I wrote this script to add domain groups to local groups. A quick overview on how it works is, it reads an input file (comma separated), estabilishes a connection to LDAP (defining your global variables), connects to the local computer and adds the domain group into the local group.
You will need to modify the Global Variables and “WinNT://<netbios domain name>/“ sections of the script.
Here is the code:
'======================================================================================'
' NAME: AddDomainGroupToLocalGroup.vbs
' DATE : 03/07/06
' COMMENT: This script looks at an input file and adds domain objects to local groups.
' Input file must be presented in a comma delimited format.
' SYNTAX: cscript AddDomainGroupToLocalGroup.vbs
'======================================================================================'
Option Explicit
Const ForReading = 1
Dim objNet, _
objSAM, _
objFSO, _
objFile, _
objFileOutput, _
objArgs
Dim colOU, _
refItem, _
domainDN, _
outputFile, _
inputFile
Dim strLine, _
strAttr, _
strLocalGroup, _
strDomainGroup
' Set Global Variables
domainDN = "OU=Testing,DC=domain,DC=com"
Set objArgs = WScript.Arguments
If Wscript.Arguments.Count = 0 Then
WScript.Echo ("No input file given on command line." & VbCrLf &_
" Usage: [cscript|wscript] " & WScript.ScriptName & " ")
Wscript.Quit
End If
inputFile = objArgs(0)
Set objFSO = CreateObject("Scripting.FileSystemObject")
Set objFile = objFSO.OpenTextFile(InputFile, ForReading)
Set objNet = CreateObject("WScript.Network")
Set colOU = GetObject("LDAP://" & domainDN)
Do Until objFile.AtEndOfStream
strLine = objFile.ReadLine
If InStr(strLine, ",") Then
strAttr = Split(strLine,",")
strLocalGroup = strAttr(0)
strDomainGroup = strAttr(1)
Set objSAM = GetObject("WinNT://" & objNet.ComputerName & "/" & strLocalGroup & ",group")
For Each refItem in colOU
If refItem.CN = strDomainGroup Then
objSAM.Add("WinNT://EXTRANET/" & refItem.CN)
End If
Next
End If
Loop
Set colOU = Nothing
Set objSAM = Nothing
Set objNet = Nothing