use strict; use warnings; use Win32::NetAdmin; my ($group, @names); unless ( ($group, @names) = @ARGV ) { print "addtogrp or ... \n\n"; die (" Use double quotes for Multiworded Groups: ie \"Domain Admins\"\n"); } my $domain = Win32::DomainName or die "Unable to obtain the domain name"; my $DC; Win32::NetAdmin::GetDomainController( '', $domain, $DC ) or die "Unable to locate a Domain Controller\n"; # # Do we have an input file?. if (open(DAT, "$names[0]")) { @names = ; close DAT; } # # Try and obtain the comment for the group. If you can't it is either an # invalid entry or a security problem my $comment; unless (Win32::NetAdmin::GroupGetAttributes($DC, $group, $comment)) { &logmsg("Invalid group name $group. Error: $^E\n"); die (" Invalid Group name $group. Error: $^E\n"); } foreach my $user (@names) { chomp $user; print "Processing $user\n"; # # Does the id exist? unless (Win32::NetAdmin::UsersExist($DC, $user)) { &logmsg("The account $user does not exist.\n"); print " The account $user does not exist.\n"; next; } # # Verify the id is not already in the group. If not; add it. if (Win32::NetAdmin::GroupIsMember($DC, $group, $user)) { &logmsg("$user is already a member of $group\n"); print " $user is already a member of $group\n"; next; } else { unless (Win32::NetAdmin::GroupAddUsers($DC, $group, $user)) { &logmsg("Unable to add $user to $group due to error $^E ! \n"); print " Unable to add $user to $group due to error $^E ! \n"; next; } else { &logmsg("Added $user to $group\n"); print " Added $user to $group\n"; } } } # # Just a simple log routine. Mainly for cases of automation in the future. sub logmsg { my $subject = shift; my $log = "addtogrp.log"; my ($sec,$min,$hour,$mday,$mon,$year) = localtime(time()); my $date = sprintf("%02d\/%02d\/%04d",$mon+1,$mday,$year+1900); my $time = sprintf("%02d:%02d:%02d",$hour,$min,$sec); unless (open(LOGFILE, ">>$log")) { die "Unable to open log file $log"; } print LOGFILE ("$date $time - $subject\n"); close LOGFILE; }