set "Managed By" tab in AD group

Discussion:

(too old to reply)

primoz88

2009-10-16 10:03:51 UTC

Hi all,

I am using a script posted in the other thread for Mass Group Creation
in AD.

The script is importing data from excel sheet (name,
description,notes).

Very important for me is to also organize the script to import
ManagedBy information from the Excel sheet.

I would like to put user name in another column, which will be
automatically added to group "Managed By" tab.

Can anyone advise how to generally update Group's "Managed By" tab?

I will try to modify/implemt the code lateron to my script and I will
post it?

Let me know, if you have further questions

Many thanks

--
primoz88
------------------------------------------------------------------------
primoz88's Profile: http://forums.techarena.in/members/143937.htm
View this thread: http://forums.techarena.in/server-scripting/1259234.htm

http://forums.techarena.in

Richard Mueller [MVP]

2009-10-16 15:43:23 UTC

Permalink

Post by primoz88
Hi all,
I am using a script posted in the other thread for Mass Group Creation
in AD.
The script is importing data from excel sheet (name,
description,notes).
Very important for me is to also organize the script to import
ManagedBy information from the Excel sheet.
I would like to put user name in another column, which will be
automatically added to group "Managed By" tab.
Can anyone advise how to generally update Group's "Managed By" tab?
I will try to modify/implemt the code lateron to my script and I will
post it?

The value assigned to the managedBy attribute must be the full Distinguished
Name of a user. An example might be similar to:

cn=Jim Smith,ou=Sales,ou=West,dc=MyDomain,dc=com

If you add the Distinguished Name to column 5 of the spreadsheet, you can
use this statement in the loop that reads rows of the spreadsheet:

strManagedBy = objSheet.Cells(intRow, 5).Value & ""

I append an empty string to the value in case there is no value in the cell
of the spreadsheet. All other values in the spreadsheet are required, but
this one is not (it can be blank). Then when values are assigned to the
attributes of the new group object, add these statements:

If (strManagedBy <> "") Then
objGroup.Put, "managedBy", strManagedBy
End If

Again, I account for the possibility that there is no value. An error is
raised if you attempt to assign either a blank or null. Finally, since the
script uses Option Explicit, you also need to add a statement near the
beginning to declare the new variable:

Dim strManagedBy

I hope this helps.

--
Richard Mueller
MVP Directory Services
Hilltop Lab - http://www.rlmueller.net
--

primoz88

2009-10-19 14:19:47 UTC

Permalink

Hi to all,

I am really a newbie in scripting and I am trying to modify the scrip
I use for mass group creation. I was trying to modify it, adding th
values "Richard Mueller [MVP]" suggested to me, but it did not work.
Could you please have a look into the script I am using and try t
modify it accordingly.

=============================
First sheet (Groups) in Excel file shows data in columns, as below:
strNewGroup,strNewGroupLong,Description,Notes,Managed By

Second Sheet (Param) shows:
Domain DC=xxxx,DC=NET
OU Grp OU=xxxx,OU=xxxx,OU=xxxx,OU=xxxx,OU=PMI,OU=xxxx

So, what I would like to do is to organize the "ManagedBy" using m
initial script.
==================

The script is below:
==================
Option Explicit
' On Error Resume Next

Const cstExcelFilename = "Script_Group Creation.xls"

Dim objWshShell, objFSO, objExcel, objOU, objGroup, objItem
Dim strOU, strNewGroup, strNewGroupLong, strDomain, strOUGrp
strDescription, strNotes, strManagedBy
Dim intIndex, bDebug

Set objFSO = CreateObject("Scripting.FileSystemObject")
Set objWshShell = CreateObject("WScript.Shell")
Set objExcel = CreateObject("Excel.Application")
objExcel.Visible = False
bDebug = False

' Verify if exist Excel File
If Not objFSO.FileExists(objWshShell.CurrentDirectory & "\"
cstExcelFilename) Then
MsgBox "Missing Excel File: " & objWshShell.CurrentDirectory & "\"
cstExcelFilename
WScript.Quit
End If

' Open Excel File
objExcel.Workbooks.Open objWshShell.CurrentDirectory & "\"
cstExcelFilename

'Select sheet Param
objExcel.Sheets("Param").Select

'Domain
strDomain = objExcel.Cells(1, 2)

' OU Grp
strOUGrp = objExcel.Cells(2, 2)

