AD.Group.SetMembers

Sets or edits an entire group member list from the contents of a text file

Only account objects are affected - group object members are ignored.

Unlike most other SetupBatcher active directory commands this command works with common names, not full AD paths - the command looks up container from CN for each object by itself.

When AD.Group.SetMembers has been executed the group only contains accounts listed in the text file:

·	If account listed in text file and account not already group member -> account added to group.

·	If account not listed in text file but account is group member -> account removed from group

·	If account listed in text file and account already is group member -> nothing happens.

·	Number of added and removed accounts are displayed in the log window.

Category
Active Directory

Script section
All

AD.Group.SetMembers DomainADPath, GroupCN, FileName

DomainADPath

Full AD path to domain of group

GroupCN

Common name of group to modify (not full AD path)

FileName

Full path to file with account common names, one on each row

Notice: the file can not be empty, if you need to clear a group, use AD.Group.RemoveAllObjects

Examples
1) Set members of group "students" to contents of file c:\myfile.txt
AD.Group.SetMembers dc=com/dc=acme/dc=D31, Students, c:\myfile.txt

2) Set members of group "groupa", "groupb" and "groupc" in domain d31.acme.com.

First we need to create three text files, one for each group to be redefined:

groupa.txt:
user1
user2
user4
user5

groupb.txt
user4
user3
user5

groupc.txt
user3
user5
user7

Then use this script:

[Settings_Begin]
BatchSettings.Delimiter=TAB
BatchSettings.MarkerCol=2

SET ADDomainPath=dc=com/dc=acme/dc=D31
[Settings_End]

[Machines_Begin]
\\MAIN04
[Machines_End]

[Batch_Begin]
Data.Loop   
 AD.Group.SetMembers %ADDomainPath%, %col1%, c:\%col1%.txt
Data.EndLoop   
[Batch_End]

[Data_Begin]
groupa   
groupb   
groupc   
[Data_End]

Result (only "groupa" shown):