OU/Group Creation VBScript Example

[vb] ‘ createStaffOU.vbs
‘
‘ This creates a toplevel OU assuming the following structure:
‘ woftech\NCSU\College\Dept\NewOU
‘
‘ It creates “laptops” and “desktops” OU’s, 4 groups {computers,desktops,laptops,users}
‘ and sets up all of the group memberships correctly. Last thing it does is create an empty
‘ GPO and link it in.
‘
‘ Basically it just automates a manual process.

Option Explicit
Dim objRoot, objDomain, objOU, objGPO, objGPM, objGPMConstants, objGPMDomain, objSOM, objGPMLink
Dim strContainer, strStaffGroup, strDeptOU, strCollege, strNewGp, strNewGpLong, objGroup, parentOU, domainName
err.number = vbEmpty

strStaffGroup = “Testing”
strDeptOU = “NE”
strCollege = “COE”

‘ Section to create the OU defined by strContainer
‘strContainer = “OU=” & strStaffGroup & “,OU=Staff,OU=” & strDeptOU & “,OU=” & strCollege & “,OU=NCSU”
strContainer = “OU=” & strStaffGroup & “,OU=” & strDeptOU & “,OU=” & strCollege & “,OU=NCSU”
domainName = “dc=wolftech,dc=ad,dc=ncsu,dc=edu”
parentOU = “OU=” & strDeptOU & “,OU=” & strCollege & “,OU=NCSU,” & domainName

‘ Section to bind to YOUR Active Directory.
Set objRoot = GetObject(“LDAP://rootDSE”)
objDomain = objRoot.Get(“defaultNamingContext”)
Set objDomain = GetObject(“LDAP://” & objDomain)

wscript.echo parentOU & “, ” & domainName & “, ” & strContainer

‘On Error Resume next
Set objOU = objDomain.Create(“organizationalUnit”, strContainer )
objOU.SetInfo
Set objOU = objDomain.Create(“organizationalUnit”, “OU=Desktops,” & strContainer )
objOU.SetInfo
Set objOU = objDomain.Create(“organizationalUnit”, “OU=Laptops,” & strContainer )
objOU.SetInfo

Set objOU = GetObject(“LDAP://” & strContainer & “,” & domainName)

‘ Create new Groups
strNewGp = strDeptOU & “-” & strStaffGroup & “.Users”
strNewGpLong = “CN=” & strNewGp
Set objGroup = objOU.Create(“Group”,strNewGpLong)
objGroup.Put “sAMAccountName”, strNewGp
objGroup.setInfo

strNewGp = strDeptOU & “-” & strStaffGroup & “.Desktops”
strNewGpLong = “CN=” & strNewGp
Set objGroup = objOU.Create(“Group”,strNewGpLong)
objGroup.Put “sAMAccountName”, strNewGp
objGroup.setInfo

strNewGp = strDeptOU & “-” & strStaffGroup & “.Laptops”
strNewGpLong = “CN=” & strNewGp
Set objGroup = objOU.Create(“Group”,strNewGpLong)
objGroup.Put “sAMAccountName”, strNewGp
objGroup.setInfo

strNewGp = strDeptOU & “-” & strStaffGroup & “.Computers”
strNewGpLong = “CN=” & strNewGp
Set objGroup = objOU.Create(“Group”,strNewGpLong)
objGroup.Put “sAMAccountName”, strNewGp
objGroup.setInfo

set objGroup = GetObject(“LDAP://CN=” & strDeptOU & “-” & strStaffGroup & “.Computers,” & strContainer & “,” & domainName)
objGroup.Add(“LDAP://CN=” & strDeptOU & “-” & strStaffGroup & “.Laptops,” & strContainer & “,” & domainName)
objGroup.Add(“LDAP://CN=” & strDeptOU & “-” & strStaffGroup & “.Desktops,” & strContainer & “,” & domainName)

set objGroup = GetObject(“LDAP://CN=” & strDeptOU & “-Desktops,” & parentOU)
objGroup.Add(“LDAP://CN=” & strDeptOU & “-” & strStaffGroup & “.Desktops,” & strContainer & “,” & domainName)

set objGroup = GetObject(“LDAP://CN=” & strDeptOU & “-Laptops,” & parentOU)
objGroup.Add(“LDAP://CN=” & strDeptOU & “-” & strStaffGroup & “.Laptops,” & strContainer & “,” & domainName)

set objGroup = GetObject(“LDAP://CN=” & strDeptOU & “-Users,” & parentOU)
objGroup.Add(“LDAP://CN=” & strDeptOU & “-” & strStaffGroup & “.Users,” & strContainer & “,” & domainName)

set objGPM = CreateObject(“GPMgmt.GPM”)
set objGPMConstants = objGPM.GetConstants()
set objGPMDomain = objGPM.GetDomain(“wolftech.ad.ncsu.edu”, “”, objGPMConstants.UseAnyDC)

set objGPO = objGPMDomain.CreateGPO()
objGPO.DisplayName = strDeptOU & “-” & strStaffGroup & ” Staff Policy”

set objSOM = objGPMDomain.GetSOM(strContainer & “,” & domainName)
set objGPMLink = objSOM.CreateGPOLink(-1, objGPO)
[/vb]