If bDebug Then
WScript.Echo strDomain
WScript.Echo strOUGrp
End If

'Select sheet Users
objExcel.Sheets("Groups").Select

intIndex = 2

While objExcel.Cells(intIndex, 1) <> ""
strNewGroup = objExcel.Cells(intIndex, 1)
strNewGroupLong = objExcel.Cells(intIndex, 2)
strDescription = objExcel.Cells(intIndex, 3)
strNotes = objExcel.Cells(intIndex, 4)
strManagedBy = objExcel.Cells(intIndex, 5)

If bDebug Then WScript.Echo strNewGroup & " , " & strNewGroupLong & "
" & strDescription & " , " & strNotes & " , " & strManagedBy

CreateGr strDomain, strOUGrp, strNewGroup, strNewGroupLong
strDescription, strNotes, strManagedBy
intIndex = intIndex + 1
Wend

' Close Excel File
objExcel.Quit

' Cleaning
Set objWshShell = Nothing
Set objExcel = Nothing
Set objFSO = Nothing
Set objOU = Nothing
WScript.Quit

Sub CreateGr (strDomain, strOU, strNewGroup, strNewGroupLong
strDescription, strNotes, strManagedBy )
Set objOU = GetObject("LDAP://" & strOU & "," & strDomain)
Set objGroup = objOU.Create("Group", "cn=" & strNewGroupLong)
objGroup.Put "sAMAccountName", strNewGroup
objGroup.Put "Description", strDescription
objGroup.Put "Info", strNotes
objGroup.SetInfo

End Su

--
primoz8
-----------------------------------------------------------------------
primoz88's Profile: http://forums.techarena.in/members/143937.ht
View this thread: http://forums.techarena.in/server-scripting/1259235.ht

http://forums.techarena.i

Richard Mueller [MVP]

2009-10-19 16:29:09 UTC

Permalink

Post by primoz88
Hi to all,
I am really a newbie in scripting and I am trying to modify the script
I use for mass group creation. I was trying to modify it, adding the
values "Richard Mueller [MVP]" suggested to me, but it did not work.
Could you please have a look into the script I am using and try to
modify it accordingly.
=============================
strNewGroup,strNewGroupLong,Description,Notes,Managed By
Domain DC=xxxx,DC=NET
OU Grp OU=xxxx,OU=xxxx,OU=xxxx,OU=xxxx,OU=PMI,OU=xxxx
So, what I would like to do is to organize the "ManagedBy" using my
initial script.
==================
==================
Option Explicit
' On Error Resume Next
Const cstExcelFilename = "Script_Group Creation.xls"
Dim objWshShell, objFSO, objExcel, objOU, objGroup, objItem
Dim strOU, strNewGroup, strNewGroupLong, strDomain, strOUGrp,
strDescription, strNotes, strManagedBy
Dim intIndex, bDebug
Set objFSO = CreateObject("Scripting.FileSystemObject")
Set objWshShell = CreateObject("WScript.Shell")
Set objExcel = CreateObject("Excel.Application")
objExcel.Visible = False
bDebug = False
' Verify if exist Excel File
If Not objFSO.FileExists(objWshShell.CurrentDirectory & "\" &
cstExcelFilename) Then
MsgBox "Missing Excel File: " & objWshShell.CurrentDirectory & "\" &
cstExcelFilename
WScript.Quit
End If
' Open Excel File
objExcel.Workbooks.Open objWshShell.CurrentDirectory & "\" &
cstExcelFilename
'Select sheet Param
objExcel.Sheets("Param").Select
'Domain
strDomain = objExcel.Cells(1, 2)
' OU Grp
strOUGrp = objExcel.Cells(2, 2)
If bDebug Then
WScript.Echo strDomain
WScript.Echo strOUGrp
End If
'Select sheet Users
objExcel.Sheets("Groups").Select
intIndex = 2
While objExcel.Cells(intIndex, 1) <> ""
strNewGroup = objExcel.Cells(intIndex, 1)
strNewGroupLong = objExcel.Cells(intIndex, 2)
strDescription = objExcel.Cells(intIndex, 3)
strNotes = objExcel.Cells(intIndex, 4)
strManagedBy = objExcel.Cells(intIndex, 5)
If bDebug Then WScript.Echo strNewGroup & " , " & strNewGroupLong & " ,
" & strDescription & " , " & strNotes & " , " & strManagedBy
CreateGr strDomain, strOUGrp, strNewGroup, strNewGroupLong,
strDescription, strNotes, strManagedBy
intIndex = intIndex + 1
Wend
' Close Excel File
objExcel.Quit
' Cleaning
Set objWshShell = Nothing
Set objExcel = Nothing
Set objFSO = Nothing
Set objOU = Nothing
WScript.Quit
Sub CreateGr (strDomain, strOU, strNewGroup, strNewGroupLong,
strDescription, strNotes, strManagedBy )
Set objOU = GetObject("LDAP://" & strOU & "," & strDomain)
Set objGroup = objOU.Create("Group", "cn=" & strNewGroupLong)
objGroup.Put "sAMAccountName", strNewGroup
objGroup.Put "Description", strDescription
objGroup.Put "Info", strNotes
objGroup.SetInfo
End Sub
--
primoz88
------------------------------------------------------------------------
primoz88's Profile: http://forums.techarena.in/members/143937.htm
View this thread: http://forums.techarena.in/server-scripting/1259235.htm
http://forums.techarena.in

