'========================================================================= ' GroupModifyType.vbs ' VERSION: 1.0 ' AUTHOR: Brian Steinmeyer ' EMAIL: [email protected] ' WEB: https://sigkillit.com ' DATE: 1/1/2011 ' COMMENTS: Pass the ADsPath or Dinstinguished Name of the Group, the Group ' Type (Global, Local, Universal), and Whether It Should Be Security Enabled ' and the Function Will Modify the Group Type. To Bulk Modify Groups, Pass ' the ADsPath or Distinguished name of the Container/Organization Unit to ' the Function Instead of a Group ADsPath or Distinguished Name. ' EXAMPLE: Modify a Group To Universal Security Group ' Dim strGroupPath: strGroupPath = "LDAP://CN=Testgroup,CN=Users,DC=domain,DC=com" ' Dim strGroupType: strGroupType = "Universal" ' Dim blnSecurityEnabled: blnSecurityEnabled = True ' EXAMPLE: Bulk Modify Groups to Global Distribution Groups ' Dim strGroupPath: strGroupPath = "LDAP://CN=Users,DC=domain,DC=com" ' Dim strGroupType: strGroupType = "Global" ' Dim blnSecurityEnabled: blnSecurityEnabled = False '========================================================================= Option Explicit ' ------ SCRIPT CONFIGURATION ------ Dim strGroupPath: strGroupPath = "LDAP://CN=Users,DC=domain,DC=com" Dim strGroupType: strGroupType = "Universal" Dim blnSecurityEnabled: blnSecurityEnabled = False ' ------ END CONFIGURATION ------ Call Logger("GroupModifyType.txt","",True) Call Logger("GroupModifyType.txt", GroupModifyType(strGroupPath,strGroupType,blnSecurityEnabled) & "|" & strGroupPath, False) Wscript.Echo "Finished" Private Function GroupModifyType(groupPath, groupType, blnSecurity) On Error Resume Next groupPath = Replace(groupPath,"LDAP://","",1,1,1) 'Ensure DN not ADS Path Const ADS_GROUP_TYPE_GLOBAL_GROUP = &h2 Const ADS_GROUP_TYPE_LOCAL_GROUP = &h4 Const ADS_GROUP_TYPE_UNIVERSAL_GROUP = &h8 Const ADS_GROUP_TYPE_SECURITY_ENABLED = &h80000000 Dim objConnection: Set objConnection = CreateObject("ADODB.Connection") Dim objCommand: Set objCommand = CreateObject("ADODB.Command") objConnection.Provider = "ADsDSOObject" objConnection.Open "Active Directory Provider" Set objCommand.ActiveConnection = objConnection objCommand.Properties("Page Size") = 1000 'Override the Return 1000 Results Default Const ADS_SCOPE_SUBTREE = 2 objCommand.Properties("Searchscope") = ADS_SCOPE_SUBTREE 'Include Sub OU's objCommand.CommandText = "SELECT ADsPath FROM 'LDAP://" & groupPath & "' WHERE objectClass='group'" Dim objRecordSet: Set objRecordSet = objCommand.Execute objRecordSet.MoveFirst Dim objGroup, blnErr, strResult: strResult = "" Do Until objRecordSet.EOF blnErr = False Set objGroup = GetObject(objRecordSet.Fields("AdsPath").Value) If StrComp(groupType,"global",1) = 0 Then If blnSecurity = True Then objGroup.Put "groupType", ADS_GROUP_TYPE_GLOBAL_GROUP + ADS_GROUP_TYPE_SECURITY_ENABLED Elseif blnSecurity = False Then objGroup.Put "groupType", ADS_GROUP_TYPE_GLOBAL_GROUP Else blnErr = True End If Elseif StrComp(groupType,"local",1) = 0 Then If blnSecurity = True Then objGroup.Put "groupType", ADS_GROUP_TYPE_LOCAL_GROUP + ADS_GROUP_TYPE_SECURITY_ENABLED Elseif blnSecurity = False Then objGroup.Put "groupType", ADS_GROUP_TYPE_LOCAL_GROUP Else blnErr = True End If Elseif StrComp(groupType,"universal",1) = 0 Then If blnSecurity = True Then objGroup.Put "groupType", ADS_GROUP_TYPE_UNIVERSAL_GROUP + ADS_GROUP_TYPE_SECURITY_ENABLED Elseif blnSecurity = False Then objGroup.Put "groupType", ADS_GROUP_TYPE_UNIVERSAL_GROUP Else blnErr = True End If Else blnErr = True End If objGroup.SetInfo If Err.Number <> 0 Then Err.Clear blnErr = True End If If blnErr = True Then strResult = strResult & "!~ERROR~!|" & objRecordSet.Fields("AdsPath").Value Else strResult = strResult & "SUCCESS|" & objRecordSet.Fields("AdsPath").Value End If objRecordSet.MoveNext Loop GroupModifyType = strResult On Error Goto 0 End Function Private Sub Logger(fileName, logMessage, blnNewLog) On Error Resume Next Const ForReading = 1, ForWriting = 2, ForAppending = 8 Dim objFSO: Set objFSO = CreateObject("Scripting.FileSystemObject") Dim scriptPath: scriptPath = Left(WScript.ScriptFullName,InstrRev(WScript.ScriptFullName,"\")) Dim logName If InStr(1,fileName,"\",1) > 0 Then logName = fileName If objFSO.DriveExists(objFSO.GetDriveName(logName)) Then If StrComp(objFSO.GetExtensionName(logName), "", 1) = 0 Then If Not objFSO.FolderExists(logName) Then If objFSO.FolderExists(objFSO.GetParentFolderName(logName)) Then objFSO.CreateFolder logName 'Create Folder In Current Path Exit Sub Else Call Logger(objFSO.GetParentFolderName(logName), logMessage, blnNewLog) 'Recurse Creating Parent Folder Call Logger(logName, logMessage, blnNewLog) 'Recurse Creating Current Folder Exit Sub End If End If Else If Not objFSO.FileExists(logName) Then If Not objFSO.FolderExists(objFSO.GetParentFolderName(logName)) Then Call Logger(objFSO.GetParentFolderName(logName), logMessage, blnNewLog) 'Recurse Creating Parent Folder Call Logger(logName, logMessage, blnNewLog) 'Recurse Creating Current Folder End If End If End If End If Else logName = scriptPath & fileName End If Dim logFile If blnNewLog = True Then Set logFile = objFSO.CreateTextFile(logName, True) Else If objFSO.FileExists(logName) Then Set logFile = objFSO.OpenTextFile(logName, ForAppending, True) Else Set logFile = objFSO.CreateTextFile(logName, True) End If End If logFile.WriteLine logMessage logFile.Close Set objFSO = Nothing On Error Goto 0 End Sub
