Adding Members to a Group
Adding objects as members of a group can be done with IADsGroup::Add
, a simple method that takes the DN of the object to be added:
objGroup.Add("LDAP://cn=Sue Peace,cn=Users,dc=mycorp,dc=com")
objGroup.Add("LDAP://cn=Keith Cooper,cn=Users,dc=mycorp,dc=com")Groups can contain virtually any other type of object as a member, including users, computers, and other groups.
Adding Many USER Groups to DRUP Groups
In Chapter 11, we described the need to add many user groups as members of several permission groups. Example 23-8 contains the code necessary to implement this functionality. It scans for all groups prefixed with USER_ and DRUP_. It then adds all the USER groups to each DRUP group, except for the group where the suffix matches. In other words, all USER_ groups except USER_Finance are added to DRUP_Finance. This was why the names were set up this way.
Example 23-8. Adding many user groups as members of several permission groups
'************************************************************************** 'Search the entire AD for all groups starting USER_ and return the cn 'and AdsPath variables in the following structure ' ' arrUSERGroup(index,0) = cn attributes ' arrUSERGroup(index,1) = ADsPath attribute ' 'where index goes from 0 to (the maximum number of results returned -1) '************************************************************************** If (SearchAD("LDAP://dc=mycorp,dc=com", _ "(&(objectCategory=group)(cn=USER_*))", _ "SubTree", "cn,ADsPath", ...