;; 
;;=====================================================================================----- 
;; 
;;FUNCTION       AdCreateGroup() 
;; 
;;ACTION         Creates an active directory group 
;; 
;;AUTHOR         Glenn Barnas 
;; 
;;VERSION        1.0  - 2009/12/08 
;; 
;;History        1.0  - 2009/12/08 - Initial Release 
;; 
;;SYNTAX         AdCreateGroup(Container, Name, Type [, IsSec] [, IsMail[:email]] [, Desc] [, SAMname]) 
;; 
;;PARAMETERS     Container - REQUIRED - The DN string specifying the AD container (OU) 
;;               where the group should be created. Can be an ADS path (LDAP://...) 
;; 
;;               Name      - REQUIRED 
;;               - The name of the group 
;; 
;;               Type      - REQUIRED 
;;               - The type of group to create - Local, Global, or Universal 
;; 
;;               IsSec     - OPTIONAL 
;;               - A boolean value that creates a security group if true 
;; 
;;               IsMail    - OPTIONAL 
;;               - A boolean value used to mail-enable the group using the 
;;               groupname as the default email address. 
;;               IsMail:address@domain.com sets an alternate mail address 
;; 
;;               Desc      - OPTIONAL 
;;               - A description string 
;; 
;;               SAMname   - OPTIONAL 
;;               - A SAM account name, max 20-chars 
;; 
;;REMARKS        Booleans can be any non-zero value or "True"/"Yes" 
;; 
;;RETURNS        1 on success, 0 on failure 
;; 
;;DEPENDENCIES   Exchange admin tools to use MailEnable 
;; 
;;TESTED WITH    W2K, WXP, W2K3, Vista, W2K8 
;; 
;;EXAMPLES       None 
; 
Function AdCreateGroup($_Container, $_GrpName, $_GrpType, OPTIONAL $_IsSec, OPTIONAL $_IsMail, OPTIONAL $_Desc, OPTIONAL $_SamName)
 
  Dim $_Error						; processed error ID 
  Dim $_oAdsPath					; pointer for ADS object 
  Dim $_oGroup						; pointer to new group object 
  Dim $_MailAddr					; alternate mail address 
 
 
  $AdCreateGroup = 0					; assume failure 
 
  ; set the group type value 
  Select
   Case Left($_GrpType, 1) = 'l'			; Local group 
    $_GrpType = &00000004
   Case Left($_GrpType, 1) = 'g'			; Global group 
    $_GrpType = &00000002
   Case Left($_GrpType, 1) = 'u'			; Universal group 
    $_GrpType = &00000008
   Case 1
    exit 87
  EndSelect
 
  ; IsSec can be any non-zero value or True/Yes 
  If InStr('-123456789YT', Left($_IsSec, 1))
    $_GrpType = $_GrpType | &80000000			; set the Security flag 
  EndIf
 
  ; IsMail can be any non-zero value or True/Yes 
  If InStr('-123456789YT', Left($_IsMail, 1))		; set the Mail-Enabled flag 
    If InStr($_IsMail, ':')
      $_MailAddr = Split($_IsMail, ':')[1]		; extract optional email address 
    EndIf
    $_IsMail = 1					; set the mail-enable flag 
  Else
    $_IsMail = 0					; clear the mail-enable flag 
  EndIf
 
  ; validate and set defaults for the SamAcctName 
  If VarType($_SamName) = 0
    $_SamName = $_GrpName
  EndIf
  If Len($_SamName) > 20 
      $_SamName = Left($_SamName, 20)
  EndIf
 
  If Left($_Container, 7) <> 'LDAP://'
    $_Container = "LDAP://" + $_Container		; insure a valid AdsPath 
  EndIf
 
 
  $_oAdsPath = GetObject($_Container)			; instantiate the Ads connection 
  If Not @ERROR
    $_oGroup = $_oAdsPath.Create('group', 'CN=' + $_GrpName)
    $_oGroup.Put('sAMAccountName', $_SamName)
    $_oGroup.Put('GroupType', $_GrpType)
    If $_Desc
      $_oGroup.Put('Description', $_Desc)
    EndIf
 
    If $_IsMail
      $_oGroup.MailEnable				; mail-enable the group 
      If $_MailAddr
        $_oGroup.Put('Mail', $_MailAddr)		; set the optional mail attributes 
        $_oGroup.Put('targetAddress', 'SMTP:' +  $_MailAddr)
      EndIf
    EndIf
 
    $_oGroup.SetInfo					; create the group 
    If @ERROR
      $_Error = Val('&' + Right(@ERROR, 2))		; return modified error message 
      Exit $_Error
    EndIf
 
  Else
    Exit @ERROR
  EndIf
 
  $_oAdsPath = 0					; discard objects 
  $_oGroup = 0
 
  $AdCreateGroup = 1					; Success 
  Exit 0
 
EndFunction