VBScript to Add users Security Group to local computer if Computer object is under specific OU

VBScript to Add users Security Group to local computer if Computer object is under specific OU. For Security reason we always need to make sure that only specific security groups are administrators of specific computers. This will always be the business requirement. With below script you can obtain this. Include this script in in the GPO and Add in to user logon script.


DIM objNetwork
DIM computerName
DIM ou
set objNetwork = createobject(“Wscript.Network”)
computerName = objNetwork.ComputerName
ou = getOUByComputerName(computerName)

on error resume next
Select Case ou

Case “OU=Computers,DC=domain,DC=com”
set group = GetObject(“WinNT://”& computerName &”/Administrators”)
group.Add “WinNT://domain/Group”
err.clear

Case “OU=Computers1,DC=domain,DC=com”
set group = GetObject(“WinNT://”& computerName &”/Administrators”)
group.Add “WinNT://domain/Group1”
err.clear

End Select

function getOUByComputerName(byval computerName)
DIM namingContext, ldapFilter, ou
DIM cn, cmd, rs
DIM objRootDSE
set objRootDSE = getobject(“LDAP://RootDSE”)
namingContext = objRootDSE.Get(“defaultNamingContext”)
set objRootDSE = nothing
ldapFilter = “<LDAP://” & namingContext & _
“>;(&(objectCategory=Computer)(name=” & computerName & “))” & _
“;distinguishedName;subtree”
Set cn = createobject(“ADODB.Connection”)
set cmd = createobject(“ADODB.Command”)
cn.open “Provider=ADsDSOObject;”
cmd.activeconnection = cn
cmd.commandtext = ldapFilter
set rs = cmd.execute
if rs.eof <> true and rs.bof <> true then
ou = rs(0)
ou = mid(ou,instr(ou,”,”)+1,len(ou)-instr(ou,”,”))
getOUByComputerName = ou

end if
rs.close
cn.close

end function

You can always find the copy from the below link

http://powershell.com/cs/cfs-filesystemfile.ashx/__key/CommunityServer.Components.UserFiles/00.00.00.30.62/AddAdminfinal.txt

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s