|
 |  |  |  |  |  |  |
| Welcome to Windows Vista Forums. Our forum is dedicated to helping you find solutions with any problems, errors or issues you are experiencing with Windows Vista. The Vista forum also covers news and updates and has an extensive Windows Vista tutorial section that covers a wide range of tips and tricks. |
| |||||||
 |
| |
02-23-2009
| #1 (permalink) |
| | Script works / but fails on startup Perhaps someone may be able to tell me what I am doing wrong..... We have admin groups based on the OU / goal is to parse the DN and then add the admin group for that OU to the local admin group on the computer... I have modified the script a little for testing here... 'Define Variables Dim strDN,strDomain,strComputer,strAdminGroup Set objSysInfo = CreateObject("ADSystemInfo") Set objWshNet = CreateObject("wscript.network") 'Set Variables for DN, Domain and Computer strDN=objSysInfo.ComputerName strDomain = objWshNet.UserDomain strComputer = objWshNet.ComputerName 'Split DN to get Admin Group from Site OU / Exception added for UAE strDN = Split(strDN,",OU=") strAdminGroup = "Admin_IN_" & strDN(LBOUND(strDN)+1) 'Echo for Testing wscript.echo "The hostname of the computer is " & strComputer wscript.echo "The global group that will be added to the Local Administrators group is " & strAdminGroup 'bind to local and domain groups Set objLocalGroup = GetObject("WinNT://" & strComputer & "/ Administrators,group") Set objADGroup = GetObject("WinNT://" & strDomain & "/" & strAdminGroup & ",group") 'Check if the user is already a member of the local admin group If (objLocalGroup.IsMember(objADGroup.AdsPath) = False) Then 'Add the domain group to the local admin group objLocalGroup.Add(objADGroup.ADsPath) wscript.echo strAdminGroup & " has been added to the local administrator group" Else 'Echo for testing wscript.echo "The group is already a member of the local administrators group" End If This is where it is failing at.... Set objADGroup = GetObject("WinNT://" & strDomain & "/" & strAdminGroup & ",group") I have enter the correcto information in and it will work... I think that it is failing because the strAdminGroup contain spaces? I am not sure... I have also tried to create the path in another variable making sure the quotation encapsulate the string and that did not work either.... As I said this script works fine when the computer is running, but for some reason will not work on startup. |
My System Specs |
|
02-23-2009
| #2 (permalink) |
| | Re: Script works / but fails on startup <newsgroups.jd@xxxxxx> wrote in message news:11b8b630-1c5f-4e3c-9dbb-514c756b18f0@xxxxxx Quote: > Perhaps someone may be able to tell me what I am doing wrong..... > > > We have admin groups based on the OU / goal is to parse the DN and > then add the admin group for that OU to the local admin group on the > computer... I have modified the script a little for testing here... > > > 'Define Variables > Dim strDN,strDomain,strComputer,strAdminGroup > Set objSysInfo = CreateObject("ADSystemInfo") > Set objWshNet = CreateObject("wscript.network") > > 'Set Variables for DN, Domain and Computer > strDN=objSysInfo.ComputerName > strDomain = objWshNet.UserDomain > strComputer = objWshNet.ComputerName > > 'Split DN to get Admin Group from Site OU / Exception added for UAE > strDN = Split(strDN,",OU=") > strAdminGroup = "Admin_IN_" & strDN(LBOUND(strDN)+1) > > 'Echo for Testing > wscript.echo "The hostname of the computer is " & strComputer > wscript.echo "The global group that will be added to the Local > Administrators group is " & strAdminGroup > > 'bind to local and domain groups > Set objLocalGroup = GetObject("WinNT://" & strComputer & "/ > Administrators,group") > Set objADGroup = GetObject("WinNT://" & strDomain & "/" & > strAdminGroup & ",group") > > 'Check if the user is already a member of the local admin group > If (objLocalGroup.IsMember(objADGroup.AdsPath) = False) Then > 'Add the domain group to the local admin group > objLocalGroup.Add(objADGroup.ADsPath) > wscript.echo strAdminGroup & " has been added to the local > administrator group" > Else > 'Echo for testing > wscript.echo "The group is already a member of the local > administrators group" > End If > > > > > > This is where it is failing at.... > > Set objADGroup = GetObject("WinNT://" & strDomain & "/" & > strAdminGroup & ",group") > > > I have enter the correcto information in and it will work... I think > that it is failing because the strAdminGroup contain spaces? I am not > sure... I have also tried to create the path in another variable > making sure the quotation encapsulate the string and that did not work > either.... > > As I said this script works fine when the computer is running, but for > some reason will not work on startup. > object. They run with System privileges on the local computer, so the script can bind to the local group (and modify it). The computer object does not have permissions in AD for the groups. All computer objects should be members of the "Domain Computers" group. Perhaps grant this group permissions for the domain groups. In ADUC view properties of a group and see who has permissions on the "Security" tab. You can add "Domain Computers" and grant read and write permissions on properties. -- Richard Mueller MVP Directory Services Hilltop Lab - http://www.rlmueller.net -- |
| My System Specs |
|
| Thread Tools | |
| |
Similar Threads | ||||
| Thread | Forum | |||
| Re: Newbie using script but fails | PowerShell | |||
| My command works in the PS prompt but not in a script (.ps1) / reg | PowerShell | |||
| Network works one day, fails the next mixed Vista XP | Vista networking & sharing | |||
| Script works in PS v1, but not in PS v2 | PowerShell | |||
| lodctr fails in Vista, works in XP | Vista performance & maintenance | |||
