
			if StringInStr($line, "Member:") > 0 Then
				; remove "member"
				;MsgBox(0,"whole line",$line)
				$line=StringRight($line,Stringlen($line)-StringInStr($line,":")-1)
				;MsgBox(0,"without member",$line)
				; get username without trailing dots
				
				$firstdot=StringInStr($line,".")-1
				;MsgBox (0,"firstdot",$firstdot)
				if $firstdot=-1 then 
					$firstdot=Stringlen($line)
				EndIf
				;MsgBox(0,"whole line",$line)
				$line=StringLeft($line,$firstdot)
				;MsgBox(0,"removed dots",$line)
				FileWriteLine ($fileout, 'DSquery user domainroot -name '& $line & ' | dsmod group "CN=' & $group & ',OU=GROUPTEST,DC=EUR,DC=LOCAL" -addmbr')
			Else
				if StringLeft ( $line, 5)="Name:" Then
					$group= StringRight ($line,StringLen($line)-6)
				Else
					do 
						$line = FileReadLine($groupfile)
						$eof = @error
					Until StringLeft ( $line, 5)="Name:" or $eof = -1
					if StringLeft ( $line, 5)="Name:" Then
						$group= StringRight ($line,StringLen($line)-6)
					EndIf
				
				EndIf
				FileWriteLine ($fileout, 'DSADD GROUP "CN='& $group & ',OU=GROUPTEST,DC=EUR,DC=LOCAL"')
			EndIf
		EndIf
	until $eof = -1
until $eof = -1



FileClose($groupfile)

FileClose($fileout)

Run("Notepad.exe " & EnvGet("TEMP")&"\adgroups.cmd")

Open in new window

0
 
LVL 37

Author Closing Comment

by:Neil Russell
ID: 35057760
Excellant! Looks like just the job. Thanks for that. And a new tool I hadnt come across.
0

Featured Post

Edgartown IT Case Study

Learn about Edgartown's quest to ensure the safety and security of the entire town's employee and citizen data. Read the case study!

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

This article shows the method of using the Resultant Set of Policy Tool to locate Group Policy that applies a particular setting.
A company’s centralized system that manages user data, security, and distributed resources is often a focus of criminal attention. Active Directory (AD) is no exception. In truth, it’s even more likely to be targeted due to the number of companies …
This tutorial will give a short introduction and overview of Backup Exec 2012 and how to navigate and perform basic functions. Click on the Backup Exec button in the upper left corner. From here, are global settings for the application such as conne…
This tutorial will walk an individual through the process of configuring their Windows Server 2012 domain controller to synchronize its time with a trusted, external resource. Use Google, Bing, or other preferred search engine to locate trusted NTP …

734 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question