The script looks good, but it does not assign the value strManagedBy to the
newly created groups. You need to add a line to Sub CreateGr to assign this
value. For example:

objGroup.Put "managedBy", strManagedBy

A minor point is that the script will be more efficient (faster) if you bind
the object reference objOU once in the main program, rather than repeatedly
in the Sub. You already declare objOU in the main program (in a Dim
statement), so it has global scope. Just move the "Set objOU" statement from
the Sub into the main program.

Even more minor is that the variables strOU snd objItem declared in the main
program are not used. The variable strOU in Sub CreateGr is a different
variable, whose value is assigned when you call the Sub.

Finally, you don't specify groupType, but that's probably fine. The default
if no value is assigned is a Global Security group.

--
Richard Mueller
MVP Directory Services
Hilltop Lab - http://www.rlmueller.net
--

primoz88

2009-10-20 13:02:48 UTC

Permalink

Dear Richard,
I have managed to modify the script, but it still does not work. I have
bolded lines I've added. Could you please have a look into and advise
back? Even though, I have added the line "objGroup.Put "managedBy",
strManagedBy", into Sub CreateGr, but I receive "a constraint violation
occured" error 8007202F.

Can you please have a look and help me out with it? Thanks a lot!

script below:
======================

Post by Richard Mueller [MVP]
Option Explicit
' On Error Resume Next
Const cstExcelFilename = "Script_Group Creation.xls"
Dim objWshShell, objFSO, objExcel, objOU, objGroup,
Dim strOU, strNewGroup, strNewGroupLong, strDomain, strOUGrp,
strDescription, strNotes, strManagedBy
Dim intIndex, bDebug
Set objFSO = CreateObject("Scripting.FileSystemObject")
Set objWshShell = CreateObject("WScript.Shell")
Set objExcel = CreateObject("Excel.Application")
objExcel.Visible = False
bDebug = False
' Verify if exist Excel File
If Not objFSO.FileExists(objWshShell.CurrentDirectory & "\" &
cstExcelFilename) Then
MsgBox "Missing Excel File: " & objWshShell.CurrentDirectory & "\" &
cstExcelFilename
WScript.Quit
End If
' Open Excel File
objExcel.Workbooks.Open objWshShell.CurrentDirectory & "\" &
cstExcelFilename
'Select sheet Param
objExcel.Sheets("Param").Select
'Domain
strDomain = objExcel.Cells(1, 2)
' OU Grp
strOUGrp = objExcel.Cells(2, 2)
If bDebug Then
WScript.Echo strDomain
WScript.Echo strOUGrp
End If
'Select sheet Users
objExcel.Sheets("Groups").Select
intIndex = 2
While objExcel.Cells(intIndex, 1) <> ""
strNewGroup = objExcel.Cells(intIndex, 1)
strNewGroupLong = objExcel.Cells(intIndex, 2)
strDescription = objExcel.Cells(intIndex, 3)
strNotes = objExcel.Cells(intIndex, 4)
strManagedBy = objExcel.Cells(intIndex, 5)
If bDebug Then WScript.Echo strNewGroup & " , " & strNewGroupLong & " ,
" & strDescription & " , " & strNotes & " , " & strManagedBy
CreateGr strDomain, strOUGrp, strNewGroup, strNewGroupLong,
strDescription, strNotes, strManagedBy
intIndex = intIndex + 1
Wend
' Close Excel File
objExcel.Quit
' Cleaning
Set objWshShell = Nothing
Set objExcel = Nothing
Set objFSO = Nothing
Set objOU = Nothing
WScript.Quit
Sub CreateGr (strDomain, strOU, strNewGroup, strNewGroupLong,
strDescription, strNotes, strManagedBy )
Set objOU = GetObject("LDAP://" & strOU & "," & strDomain)
Set objGroup = objOU.Create("Group", "cn=" & strNewGroupLong)
objGroup.Put "sAMAccountName", strNewGroup
objGroup.Put "Description", strDescription
objGroup.Put "Info", strNotes
OBJGROUP.PUT \"MANAGEDBY\", STRMANAGEDBY
objGroup.SetInfo
End Sub

