mpg
Posts 1
|
VBScript - unable to search users in other trusted child domains
====================
This is my AD structure-
My Root domain is = company.local
under root domain, Parent domain is = us.company.local
Under parent domain, there are three domains -
first domain = abc.us.company.local
second domain = xyz.us.company.local
third domain = pqr.us.company.local
two way trust is there between all above three domains. means I can search objects/resources from any domain.
My target OU (group) is "CN=DL_TEST_SCRIPT_CRC,OU=Groups,OU=WCL,DC=abc,DC=us,DC=company,DC=local" which is in abc.us.company.local domain.
My requirement is - Read the users from users.txt (total 1200 users) file. Out of 1200 users, few users are in abc.us.company.local, few are in xyz.us.company.local & remaining are in pqr.us.company.local domain.
I am running this script from DC which is in abc.us.company.local. This script should search the users in all three domains & add them to the DL_TEST_SCRIPT_CRC group.
but problem is script is adding all the users to the group only from abc.us.company.local. Users from other two domains are not getting added to the group.
Users are located in multiple OUs and could reside in abc.us.comapny.local/xyz.us.company.local
/pqr.us.company.local as well.
Input file users.txt contains only user name in the following format:
user12345
user23456
user34567
user45678
so on.....
Can anyone please help asap.
===============================
Option Explicit
Dim objRootDSE, strDNSDomain, objTrans, strNetBIOSDomain, objForest
Dim strFile, objFSO, objFile, strNTName, strDN, objGroup
Dim objUser
Const ForReading = 1
' Constants for the NameTranslate object.
Const ADS_NAME_INITTYPE_GC = 3
Const ADS_NAME_TYPE_NT4 = 3
Const ADS_NAME_TYPE_1779 = 1
' Specify Network path of file of user names.
strFile = "c:\Test\users.txt"
' Bind to the group, using the DN of the group.
Set objGroup = GetObject("LDAP://CN=DL_TEST_SCRIPT_CRC,OU=Groups,OU=WCL,DC=abc,DC=us,DC=company,DC=local")
' Determine DNS name of domain from RootDSE.
Set objRootDSE = GetObject("LDAP://RootDSE")
strDNSDomain = objRootDSE.Get("defaultNamingContext")
' Use the NameTranslate object to find the NetBIOS domain name from the
' DNS domain name.
Set objTrans = CreateObject("NameTranslate")
objTrans.Init ADS_NAME_INITTYPE_GC, ""
objTrans.Set ADS_NAME_TYPE_1779, strDNSDomain
strNetBIOSDomain = objTrans.Get(ADS_NAME_TYPE_NT4)
' Remove trailing backslash.
strNetBIOSDomain = Left(strNetBIOSDomain, Len(strNetBIOSDomain) - 1)
' Use FSO to open text file for read access.
Set objFSO = CreateObject("Scripting.FileSystemObject")
Set objFile = objFSO.OpenTextFile(strFile, ForReading)
' Read the file.
Do Until objFile.AtEndOfStream
' Read user name.
strNTName = Trim(objFile.ReadLine)
' Skip blank lines.
If (strNTName <> "") Then
' Use the Set method to specify the NT format of the name.
' Trap the error if user does not exist.
On Error Resume Next
objTrans.Set ADS_NAME_TYPE_NT4, strNetBIOSDomain & "\" & strNTName
If (Err.Number <> 0) Then
On Error GoTo 0
Wscript.Echo "User " & strNTName & " not found"
Else
On Error GoTo 0
' Use the Get method to retrieve the DN.
strDN = objTrans.Get(ADS_NAME_TYPE_1779)
' Bind to the user object.
Set objUser = GetObject("LDAP://" & strDN)
' Check if the user is already a member of the group.
If (objGroup.IsMember(objUser.AdsPath) = True) Then
Wscript.Echo "User " & strNTName & " is already member of specified group."
Else
' Add user to the group.
objGroup.Add(objUser.AdsPath)
Wscript.Echo "User " & strNTName & " has been added to Group."
End If
End If
End If
Loop
' Clean up.
objFile.Close
==================
--------------------------------------------------------------------------------
Thanks & Best Regards, MPG
|