In order to support a large number of Macintosh clients, I need to change the Primary Group of most of my Active Directory users from Domain Users to one of three different user groups.
This is easily done on a per user basis, but I am looking to make changes to thousands of users at a time.
Does anyone have any experience with this and/or able to recommend a 3rd party app to get it done?
Running Win2k3 Server
Thanks in advance for any insight.
I think you can use a portion of this script for your needs
bio...Code:Set objRootLDAP = GetObject("LDAP://rootDSE") strOUPath = "OU=Kiosk Users,OU=Sites," & objRootLDAP.Get("defaultNamingContext") strNewPrimaryGroup = "CN=Kiosk_Users,OU=Kiosk Users,OU=Sites," & objRootLDAP.Get("defaultNamingContext") strOldPrimaryGroup = "CN=Domain Users,CN=Users," & objRootLDAP.Get("defaultNamingContext") Const ADS_SCOPE_SUBTREE = 2 Set objConnection = CreateObject("ADODB.Connection") Set objCommand = CreateObject("ADODB.Command") objConnection.Provider = "ADsDSOObject" objConnection.Open "Active Directory Provider" Set objCommand.ActiveConnection = objConnection objCommand.Properties("Page Size") = 1000 objCommand.Properties("Searchscope") = ADS_SCOPE_SUBTREE objCommand.CommandText = _ "SELECT AdsPath FROM 'LDAP://" & strOUPath & "' WHERE objectClass='person' AND objectCategory='user'" Set objRecordSet = objCommand.Execute While Not objRecordSet.EOF Set objUser = GetObject(objRecordSet.Fields("adsPath").Value) ' Bind to the new primary group and add the user as a member, then set it as the primary group Set objNewPrimaryGroup = GetObject("LDAP://" & strNewPrimaryGroup) objNewPrimaryGroup.Add(objUser.ADsPath) objNewPrimaryGroup.GetInfoEx Array("primaryGroupToken"), 0 objUser.primaryGroupID = objNewPrimaryGroup.primaryGroupToken objUser.SetInfo ' Remove the user from the group that was the previous Primary group Set objOldPrimaryGroup = GetObject("LDAP://" & strOldPrimaryGroup) objOldPrimaryGroup.Remove objUser.adsPath objOldPrimaryGroup.SetInfo objRecordSet.MoveNext Wend MsgBox "Finished."
There are currently 1 users browsing this thread. (0 members and 1 guests)