|
|
|||||||
Hello I need to complete my script to put a Global Domain Group (Domain Users) to a local Group (Power Users) which is after a new Installation not like this. Need Power User Rights on the Clients to get Burning SW on Clients Working. I tried like this but this script is only working with Users to Local Groups and not Groups to Local Groups shell net localgroup "Power Users" "glion\Domain Users" /add But I dont like Shells in my script... I Tried also this: AddUserToGroup (@OMAIN, "Domain Users", @HOSTNAME, "Guests") Function AddUserToGroup ($DomainString, $DomainGroupString, $LocalString, $LocalGroupString) ? "Adding $UserName to $GroupName. Please Wait..." $GroupObj = GetObject("WinNT://" + $LocalString + "/" + $LocalGroupString) $GroupObj.Add ("WinNT://" + $DomainString + "/" + $DomainGroupString) $DomainObj = "" $GroupObj = "" EndFunction But this is only working with Users... What can I do? banz@glion.ch |
||||||||
|
|
|||||||
Is this you complete ADSI group.add code? You can also look into my GrpMaint.exe if you prefer standalone utilities. http://mywebpages.comcast.net/habullock/Perlutilities.htm [ 23. July 2003, 14:11: Message edited by: Howard Bullock ] |
||||||||
|
|
|||||||
Your function works for me. Add error checking to your function. Whatr is the result? |
||||||||
|
|
|||||||
Might be a permissions problem. You cannot just login as a "User" and then run a script that makes you a "Power User". |
||||||||
|
|
|||||||
What are you gonna do about permissions? Do all your users have the rights to add domain groups to local groups? I ran into this before so I wrote a .bat file with my net localgroup command in it, converted it to a .COM file, created a generic domain account with Domain Admin rights, wrote a .KIX file to use the SU command to run the COM file as that Domain Admin account then used Kixcrypt to encrypt the .KIX file so the password wouldn't be in clear text. Does this sound like something you're interested in? |
||||||||
|
|
|||||||
Just a note, all of the programs I mentioned about, I got here: http://home.wanadoo.nl/scripting/index-utilities.htm and here: http://home.wanadoo.nl/scripting/ A site I came across from Kixtart's site before. GREAT resource! |
||||||||
|
|
|||||||
http://home.wanadoo.nl/scripting/ is owned by MCA, one fo the KiXtart BBS Moderators. |
||||||||
|
|
|||||||
All the rights is not a problem because i run all the scripts with administratorrights under superuserdameon. |
||||||||
|
|
|||||||
All the rights is not a problem because i run all the scripts with administratorrights under superuserdameon. |
||||||||
|
|
|||||||
What is the error code that is returned if you use the function I posted above? You may have to write it to a log file if you do not have visiblity to the script execution. [ 24. July 2003, 17:56: Message edited by: Howard Bullock ] |
||||||||
|
|
|||||||
Here's the script I use to check the local group to see if the see if the group has already been added to avoid error message if you try and add a user/group that already belongs to the local group. If the domain account/group doesn't exist, it adds it. I know this doesn't answer your question about your error, but it might help you out in other ways. code:IF "@PRODUCTTYPE" = "Windows 2000 Professional" |
||||||||
|
|
|||||||
Mike, this is a little cleaner. [ 24. July 2003, 20:05: Message edited by: Howard Bullock ] |
||||||||
|
|
|||||||
That's A LOT shorter, but what does it all mean? :-p Ha! Thanks! |
||||||||
|
|
|||||||
It demonstrates the use of ADSI for user/group management, Howard's specialty. |
||||||||
|
|
|||||||
I'm starting to think my specialty is making things harder, but getting the job done! |
||||||||
|
|
|||||||
I updated the the code above to be a little more robust. MikeT, I will be happy to discuss this code if you start a new thread. I don't want to hijack this one any further. |