Wrox Programmer Forums
Classic ASP Basics For beginner programmers starting with "classic" ASP 3, pre-".NET." NOT for ASP.NET 1.0, 1.1, or 2.0
Welcome to the p2p.wrox.com Forums.

You are currently viewing the Classic ASP Basics section of the Wrox Programmer to Programmer discussions. This is a community of software programmers and website developers including Wrox book authors and readers. New member registration was closed in 2019. New posts were shut off and the site was archived into this static format as of October 1, 2020. If you require technical support for a Wrox book please contact http://hub.wiley.com
Old August 24th, 2007, 09:27 PM
Registered User
Join Date: Aug 2007
Posts: 1
Thanks: 0
Thanked 0 Times in 0 Posts
Default Add existing AD user to AD group via ADSI?

Hi all,

I'm a bit new with manipulating system functions using ADSI; however, I've found it's extremely powerful and I believe I can use it to simplify a lot of manual processes.

I have a domain where I do not have admin rights to the servers or AD, but do have access to add/remove users to several AD groups which I wish to manage via the web (if I can). I've found a few scripts on the Internet that add an existing user to an AD group, but I get a general access denied error message.

I recall working on a project in the past where I simply queried AD for user information, but in order to do so I had to authenticate (in the script) with my domain username and password. Then, I could pull AD detials for each user (fullname, office, etc.)

So - taking that into account, can I authenticate using my username and password on the domain, and then add users to the AD groups I have access to add/remove members from? I can of course add/remove members using the Windows GUI, but using web-based forms I can simplify a lot of other processes.

Some existing code I pieced together:


strServerName = ""
strUsername = ""

set connAD = Server.CreateObject("ADODB.Connection")
connAD.Provider = "ADsDSOObject"
connAD.Properties("User ID") = ""
connAD.Properties("Password") = ""
connAD.Properties("Encrypt Password") = True

Set oDomain = GetObject("")
Set oGroup = oDomain.GetObject("Group", strGroup)
oGroup.Add ("WinNT://domain/" & strUsername)
However, that is not working, giving a general access denied error message. Thank you for taking a look at this, in advance!

Similar Threads
Thread Thread Starter Forum Replies Last Post
Invoking a web service on New User creation in AD Anitha Karthik BOOK: ASP.NET 2.0 Instant Results ISBN: 978-0-471-74951-6 1 August 28th, 2008 01:15 AM
Problem with user control (ad rotator) ALEX_GRIM ASP.NET 1.0 and 1.1 Professional 4 May 5th, 2005 12:52 AM
AD Group enumeration raspar VB How-To 1 June 15th, 2004 02:18 PM
Error while creating User acc In AD spraveens Classic ASP Components 0 June 12th, 2004 08:17 AM

Powered by vBulletin®
Copyright ©2000 - 2020, Jelsoft Enterprises Ltd.
Copyright (c) 2020 John Wiley & Sons, Inc.