Add user to security group

[mevasquez]

I have been having difficulties adding a user to a security group. Here is a sample script:
' Author Guy Thomas

http://computerperformance.co.uk/

'

Option Explicit 
Dim objRootLDAP, objGroup, objUser, objOU, objMemberOf
Dim strOU, strUser, strDNSDomain, strLDAP, strList
Dim intCounter, arrGroup

' Commands to bind to AD and extract domain name
Set objRootLDAP = GetObject("LDAP://RootDSE")
strDNSDomain = objRootLDAP.Get("DefaultNamingContext")
wscript.echo strDNSDomain

' Build the LDAP DN from strUser, strOU and strDNSDomain
strUser ="CN=first.mi.lastname,"
strOU ="CN=Users,"
strLDAP ="LDAP://" & strUser & strOU & strDNSDomain

wscript.echo strLDAP
Set objUser = GetObject(strLDAP)  [COLOR=green]'LINE 22[/color]

' primaryGroupID is an LDAP property of a user, default is 513
If objUser.primaryGroupID = 513 Then
Wscript.Echo "Primary Group = Domain Users"
End if

WScript.Quit

I keep getting the error "There is no such object on the server on line 22. Error Code, 80072030. I am new to working with active directory and everything seems ok. It seems that LDAP has errors. Is strUser the login name of user?

 

[markdmac]

Easier way to do it:

Set objGroup = GetObject _
 ("LDAP://CN=atl-users,ou=hr,dc=fabrikam,dc=com")
objGroup.Add _
 "LDAP://cn=MyerKen,OU=management,dc=fabrikam,dc=com"

The tricky part of course is identifying the full LDAP path of the user. Tek-Tips user Kob3 has a nice FAQ on the subject that makes it a breeze. faq329-5688


I hope you find this post helpful.

Regards,

Mark