http://qs321.pair.com?node_id=158680
Category: NT Admin
Author/Contact Info Marza
Description: addtogrp.pl

This script as the name implies is used to add ids or a list of IDs to a particular domain/AD group.

There is a logmsg subroutine which can be used for automation or history purposes. If it is not required, then comment it out.

I have not tested AD yet as we don't have an AD setup.

Finally, feel free to use it and mod it as you need. If you think something could be done better, please let me know.

 
use strict;
use warnings;
use Win32::NetAdmin;

my ($group, @names);
unless ( ($group, @names) = @ARGV ) {
    print "addtogrp <GROUP> <Input file> or <User> <User> ... \n\n";
    die ("   Use double quotes for Multiworded Groups: ie \"Domain Adm
+ins\"\n");
}

my $domain = Win32::DomainName or die "Unable to obtain the domain nam
+e";

my $DC;
Win32::NetAdmin::GetDomainController( '', $domain, $DC ) or 
            die "Unable to locate a Domain Controller\n";
#
# Do we have an input file?.
if (open(DAT, "$names[0]")) {
    @names = <DAT>;
    close DAT;
}
#
# Try and obtain the comment for the group.  If you can't it is either
+ an
# invalid entry or a security problem
my $comment;
unless (Win32::NetAdmin::GroupGetAttributes($DC, $group, $comment)) {
    &logmsg("Invalid group name $group. Error: $^E\n");
    die (" Invalid Group name $group. Error: $^E\n");
}

foreach my $user (@names) {
    chomp $user;
    print "Processing $user\n";
    #
    # Does the id exist?
    unless (Win32::NetAdmin::UsersExist($DC, $user)) {
        &logmsg("The account $user does not exist.\n");
        print " The account $user does not exist.\n";
        next;
    }
    #
    # Verify the id is not already in the group.  If not; add it.
    if (Win32::NetAdmin::GroupIsMember($DC, $group, $user)) {
        &logmsg("$user is already a member of $group\n");
        print " $user is already a member of $group\n";
        next;
    } else {
        unless (Win32::NetAdmin::GroupAddUsers($DC, $group, $user)) {
            &logmsg("Unable to add $user to $group due to error $^E ! 
+\n");
            print " Unable to add $user to $group due to error $^E ! \
+n";
            next;
        } else {
            &logmsg("Added $user to $group\n");
            print " Added $user to $group\n";
        }
    }
}
#
# Just a simple log routine.  Mainly for cases of automation in the fu
+ture.
sub logmsg {
    my $subject = shift;
    my $log = "addtogrp.log";
    my ($sec,$min,$hour,$mday,$mon,$year) = localtime(time());

    my $date = sprintf("%02d\/%02d\/%04d",$mon+1,$mday,$year+1900);
    my $time = sprintf("%02d:%02d:%02d",$hour,$min,$sec);

    unless (open(LOGFILE, ">>$log")) {
        die "Unable to open log file $log";
    }
    print LOGFILE ("$date  $time - $subject\n");
    close LOGFILE;
}

Back to Code Catacombs