aideb
asked on
Scripting new Active Directory groups
We are in the process of creating a new SharePoint site and I have spent a lot of time creating group structures. In future I want to be able to automate new 'sites' coming into SharePoint....
The Naming Convention for the SharePoint Sites in AD will always be the same and will always be located in the same OU (regardless of which domain).
We have a forest with 3 domains.
So for example a site has the following Domain Local Groups in our root Domain (BC.com)
DLS-B-ACL-***SITENAME***-O wners
DLS-B-ACL-***SITENAME***-C ontributor s
DLS-B-ACL-***SITENAME***-R eadOnly
Note B stands for BC domain
Then the following groups are created in the EU (EU.BC.COM) and AM (AM.BC.COM) domains, and nested to the corresponding Domain Local Security Groups in the ROOT (BC) Domain above.
GLS-E-ACL-***SITENAME***-O wners
GLS-E-ACL-***SITENAME***-C ontributor s
GLS-E-ACL-***SITENAME***-R eadOnly
Note E stands for EU domain
GLS-A-ACL-***SITENAME***-O wners
GLS-A-ACL-***SITENAME***-C ontributor s
GLS-A-ACL-***SITENAME***-R eadOnly
Note A stands for AM domain
What I want to do is run a VBS/Powershell Script that’s asks for the site name via a pop up box which is the Variable ***SiteName*** and then goes off and creates the groups in the relevant OUs in the ROOT and CHILD Domains, replacing the Variable ***SITENAME*** above with that which was entered in the pop up box.
If we can get them to add the descriptions as follows in the CHILD DOMAINS
Owners - This provides full control to the SharePoint Site ***SITENAME***
Contributors – This provides read/write access to the SharePoint Site ***SITENAME***
Read Only – This provides read only access to the SharePoint Site ***SITENAME***
If we can get them to add the descriptions as follows in the ROOT DOMAIN
Owners - This provides full control to the SharePoint Site ***SITENAME*** No Users should be added to this group, they should be added to the CHILD Domain Groups
Contributors – This provides read/write access to the SharePoint Site ***SITENAME*** No Users should be added to this group, they should be added to the CHILD Domain Groups
Read Only – This provides read only access to the SharePoint Site ***SITENAME*** No Users should be added to this group, they should be added to the CHILD Domain Groups
If we can get it to automatically add the corresponding GLS Groups to the DLS Groups that would be great!
Thanks for any help!
The Naming Convention for the SharePoint Sites in AD will always be the same and will always be located in the same OU (regardless of which domain).
We have a forest with 3 domains.
So for example a site has the following Domain Local Groups in our root Domain (BC.com)
DLS-B-ACL-***SITENAME***-O
DLS-B-ACL-***SITENAME***-C
DLS-B-ACL-***SITENAME***-R
Note B stands for BC domain
Then the following groups are created in the EU (EU.BC.COM) and AM (AM.BC.COM) domains, and nested to the corresponding Domain Local Security Groups in the ROOT (BC) Domain above.
GLS-E-ACL-***SITENAME***-O
GLS-E-ACL-***SITENAME***-C
GLS-E-ACL-***SITENAME***-R
Note E stands for EU domain
GLS-A-ACL-***SITENAME***-O
GLS-A-ACL-***SITENAME***-C
GLS-A-ACL-***SITENAME***-R
Note A stands for AM domain
What I want to do is run a VBS/Powershell Script that’s asks for the site name via a pop up box which is the Variable ***SiteName*** and then goes off and creates the groups in the relevant OUs in the ROOT and CHILD Domains, replacing the Variable ***SITENAME*** above with that which was entered in the pop up box.
If we can get them to add the descriptions as follows in the CHILD DOMAINS
Owners - This provides full control to the SharePoint Site ***SITENAME***
Contributors – This provides read/write access to the SharePoint Site ***SITENAME***
Read Only – This provides read only access to the SharePoint Site ***SITENAME***
If we can get them to add the descriptions as follows in the ROOT DOMAIN
Owners - This provides full control to the SharePoint Site ***SITENAME*** No Users should be added to this group, they should be added to the CHILD Domain Groups
Contributors – This provides read/write access to the SharePoint Site ***SITENAME*** No Users should be added to this group, they should be added to the CHILD Domain Groups
Read Only – This provides read only access to the SharePoint Site ***SITENAME*** No Users should be added to this group, they should be added to the CHILD Domain Groups
If we can get it to automatically add the corresponding GLS Groups to the DLS Groups that would be great!
Thanks for any help!
SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
ASKER CERTIFIED SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
ASKER