Add Computer to AD Group (vRO Script)

In this blog post, we’ll guide you through the process of adding a computer object to Active Directory (AD) group using VMware Aria Orchestrator(vRO) action. Often, when working with VMware Aria Orchestrator, administrators face challenges in effectively integrating it with AD groups. This integration is crucial for efficient management and automation of IT tasks.

I have developed an action that adding an object to Active Directory group. In this way, you can call you actions dynamically with vRO actions.

// Inputs:
// groupDN, string    -> Active Directory Group
// computerCN, string -> Active Directory Object, in this case it is computer object

System.log("Group DN : " + groupDN);
System.log("Computer DN : " + computerDN);

// Get AD Config from Configuration Element
var adConfig = System.getModule("com.umitdemirtas.configElement").getConfigurationElement('ad');

// Active Directory host and credentials
var host = adConfig.getAttributeWithKey('host') ? adConfig.getAttributeWithKey('host').value : "";
var port = adConfig.getAttributeWithKey('port') ? adConfig.getAttributeWithKey('port').value : "";
var username = adConfig.getAttributeWithKey('username') ? adConfig.getAttributeWithKey('username').value : "";
var password = adConfig.getAttributeWithKey('password') ? adConfig.getAttributeWithKey('password').value : "";

// Check status of the AD Object
var addStatus = false;

// LDAP connection object
var ldapClient = null;

try {
    ldapClient = LdapClientFactory.newLdapClient(host, port, username, password, false); // Port is 389
    var groupEntry = ldapClient.getEntry(groupDN); // Get group entry
    if (groupEntry) {
        var members = groupEntry.getAttributeValues('member'); // Members of group
        var modification = [new LdapModification(LdapModificationType.ADD, 'member', computerDN)]; // Create modification for ADD operation

        ldapClient.modify(groupDN, modification); // Add GroupDN and modification
        addStatus = true;
} finally {
    if (ldapClient != null) { ldapClient.close(); }

return addStatus;

If you want to perform this operation with VMware Aria Automation – Active Directory Plugin, you can check the VMware official plugins.

Hopefully, this post has been informative for you. If you have a question, opinion, or request about the article, you can contact us from the comments below or my email address.

If you think this post is informative to others, be social, and share it on social media! Thank you for reading !!

Leave a Reply

Your email address will not be published. Required fields are marked *