RE: [ActiveDir] Dynamic Groups

[Ulf B. Simon-Weidner]

And keep in mind that it only works when users are logging off and on (at least for domain groups) so that the token is recreated - so running it multiple times a day is propably not practical. Gruesse - Sincerely, Ulf B. Simon-Weidner   MVP-Book "Windows XP - Die Expertentipps": http://tinyurl.com/44zcz   Weblog: http://msmvps.org/UlfBSimonWeidner   Website: http://www.windowsserverfaq.org   Profile:   http://mvp.support.microsoft.com/profile="">      From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of Brian Desmond Sent: Monday, March 06, 2006 9:29 PM To: ActiveDir@mail.activedir.org Subject: RE: [ActiveDir] Dynamic Groups Bryan-   Just write a script which runs as a scheduled task which enumerates all the users in an OU and checks that they’re a member of the group. You’ll also need to remove users who don’t’ belong in there anymore. Depending on the scale of your AD deployment (in terms of number of DCs and links between them) it may just be easier for you to clear out the group and repopulate it.   Thanks, Brian Desmond [EMAIL PROTECTED]   c - 312.731.3132     From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of Lucas, Bryan Sent: Monday, March 06, 2006 3:06 PM To: ActiveDir@mail.activedir.org Subject: [ActiveDir] Dynamic Groups   I know you can build a dynamic query based distribution group, but can you do the same for a security group?  What is the best way to accomplish making anyone who is in a particular OU a member of a security group on a dynamic basis (scheduled task frequency)?   Bryan Lucas Server Administrator Texas Christian University (817) 257-6971