Tek-Tips is the largest IT community on the Internet today!

Members share and learn making Tek-Tips Forums the best source of peer-reviewed technical information on the Internet!

Register Log in
  • Congratulations bkrike on being selected by the Tek-Tips community for having the most helpful posts in the forums last week. Way to Go!

dsadd question

Status
Not open for further replies.
wdk1111

wdk1111

MIS
Apr 12, 2005
3
US
We are needing to add batches of users to our active directory. I have this mostly working by using a spreadsheet to generate the appropriate DSADD commands in a batch file.

My problem is:
We need to remove these users from the 'Domain Users' group. If I do this manually from AD Users and Computers, 'Domain Users' is always the Primary group. I have to set something else as the "Primary Group" before removing Domain Users from the person's list. I have two other groups that they are in so this is not a problem.

Is there a way using a command line to change the Primary Group, and to remove a member from a group?

I looked into doing this with CSVDE but could not find a way to do this either.

We need to remove them from Domain Users since they are not using our domain for normal file / print access. These user entries are just to control access to a large Sharepoint site we are creating.

Thanks for any help!
 
Sort by date Sort by votes
How about dsmod? I think you can use it to remove members from the group you specify. It's similar to dsadd....
check this for setting up a commnd line bible:

In Windows NT, the CMD help is NTCmds.hlp. In Windows 2000, it is NTcmds.chm, which can't be opened directly.

set up a shortcut to a batch file, or use Start / Run. Create NTcmds.bat containing:

@echo off
start hh.exe ms-its:%WINDIR%\Help\windows.chm::/ntcmds.htm
exit

save that to the desktop as a .chm file.

And here's the info on the dsmod switch:
{-addmbr | -rmmbr | -chmbr} MemberDN ...
Specifies that members specified by MemberDN ... are to be added, removed, or replaced to, from or in the group. Only one of these parameters can be specified in any single command invocation. MemberDN ... specifies the distinguished names of one or more members to be added to, deleted from, or replaced in the group specified by GroupDN. Each member must given as a distinguished name (for example, CN=Mike Danseglio,OU=Users,DC=Microsoft,DC=Com). The list of members must follow the -addmbr, -rmmbr, and -chmbr parameters. If values are omitted, they are obtained through standard input (stdin) to support piping of output from another command to input of this command. If GroupDN ... and Member ... are used together then only one parameter can be taken from standard input, requiring that at least one parameter be specified at the command line.
 
Upvote 0 Downvote
Status
Not open for further replies.

Similar threads

edgar28
  • Locked
  • Question
Question on Network cards - Windows Server 2019
Replies
1
Views
274
DrB0b
DrB0b
DrB0b
  • Locked
  • Question
HyperV Virtual Switch and Physical NIC question
Replies
3
Views
281
DrB0b
DrB0b
DrB0b
  • Locked
  • Question
General Windows Server Datacenter/Standard Licensing Question
Replies
1
Views
194
DrB0b
DrB0b
Krus1972
  • Locked
  • Question
Web.Config URL Rewrite Question
Replies
0
Views
185
Krus1972
Krus1972
Shimness
  • Locked
  • Question
Hyper-V Server Build Questions
Replies
6
Views
374
technome
technome

Part and Inventory Search

Sponsor

Back
Top