Consolidate Two Groups
************************************************************************************
I came across two queries that I wanted to pass along. The first allows you to consolidate groups. The query was posted by Mike Thommes who found it in a posting by Jerold Schulman. Here is my modified version
Groups:
Source1
Source2
GrpConsolidate
Queries:
dsquery group -name GrpConsolidate **gets the DN of the target group
dsget group %groupdn% -members **get the members of the group
findstr /I /V /L /G:
dsmod group %groupdn% -addmbr **addms members to the group
Below is a combinations of these scripts to get everything to work.
c:\>dsquery group -name GrpConsolidate dsget group -members > c:\temp\target_group_members.txt
c:\>dsget group %sourcegroupdn% -members findstr /I /V /L /G:c:\temp\target_group_members.txt dsmod group <%targetgroupdn% -addmbr
The second query was from a request I made to the Exchange newsgroup on www.sunbelt.com. I needed to find a generic way to populate a group from a text file with SMTP addresses. Here's what Joe Richards (Joeware), and Michael B. Smith helped me develop:
************************************************************************************
END
************************************************************************************
************************************************************************************
Copy A Group
************************************************************************************
c:\>dsquery group -name [groupname]
-This will give you the dn of both groups
c:\>dsget group [sourcegroupdn] -members > c:\source_group_members.txt
- exports the DN of all the members to a text file
c:\>for /f %i IN (source_group_members.txt) do dsmod group [targetgroupdn] -addmbr %i
- parses through the text file and adds each DN to the variable %i, then the value of %i is passed to the dsmod query.
************************************************************************************
END
************************************************************************************
************************************************************************************
Create a group from a list of SMTP addresses
************************************************************************************
-- ReadSMTP.cmd --
for /f %%V in (smtp.txt) do dsquery * forestroot -q -filter "&(objectCategory=user)(proxyaddresses=smtp:%%V)" -attr distinguishedName >> UserDN.txt
-- ReadSMTP.cmd --
-- FillGroup.cmd --
for /F "delims=;" %%V in (userdn.txt) do dsmod group "[Group DN]" -addmbr %%V -q
-- FillGroup.cmd --
The same could be done using adfind and admod from www.joeware.net. I decided to use the ds* tools because they don't required the download and I wanted to keep it simple. Basically, I needed to hand this task off to another admin and I thought a script might complicate things.
************************************************************************************
END
************************************************************************************
************************************************************************************
How to use DSAdd to create multiple accounts.
************************************************************************************
******************************
Userdn.txt
******************************
CN=CHETest13,CN=Users,DC=labb,dc=contoso,dc=org
CN=CHETest14,CN=Users,DC=labb,dc=contoso,dc=org
CN=CHETest15,CN=Users,DC=labb,dc=contoso,dc=org
CN=CHETest16,CN=Users,DC=labb,dc=contoso,dc=org
CN=CHETest17,CN=Users,DC=labb,dc=contoso,dc=org
CN=CHETest18,CN=Users,DC=labb,dc=contoso,dc=org
CN=CHETest19,CN=Users,DC=labb,dc=contoso,dc=org
CN=CHETest20,CN=Users,DC=labb,dc=contoso,dc=org
******************************
Userdn.txt
******************************
C:\>for /f %i IN (userdn.txt) do dsadd user %i -pwd Password1
************************************************************************************
END
************************************************************************************
On a side note, if there is a space in the DN, you'll have to specify no delimeter (the default delimeter is a space)
C:\>for /f "delim=" %i IN (userdn.txt) do dsadd user %i -pwd Password1
Teo
