Adding Members to a Group
Adding objects as members of a group
can be done with IADsGroup::Add, a simple method
that takes the DN of the object to be added:
objGroup.Add("LDAP://cn=Sue Peace,cn=Users,dc=mycorp,dc=com")
objGroup.Add("LDAP://cn=Keith Cooper,cn=Users,dc=mycorp,dc=com")Groups can contain virtually any other type of object as a member, including users, computers, and other groups.
Adding Many USER Groups to DRUP Groups
In Section 11.5.5, we described the need to add many user groups as members of several permission groups. Example 21-8 contains the code necessary to implement this functionality. It scans for all groups prefixed with USER_ and DRUP_. It then adds all the USER groups to each DRUP group, except for the group where the suffix matches. In other words, all USER_ groups except USER_Finance are added to DRUP_Finance. This was why the names were set up this way.
Note
These searches make use of the ADO search function called SearchAD from Chapter 20.
Example 21-8. Adding many user groups as members of several permission groups
'************************************************************************** 'Search the entire AD for all groups starting USER_ and return the cn 'and AdsPath variables in the following structure ' ' arrUSERGroup(0,index) = cn attributes ' arrUSERGroup(1,index) = ADsPath attribute ' 'where index goes from 0 to (the maximum number of results returned -1) '************************************************************************** If SearchAD( _ ...
Get Active Directory, Second Edition now with the O’Reilly learning platform.
O’Reilly members experience books, live events, courses curated by job role, and more from O’Reilly and nearly 200 top publishers.
