这是我的代码。虽然它有点工作,但由于某种原因,它不会在我粘贴的列表中添加每个组。我认为我的语句顺序完全关闭并导致这种情况。但我无法将数组中的每个条目都添加到用户中。
On Error Resume Next
'AD Path to the user container
strinput = "testuser"
memberPath = "LDAP://CN=" & strinput & ",OU=Users - Employee,OU=ALL USERS,DC=mydomain,DC=mycompany,DC=org"
'paths for relevant OUs in AD
strSecgrppath = ",OU=Security Groups,DC=mydomain,DC=mycompany,DC=org"
strDisgrppath = ",OU=Distribution Groups,DC=mydomain,DC=mycompany,DC=org"
strMEsecpath = ",OU=Microsoft Exchange Security Groups,DC=mydomain,DC=mycompany,DC=org"
strPrntrgrppath = ",OU=Printer Groups,OU=Security Groups,DC=mydomain,DC=mycompany,DC=org"
'Input for entry of array variables. This where we copy paste the Groups
strGroups = inputbox("Enter exact Group names separated by commas.", "Enter exact Group names separated by commas.")
'splits the array and iterates through it, calling the subroutine with
'each specific AD path variable
'I paste in the groups like: "Employees, Admins, Volunteers, Serviceaccounts, etc.
strSEC = Split(strGroups, ", ")
limit = UBound(strSEC)
' Go through the Sec Groups OU
For i=0 To limit
Call iterategroups (strSecgrppath)
Next
'No need to explain, goes through the next group.
For i=0 To limit
Call iterategroups (strDisgrppath)
Next
'etc.
For i=0 To limit
Call iterategroups (strMEsecpath)
Next
'etc.
For i=0 To limit
Call iterategroups (strPrntrgrppath)
Next
'the sub for going through each OU
Sub iterategroups(groupparam)
' ADsPath to the Security group container
groupPath = "LDAP://mydomain.mycompany.org/CN=" & strSEC(i) & groupparam
' Set the Group object
Set group = GetObject(groupPath)
' Set the Member object
Set member = GetObject(memberPath)
' adds the member to the group
group.Add(member.ADsPath)
End Sub
答案 0 :(得分:0)
因此,我通过克隆AD中现有用户的memberof属性来找到一种更简单的方法,这是此脚本开始的目的。
'Create the AD object
Set objSysInfo = CreateObject("ADSystemInfo")
strinput = "testuser"
'Enter the display name of the user whose permissions need to be cloned.
strUserDN = inputbox("Enter Display Name of User to be cloned.")
'LDAP Path for the new user
memberPath = "LDAP://CN=" & strinput & ",OU=Users - Employee,OU=ALL USERS,DC=mydomain,DC=mycompany,DC=org"
'LDAP Path for the user to be cloned.
oldmemberPath = "LDAP://CN=" & strUserDN & ",OU=Users - Employee,OU=ALL USERS,DC=mydomain,DC=mycompany,DC=org"
'resume next to avoid error if new user belongs to the same group already.
on error resume next
'sets the object for the user to be cloned
Set objUser = GetObject(oldmemberPath)
'Pulls a list of items from the memberof attribute of the user to be cloned and adds it to an array
arrGroups = objUser.memberOf
'For each group in the array, add Groups for new user
For Each strGroup In arrGroups
' Set the Group object
Set group = GetObject("LDAP://mydomain.mycompany.org/" & strGroup)
' Set the Member object
Set member = GetObject(memberPath)
' adds the new user to the group
group.Add(member.ADsPath)
Next