Add users to Domain group based on attribute

[vbs-Noob]

I'm looking for a way to help automate mundane tasks. I have written some fairly basic scripts in VBS but I'm getting stumped on this project.

Some brief background; We have new contractors starting fairly often and we want to ensure they added to the correct groups. All contractors have only Contractor listed in their Title attribute.

Occasionally contractors are hired and become full-time employees and as a result their title changes.

I'd like a script that can read every user (we only 900 or so) and if their title is Contractor they should be added to the group. If their title is not contractor the should not be placed in the group. If they are currently in the group but the title is not contractor they should be removed.

I've found a code snippet that can remove all users from the group, but I'm having trouble enumerating AD and checking the attribute and if it matches adding it to the group.

Any help would be appreciated immensely

[mendhak]

It usually helps to show the code you're working with and pointing out the areas you're failing in.

[mendhak]

Also, look here.

http://activexperts.com/activmonitor...ectory/groups/

[vbs-Noob]

OK I've cobbled together a little script that starts to do what I need.

I figure I need to enumerate all users in the domain and check the title value of each user to see if it matches. When it does add it to the appropriate group. I'm not correctly binding to the user object it seems.

Help please?

Code:

	Dim strTitle, strUser, strGroup, strDomainDN, strGroupName

	strGroupName = "Contractors"
	strGroupDN = "LDAP://" & strGroupName & ",OU=Groups," & strDomainDN
' ------ SCRIPT CONFIGURATION ------
Set WshShl = Wscript.CreateObject("Wscript.Shell")
	WshShl.LogEvent 0, "contractors-group.vbs  -  Beginning script execution"
	strDomainDN = "dc=ad,dc=domain,dc=com"    
' ------ END CONFIGURATION ---------

strBase   =  "<LDAP://" & strDomainDN & ">;"
strFilter = "(&(objectclass=user)(objectcategory=person));" 
strAttrs  = "name;"
strScope  = "subtree"
	Wscript.echo (strdomaindn)
set objConn = CreateObject("ADODB.Connection")
objConn.Provider = "ADsDSOObject"
objConn.Open "Active Directory Provider"
set objRS = objConn.Execute(strBase & strFilter & strAttrs & strScope)
objRS.MoveFirst
while Not objRS.EOF
    Wscript.Echo objRS.Fields(0).Value
	strUser = objRS.Fields(0).Value
	Set objUser = struser
	Wscript.Echo objUser.Title ' I want to see that title attribute is seen
	' add function to add user to group here
        objRS.MoveNext
wend

	WshShl.LogEvent 0, "Contractors-group.vbs  -  Completed script execution"