Add User 2

This is one of those commands that I really shouldn’t have had to create. All I wanted to do was use stsadm to add an AD group to a site collection. Unfortunately the built-in adduser command requires email address and display name. The display name wasn’t a huge deal but requiring an email just messed me up. So I created my own adduser command which allowed the email to be optional so that AD groups could be added via stsadm: gl-adduser2. I grabbed most of the code from my addsiteadmin command which I’d previously created and just pulled out the pieces that I didn’t need (note that I didn’t recreate the adduser command completely (I didn’t implement the siteadmin parameter) – if you are adding a user then either mine or the built-in should work fine but I’d recommend just using mine when adding an AD group):

 1public override int Run(string command, StringDictionary keyValues, out string output)
 2{
 3    output = string.Empty;
 4
 5    InitParameters(keyValues);
 6
 7    if (Params["role"].UserTypedIn && Params["group"].UserTypedIn)
 8        throw new SPException(SPResource.GetString("ExclusiveArgs", new object[] { "role, group" }));
 9
10    string url = Params["url"].Value.TrimEnd('/');
11    string login = Params["userlogin"].Value;
12    string email = Params["useremail"].Value;
13    string username = Params["username"].Value;
14
15    using (SPSite site = new SPSite(url))
16    using (SPWeb web = site.AllWebs[Utilities.GetServerRelUrlFromFullUrl(url)])
17    {
18
19    login = Utilities.TryGetNT4StyleAccountName(login, web.Site.WebApplication);
20    // First lets see if our user already exists.
21    SPUser user = null;
22    try
23    {
24        user = web.AllUsers[login];
25    }
26    catch (SPException) { }
27
28    if (user == null)
29    {
30        web.SiteUsers.Add(login, email, username, string.Empty);
31        user = web.AllUsers[login];
32    }
33
34    if (Params["role"].UserTypedIn)
35    {
36        SPRoleDefinition roleDefinition = null;
37        try
38        {
39            roleDefinition = web.RoleDefinitions[Params["role"].Value];
40        }
41        catch (ArgumentException) {}
42
43        if (roleDefinition == null)
44            throw new SPException("The specified role does not exist.");
45
46        SPRoleDefinitionBindingCollection roleDefinitionBindings = new SPRoleDefinitionBindingCollection();
47        roleDefinitionBindings.Add(roleDefinition);
48        SPRoleAssignment roleAssignment = new SPRoleAssignment(user);
49        roleAssignment.ImportRoleDefinitionBindings(roleDefinitionBindings);
50        web.RoleAssignments.Add(roleAssignment);
51    }
52    else if (Params["group"].UserTypedIn)
53    {
54        SPGroup group = null;
55        try
56        {
57            group = web.SiteGroups[Params["group"].Value];
58        }
59        catch (ArgumentException) {}
60
61        if (group == null)
62            throw new SPException("The specified group does not exist.");
63
64        group.AddUser(user);
65        }
66    }
67
68    return 1;
69}

The syntax of the command can be seen below:

C:\>stsadm -help gl-adduser2

stsadm -o gl-adduser2

Adds a user to a site (allows for useremail and username to be optional).

Parameters:
        -url <web url>
        -userlogin <DOMAIN\user>
        [-useremail <someone@example.com>]
        [-username <display name>]
        [-role <role name> / -group <group name>]

Here’s an example of how to add the built in “nt authority\authenticated users” group to a site:

stsadm -o gl-adduser2 -url "http://intranet" -userlogin "nt authority\authenticated users" -group "Viewers"