Using the Active Directory command-line tools, I have scripted OUUsr2Grp.bat to add all the users in an OU to a group that you specify. If the group does NOT exist, it will be created as a global security group.

The syntax for using OUUsr2Grp.bat is:

OUUsr2Grp "OU" "Group"

Where:

<b>OU</b>     is the distinguished name of the <b>OU</b>, like "OU=West_Coast,DC=JSIINC,DC=COM".

<b>Group"</b> is the distinguished name of the group, like "CN=West_Coast_Users,OU=West_Coast,DC=JSIINC,DC=COM"
OUUsr2Grp.bat contains:
@echo off
if \{%2\}==\{\} @echo Syntax: OUUsr2Grp "OU" "Group"&goto :EOF
setlocal
set ou=%1
set group=%2
set GRP="NONE"
call :chkgrp>nul 2>&1
if %GRP% EQU "NONE" @echo Syntax: OUUsr2Grp %ou% %group% - %group% could not be added.&endlocal&goto :EOF
for /f "Tokens=*" %%u in ('dsquery user %ou%') do (
 call :add2grp %%u>nul 2>&1
)
endlocal
goto :EOF
:chkgrp
dsadd group %group% -desc "Added using OUUsr2Grp.bat by %UserName%"
for /f "Tokens=*" %%g in ('dsquery group %group%') do (
 set GRP=%%g
)
goto :EOF
:add2grp
dsmod group %GRP% -addmbr %1