7.4. Adding and Removing Members of a Group

Problem

You want to add or remove members of a group.

Solution

Using a graphical user interface

Follow the same steps as in Recipe 7.2 to view the members of the group.
To remove a member, click on the member name, click the Remove button, click Yes, and click OK.
To add a member, click on the Add button, enter the name of the member, and click OK twice.

Using a command-line interface

The -addmbr option adds a member to a group:

> dsmod group "<GroupDN>" -addmbr "<MemberDN>"

The -rmmbr option removes a member from a group:

> dsmod group "<GroupDN>" -rmmbr "<MemberDN>"

The -chmbr option replaces the complete membership list:

> dsmod group "<GroupDN>" -chmbr "<Member1DN Member2DN  . . . >"

Using VBScript

' This code adds a member to a group.
' ------ SCRIPT CONFIGURATION ------
strGroupDN = "<GroupDN>"  ' e.g. cn=SalesGroup,ou=Groups,dc=rallencorp,dc=com
strMemberDN = "<MemberDN>" ' e.g. cn=jsmith,cn=users,dc=rallencorp,dc=com
' ------ END CONFIGURATION ---------

set objGroup = GetObject("LDAP://" & strGroupDN)
' Add a member
objGroup.Add("LDAP://" & strMemberDN)
' This code removes a member from a group.
' ------ SCRIPT CONFIGURATION ------
strGroupDN = "<GroupDN>"  ' e.g. cn=SalesGroup,ou=Groups,dc=rallencorp,dc=com
strMemberDN = "<MemberDN>" ' e.g. cn=jsmith,cn=users,dc=rallencorp,dc=com
' ------ END CONFIGURATION ---------

set objGroup = GetObject("LDAP://" & strGroupDN)
' Remove a member
objGroup.Remove("LDAP://" & strMemberDN)

Discussion

Since there ...

Get Active Directory Cookbook now with the O’Reilly learning platform.

O’Reilly members experience books, live events, courses curated by job role, and more from O’Reilly and nearly 200 top publishers.

Start your free trial

Active Directory Cookbook by