Active Directory Scripting – create Security Group
Reference page: Active Directory – Sample Scripts (Excel/VBA)
How to create Security Group
Description
Security Group object could be created within its container object – Organizational Unit. The example below is based on the assumption that we successfully retrieved an instance of Organizational Unit. An existing User Account will also be added to the newly created Security Group.
Note. You need to login as an authorized person to successfully execute the script.
Common definitions
' Domain: DEV.ENV.COM Dim sDomain, dvDC sDomain = "DEV.ENV.COM" dvDC = Split(sDomain, ".") ' Organizational Units ' Company01 - Active Directory Path: "dev.env.com/Main/Client/Company01" ' User Accounts ' User01 - belongs to Company01 ' Security Groups ' Group02 - new Security Group; will be created in Company01 Dim sGroupName, sUserPath sGroupName= "Group02" sUserPath = "cn=User01, ou=Company01, ou=Client, ou=Main, dc=dev,dc=env,dc=com" '1. Create Security Group boolRC = CreateGroup(objClientOU, objSecurityGroup) If Not boolRC Then 'error-handling goes here End If '2. Add the User to the Group objSecurityGroup.PutEx 3, "member", Array(sUserPath) 'Submit info back to Active Directory On Error Resume Next objSecurityGroup.SetInfo boolRC = (Err.Number <> 0) On Error GoTo 0 'Error-handling If boolRC Then sReturnMessage = "Failed to add the user to Security Group " & sGroupName End If
How to create new Security Group in Active Directory (Excel/VBA source code)
Note that we assume that we have a valid object instance in objOU.
If you build your own script
Depending on the scale of solution you implement you may want to refactor and expand the example presented below in order to exclude usage of global variables (sDomain, sGroupName, sUserPath, etc.) and provide reporting functionality (based on sReturnMessage).
Public Function CreateGroup(ByRef objOU, ByRef objGroup) Dim boolRC ' 'Create Security Group On Error Resume Next Set objGroup = objOU.Create("Group", "cn=" & sGroupName) boolRC = (Err.Number <> 0) On Error GoTo 0 'Error-handling If boolRC Then sReturnMessage = "Failed to create Security Group " & sGroupName CreateGroup = False Exit Function End If objGroup.Put "sAMAccountName", sGroupName 'Submit group name On Error Resume Next objGroup.SetInfo boolRC = (Err.Number <> 0) On Error GoTo 0 'Error-handling If boolRC Then sReturnMessage = "Failed to create Security Group " & sGroupName CreateGroup = False Exit Function End If ' CreateGroup = True End Function
One response to "Active Directory Scripting – create Security Group"
Hey, you’re automating testers, we’re automating Brokers!
[ Albert’s reply.
No, not quite like that.
I automate certain software testing activities: workflow tree, data lifecycle, taking snapshots, information gathering, state change detection, verification, validation, logging and reporting.
Investigation and decision-making, as well as communication and accountability are on humans and that’s how it must be.
From your own blog, those robots perform monitoring, detection, forecasting, and trading based on criteria developed by people “who have been in the Forex trade for over 40 years”. Users either have to continuously maintain settings for those criteria (that is, to be trading experts on their own) or have to frequently download paid updates (that is, paying for someone else’s expertise).
And, by the way, software testing is much more complicated :) ]