Richard Mueller [MVP]

2009-10-20 15:29:49 UTC

Permalink

I assume the new line got modified when you pasted it:

OBJGROUP.PUT \"MANAGEDBY\", STRMANAGEDBY

The error probably was raised on this line. Assuming the quotes are not
escaped with backslashes, the most probable cause is that the value assigned
to the variable strManagedBy is not a valid Distinguished Name. It must the
Distinguished Name (not the pre-Windows 2000 logon name) of a user.
Distinguished Names are in a form similar to:

cn=Jim Smith,ou=Sales,ou=Sales,dc=MyDomain,dc=com

You can use ADSI Edit or ldp.exe to view the Distinguished Names of objects
in AD. Or at the command prompt of a Domain Controller with Windows Server
2003 or above, run the following to retrieve the Distinguished Name of a
user with a given "pre-Windows 2000 logon name" (in this case "jsmith"):

dsquery user -samid jsmith
--
Richard Mueller
MVP Directory Services
Hilltop Lab - http://www.rlmueller.net
--

Post by primoz88
Dear Richard,
I have managed to modify the script, but it still does not work. I have
bolded lines I've added. Could you please have a look into and advise
back? Even though, I have added the line "objGroup.Put "managedBy",
strManagedBy", into Sub CreateGr, but I receive "a constraint violation
occured" error 8007202F.
Can you please have a look and help me out with it? Thanks a lot!
======================

Post by Richard Mueller [MVP]
" & strDescription & " , " & strNotes & " , " & strManagedBy
CreateGr strDomain, strOUGrp, strNewGroup, strNewGroupLong,
strDescription, strNotes, strManagedBy
intIndex = intIndex + 1
Wend
' Close Excel File
objExcel.Quit
' Cleaning
Set objWshShell = Nothing
Set objExcel = Nothing
Set objFSO = Nothing
Set objOU = Nothing
WScript.Quit
Sub CreateGr (strDomain, strOU, strNewGroup, strNewGroupLong,
strDescription, strNotes, strManagedBy )
Set objOU = GetObject("LDAP://" & strOU & "," & strDomain)
Set objGroup = objOU.Create("Group", "cn=" & strNewGroupLong)
objGroup.Put "sAMAccountName", strNewGroup
objGroup.Put "Description", strDescription
objGroup.Put "Info", strNotes
OBJGROUP.PUT \"MANAGEDBY\", STRMANAGEDBY
objGroup.SetInfo
End Sub

primoz88

2009-10-21 16:39:06 UTC

Permalink

Hello,
I am receiving the error message at below line "objGroup.SetInfo".

In Excel sheet, in column 5th "Managed By" I assume I have a prope
Distinguished Name, which is:
LDAP://CN=Brown\
John,OU=Non_Employees,OU=Users,OU=Krakow,OU=Production,OU=Factory,OU=User
& Workstations,DC=INTL,DC=NET

Should it be changed somehow?
I am really hopeless about this "Managed By" field. This issue keeps m
awake at night.
Thank

--
primoz8
-----------------------------------------------------------------------
primoz88's Profile: http://forums.techarena.in/members/143937.ht
View this thread: http://forums.techarena.in/server-scripting/1259235.ht

http://forums.techarena.i

Richard Mueller [MVP]

2009-10-21 22:52:38 UTC

Permalink

Ah, your example is an ADsPath, which is close. You need to remove the
"LDAP://" part to make it a Distinguished Name. The value should be (one
line):

CN=Brown\,
John,OU=Non_Employees,OU=Users,OU=Krakow,OU=Production,OU=Factory,OU=Users &
Workstations,DC=INTL,DC=NET
--
Richard Mueller
MVP Directory Services
Hilltop Lab - http://www.rlmueller.net
--

Post by primoz88
Hello,
I am receiving the error message at below line "objGroup.SetInfo".
In Excel sheet, in column 5th "Managed By" I assume I have a proper
LDAP://CN=Brown\,
John,OU=Non_Employees,OU=Users,OU=Krakow,OU=Production,OU=Factory,OU=Users
& Workstations,DC=INTL,DC=NET
Should it be changed somehow?
I am really hopeless about this "Managed By" field. This issue keeps me
awake at night.
Thanks
--
primoz88
------------------------------------------------------------------------
primoz88's Profile: http://forums.techarena.in/members/143937.htm
View this thread: http://forums.techarena.in/server-scripting/1259235.htm
http://forums.techarena.in