adding computer name to active directory group [closed]

Closed. This question does not meet Stack Overflow guidelines. It is not currently accepti开发者_如何转开发ng answers.

---

Questions asking for code must demonstrate a minimal understanding of the problem being solved. Include attempted solutions, why they didn't work, and the expected results. See also: Stack Overflow question checklist

Closed 9 years ago.

Improve this question

I have a requirement where I have to add computer name to the pre-defined active directory group. Does anyone have experience related to this ?

---

You can do this through C# code using System.DirectoryServices

// Bind to the Computers container and add a new computer.
DirectoryEntry de01 = new DirectoryEntry("LDAP://CN=Computers,DC=fabrikam,DC=com");
DirectoryEntry newComputer = de01.Children.Add("CN=New Computer", "computer");
newGroup.CommitChanges();

See http://msdn.microsoft.com/en-us/library/ms180832(v=VS.90).aspx for examples.

---

Use ADSI. Basically you bind to the Active Directory, locate the computer object and group object you need, and call a method to add the computer to the group.

If it needs to be from a command line, you can easily do this using WSH or .Net.

ADSI reference: http://msdn.microsoft.com/en-us/library/aa772218(v=VS.85).aspx

ADSI LDAP: http://msdn.microsoft.com/en-us/library/aa746384(v=VS.85).aspx

It will not take effect until the computer reboots.

---

Below code worked for me

  //Step 1: get the DN of the adgroup you want to use
    DirectoryEntry groupEntry = new DirectoryEntry   ("LDAP://CN=AdgroupNameWewantToAddTo,DC=na,DC=ABCint,DC=com");//adgroupDSN

//step 2: get the Dn of the pc you want to add to the group
string memberDN;
DirectorySearcher dom = new DirectorySearcher(baseDN);
dom.Filter = "(&(ObjectCategory=computer) (cn=" + PCNAME+ "))";
SearchResult searchResult = dom.FindOne();
if (searchResult != null)
 {
    memberDN=searchResult.GetDirectoryEntry().Path;
 }

//Step 3:add PC to the ad group
groupEntry.Invoke("Add", computerdn);