I have a "New User" script which is very complex and handles adding most AD properties upon creation, address tab, phones, profile tab, organisation tab, etc. It also will use any existing user as a template for group membership addition.  I was using the WinNT method in this script, and am now changing that to the LDAP method since the WinNT method doesn't pick up distribution groups.  However, I am now getting a "bad path" error when I try to add the groups to the new user.  Can someone assist me here please.  I will paste the pertinent section in here, as the original script is nearly 1000 lines of code

I have added a comment where the error is occurring

Here is the section of script that I am struggling with:



Function DuplicateUser()

strUsr2Duplicate = inputbox("What is the username you wish to duplicate the membership of? " & vbCrLf & vbCrLf & "Enter the LOGIN ID of the required user, using the First Initial + Lastname format as in the below example:"  & vbCrLf & vbCrLf & "Joe User would be"  & vbCrLf & vbCrLf & "juser" & vbCrLf, "Group Membership Duplication process")
strDomain = "MyDomain"

if strUsr2Duplicate = "" then
    msgbox "No user requested - No group memberships will be duplicated"
else
    call LocateUser
End if
End Function

Function LocateUser()
'On Error Resume Next
Set ObjUser1 = Getobject("WinNT://" & strDomain & "/" & strUsr2Duplicate & ",user")
if err.number<>0 then
    Call BadUserName
Else    
    Call DuplicateUserFinish
End if
End Function

Function BadUserName()
MsgBox "You've chosen a username which does not exist"
    intAnswer = _
        Msgbox("Do you wish to choose another username for Group Membership duplication?", _
vbYesNo, "Copy User Membership?")
If intAnswer = vbYes Then
Call DuplicateUser
Else
Msgbox "No user requested - No group memberships will be duplicated"
End if
End Function

Function DuplicateUserFinish()
' Use the NameTranslate object to convert the NT user name to the
' Distinguished Name required for the LDAP provider.
Set objTrans = CreateObject("NameTranslate")
' Initialize NameTranslate by locating the Global Catalog.
objTrans.Init ADS_NAME_INITTYPE_GC, ""
' Use the Set method to specify the NT format of the object name.
' Trap the error if the user does not exist.
'On Error Resume Next
objTrans.Set ADS_NAME_TYPE_NT4, strNTName
If (Err.Number <> 0) Then
Wscript.Echo "User " & strUsrName & " not found."
Wscript.Quit
End If
On Error GoTo 0
strUserDN = objTrans.Get(ADS_NAME_TYPE_1779)

' Bind to the user object in Active Directory with the LDAP provider.
Set objUser2 = GetObject("LDAP://" & strUserDN)
' Enumerate groups that first user belongs to.
For Each objGroup In objUser1.Groups
' Check if second user belongs.
If (objGroup.IsMember(objUser2.AdsPath) = False) Then
' Add the second user to the group.

'   HERE IS WHERE I GET THE ERROR
objGroup.Add(objUser2.AdsPath)
End if
Next

Wscript.Echo "Success " & strUsr2Duplicate & "'s Group Memberships have been duplicated for " & strSAm
End function -- SecurityGuy ------------------------------------------------------------------------ SecurityGuy's Profile: http://forums.techarena.in/members/85156.htm View this thread: http://forums.techarena.in/active-directory/1148717.htmhttp://forums.techarena.in

SecurityGuy wrote:

Show quoteHide quoteThe variable strNTName is never assigned a value. It is used when you invoke
the Set method of the NameTranslate object to assign the NT format of the
name. I think you want to use:

objTrans.Set ADS_NAME_TYPE_NT4, strDomain & "\" & strUsr2Duplicate

But now I'm getting objUser1 and objUser2 confused. objUser1, from what we
see, is this user bound with the WinNT provider, while objUser2 is the same
user bound with the LDAP provider. I think objUser1 should be the newly
created user and objUser2 the "template" user whose group memberships will
be copied over to objUser1. If so, do not use "Set objUser1" in the code to
bind with the WinNT provider (maybe use objUser3). If I assume that objUser1
was previously assigned as the object reference for the new user, then the
last part of Function DuplicateUserFinish should be:
==================
    ' Bind to the user object in Active Directory with the LDAP provider.
    Set objUser2 = GetObject("LDAP://" & strUserDN)
    ' Enumerate groups the template user belongs to.
    For Each objGroup In objUser2.Groups
        ' Check if new user belongs.
        If (objGroup.IsMember(objUser1.AdsPath) = False) Then
            ' Add the new user to the group.
            objGroup.Add(objUser1.AdsPath)
        End if
    Next
=============
Note in the "For Each" loop I switched objUser1 and objUser2, so the newly
created user is now added to the groups. I assume that objUser1 was bound
using the LDAP provider somewhere else in the program.

Yes, you are correct in that objUser1 IS the newly created user and objUser2 is the "template" user I wish to copy the memberships of

I've changed my code as you suggested, and now I am getting the following Windows Scripting Host error

Script: CreateUser.vbs
Line:    1009
Char:   1
Error:   0x80005008
Code:   80005008
Source: (null)

Here is the code as it stands now


Function DuplicateUser()

strUsr2Duplicate = inputbox("What is the username you wish to duplicate the membership of? " & vbCrLf & vbCrLf & "Enter the LOGIN ID of the required user, using the First Initial + Lastname format as in the below example:"  & vbCrLf & vbCrLf & "Joe User would be"  & vbCrLf & vbCrLf & "juser" & vbCrLf, "Group Membership Duplication process")
strDomain = "chgfe"

if strUsr2Duplicate = "" then
    msgbox "No user requested - No group memberships will be duplicated"
else
    call LocateUser
End if
End Function

Function LocateUser()
'On Error Resume Next
Set ObjUser1 = Getobject("WinNT://" & strDomain & "/" & strUsr2Duplicate & ",user")
if err.number<0 then
Call BadUserName
Else
Call DuplicateUserFinish
End if
End Function

Function BadUserName()
MsgBox "You've chosen a username which does not exist"
    intAnswer = _
        Msgbox("Do you wish to choose another username for Group Membership duplication?", _
        vbYesNo, "Copy User Membership?")
    If intAnswer = vbYes Then
    Call DuplicateUser
    Else
        Msgbox "No user requested - No group memberships will be duplicated"
    End if
End Function

Function DuplicateUserFinish()
' Use the NameTranslate object to convert the NT user name to the
' Distinguished Name required for the LDAP provider.
Set objTrans = CreateObject("NameTranslate")
' Initialize NameTranslate by locating the Global Catalog.
objTrans.Init ADS_NAME_INITTYPE_GC, ""
' Use the Set method to specify the NT format of the object name.
' Trap the error if the user does not exist.
On Error Resume Next
objTrans.Set ADS_NAME_TYPE_NT4, strDomain & "\" & strUsr2Duplicate
If (Err.Number <0) Then
Wscript.Echo "User " & strUsrName & " not found."
Wscript.Quit
End If
On Error GoTo 0
strUserDN = objTrans.Get(ADS_NAME_TYPE_1779)

' Bind to the user object in Active Directory with the LDAP provider.
Set objUser2 = GetObject("LDAP://" & strUserDN)
' Enumerate groups the template user belongs to.
For Each objGroup In objUser2.Groups
' Check if new user belongs.
If (objGroup.IsMember(objUser1.AdsPath) = False) Then
' Add the new user to the group.
objGroup.Add(objUser1.AdsPath)
End if
Next

Wscript.Echo "Success " & strUsr2Duplicate & "'s Group Memberships have been duplicated for " & strSAm
End function -- SecurityGuy ------------------------------------------------------------------------ SecurityGuy's Profile: http://forums.techarena.in/members/85156.htm View this thread: http://forums.techarena.in/active-directory/1148717.htmhttp://forums.techarena.in

Not Pulling an IP
VB Script returns all group memberships for a user EXCEPT Exchange Dist groups
AD Container
User authenticates, skips logon script
Errors from dcdiag
disabling 3g modems that connect to PCs via usb and pcmcia
Recovery GPOs
redirected start menu not working
RODC no prp
Set password length for windows system programmaticaly