This code will add a previously created user to a previously created group in Active Directory.
Python, 15 lines
Download
Copy to clipboard1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 | import win32com, win32com.client
import pythoncom
def add_group_member( groupLoc, group, userLoc, user ):
try:
ad_obj=win32com.client.GetObject( "LDAP://cn=%s,%s" % (group, groupLoc) )
ad_obj.Add( "LDAP://cn=%s,%s" % (user, userLoc) )
ad_obj.SetInfo()
except pythoncom.com_error,( hr,msg,exc,arg ):
print "Error adding user %s to group %s..." % (user, group)
print hr, msg, exc, arg
groupLoc = "ou=Friends,dc=Winslow,dc=residence"
userLoc = "cn=Users,dc=Winslow,dc=residence"
add_group_member( groupLoc, "Neighbours", userLoc, "Steve Urkel" )
|
As a part of account creation, it is frequently helpful to add the new user to default groups. This recipe takes a simple approach by using COM support in Python to get the group object and using the ADSI "Add" to add the user to it . To look at account creation itself it would be worthwhile to see http://aspn.activestate.com/ASPN/Cookbook/Python/Recipe/303345.
This operation seems to take a particularly long amount of time to replicate among domain controllers, so be patient upon successful execution.
Tags: sysadmin
