16.15. Adding and Removing Members of a Group

Problem

You want to add or remove group members.

Solution

Using a graphical user interface

  1. Follow the same steps as in Recipe 16.13 to view the members of the group.

  2. To remove a member, click on the member name, click the Remove button, click Yes, and click OK.

  3. To add a member, click on the Add button, enter the name of the member, and click OK twice.

Using a command-line interface

The -addmbr option adds a member to a group:

> dsmod group "<GroupDN>" -addmbr "<MemberDN>"

The -rmmbr option removes a member from a group:

> dsmod group "<GroupDN>" -rmmbr "<MemberDN>"

The -chmbr option replaces the complete membership list:

> dsmod group "<GroupDN>" -chmbr "<Member1DN Member2DN ...>"

Using VBScript

' This code adds a member to a group.
' ------ SCRIPT CONFIGURATION ------
strGroupDN = "<GroupDN>"  ' e.g., cn=SalesGroup,ou=Groups,dc=rallencorp,dc=com
strMemberDN = "<MemberDN>" ' e.g., cn=jsmith,cn=users,dc=rallencorp,dc=com
' ------ END CONFIGURATION ---------
   
set objGroup = GetObject("LDAP://" & strGroupDN)
' Add a member
objGroup.Add("LDAP://" & strMemberDN)
   
' This code removes a member from a group.
' ------ SCRIPT CONFIGURATION ------
strGroupDN = "<GroupDN>"  ' e.g., cn=SalesGroup,ou=Groups,dc=rallencorp,dc=com
strMemberDN = "<MemberDN>" ' e.g., cn=jsmith,cn=users,dc=rallencorp,dc=com
' ------ END CONFIGURATION ---------
   
set objGroup = GetObject("LDAP://" & strGroupDN)
' Remove a member
objGroup.Remove("LDAP://" & strMemberDN)

Discussion

Since there ...

Get Windows Server Cookbook now with O’Reilly online learning.

O’Reilly members experience live online training, plus books, videos, and digital content from 200+ publishers.