| Robidog_dup1 |
| (Lurker) |
| 2003-07-23 11:01 AM |
Add Domain group to a local Group
|
Hello
I need to complete my script to put a Global Domain Group (Domain Users) to a local Group (Power Users) which is after a new Installation not like this. Need Power User Rights on the Clients to get Burning SW on Clients Working.
I tried like this but this script is only working with Users to Local Groups and not Groups to Local Groups
shell net localgroup "Power Users" "glion\Domain Users" /add
But I dont like Shells in my script...
I Tried also this:
AddUserToGroup (@OMAIN, "Domain Users", @HOSTNAME, "Guests")
Function AddUserToGroup ($DomainString, $DomainGroupString, $LocalString, $LocalGroupString)
? "Adding $UserName to $GroupName. Please Wait..."
$GroupObj = GetObject("WinNT://" + $LocalString + "/" + $LocalGroupString)
$GroupObj.Add ("WinNT://" + $DomainString + "/" + $DomainGroupString)
$DomainObj = ""
$GroupObj = ""
EndFunction
But this is only working with Users...
What can I do?
banz@glion.ch
| Howard Bullock |
| (KiX Supporter) |
| 2003-07-23 02:10 PM |
|
Re: Add Domain group to a local Group
|
Is this you complete ADSI group.add code?
You can also look into my GrpMaint.exe if you prefer standalone utilities.
http://mywebpages.comcast.net/habullock/Perlutilities.htm
[ 23. July 2003, 14:11: Message edited by: Howard Bullock ]
| Howard Bullock |
| (KiX Supporter) |
| 2003-07-23 02:16 PM |
|
|
|
Re: Add Domain group to a local Group
|
Your function works for me.
Add error checking to your function.
Whatr is the result?
| Sealeopard |
| (KiX Master) |
| 2003-07-23 03:11 PM |
|
|
Re: Add Domain group to a local Group
|
Might be a permissions problem. You cannot just login as a "User" and then run a script that makes you a "Power User".
| **DONOTDELETE** |
| (Lurker) |
| 2003-07-23 03:12 PM |
|
Re: Add Domain group to a local Group
|
What are you gonna do about permissions? Do all your users have the rights to add domain groups to local groups? I ran into this before so I wrote a .bat file with my net localgroup command in it, converted it to a .COM file, created a generic domain account with Domain Admin rights, wrote a .KIX file to use the SU command to run the COM file as that Domain Admin account then used Kixcrypt to encrypt the .KIX file so the password wouldn't be in clear text. Does this sound like something you're interested in?
| **DONOTDELETE** |
| (Lurker) |
| 2003-07-23 03:16 PM |
Re: Add Domain group to a local Group
|
Just a note, all of the programs I mentioned about, I got here: http://home.wanadoo.nl/scripting/index-utilities.htm and here: http://home.wanadoo.nl/scripting/ A site I came across from Kixtart's site before. GREAT resource!
| Sealeopard |
| (KiX Master) |
| 2003-07-23 03:24 PM |
|
|
|
Re: Add Domain group to a local Group
|
http://home.wanadoo.nl/scripting/ is owned by MCA, one fo the KiXtart BBS Moderators.
| Robidog_dup1 |
| (Lurker) |
| 2003-07-24 09:00 AM |
Re: Add Domain group to a local Group
|
All the rights is not a problem because i run all the scripts with administratorrights under superuserdameon.
| Robidog_dup1 |
| (Lurker) |
| 2003-07-24 09:02 AM |
|
Re: Add Domain group to a local Group
|
All the rights is not a problem because i run all the scripts with administratorrights under superuserdameon.
| Howard Bullock |
| (KiX Supporter) |
| 2003-07-24 05:55 PM |
|
|
|
Re: Add Domain group to a local Group
|
What is the error code that is returned if you use the function I posted above? You may have to write it to a log file if you do not have visiblity to the script execution.
[ 24. July 2003, 17:56: Message edited by: Howard Bullock ]
| **DONOTDELETE** |
| (Lurker) |
| 2003-07-24 07:17 PM |
|
Re: Add Domain group to a local Group
|
Here's the script I use to check the local group to see if the see if the group has already been added to avoid error message if you try and add a user/group that already belongs to the local group. If the domain account/group doesn't exist, it adds it. I know this doesn't answer your question about your error, but it might help you out in other ways.
code:IF "@PRODUCTTYPE" = "Windows 2000 Professional"
SHELL "COMMAND.COM /E:1024 /C net localgroup Administrators > c:\Admins.txt"
OPEN (1,C:\ADMINS.TXT,2)
:READAGAIN
$X = READLINE (1)
IF INSTR ("$X", "Domain\Domain Admins")
GOTO END
ENDIF
IF INSTR ("$X", "The Command")
RUN I:\SCRIPTS\BIOPOWER1.EXE
GOTO END
ENDIF
GOTO READAGAIN
:END
Close (1)
Del C:\Admins.txt
ENDIF
| Howard Bullock |
| (KiX Supporter) |
| 2003-07-24 07:41 PM |
|
|
|
Re: Add Domain group to a local Group
|
Mike, this is a little cleaner.
[ 24. July 2003, 20:05: Message edited by: Howard Bullock ]
| **DONOTDELETE** |
| (Lurker) |
| 2003-07-24 07:48 PM |
|
Re: Add Domain group to a local Group
|
That's A LOT shorter, but what does it all mean? :-p Ha! Thanks!
| Sealeopard |
| (KiX Master) |
| 2003-07-24 07:51 PM |
|
|
|
Re: Add Domain group to a local Group
|
It demonstrates the use of ADSI for user/group management, Howard's specialty.
| **DONOTDELETE** |
| (Lurker) |
| 2003-07-24 07:56 PM |
Re: Add Domain group to a local Group
|
I'm starting to think my specialty is making things harder, but getting the job done!
| Howard Bullock |
| (KiX Supporter) |
| 2003-07-24 08:03 PM |
|
|
|
Re: Add Domain group to a local Group
|
I updated the the code above to be a little more robust.
MikeT, I will be happy to discuss this code if you start a new thread. I don't want to hijack this one any further.