Setting Up A Users Account ... Help Wanted Please...

[tickmike]

Hello . Ok next question .

On the 'test' user account I set up in AD I did not put a password in the box provided just left it blank ( is that my problem ?) Then tried to log on, but it did not like that, so I hit the 'Enter' button and logged on .
I had 'user to change password at next log on ticked, but that did not seem to work.

1.. I now need to know the correct way to set the users passwords up in there profile before we go live next Monday. ( I want them with the teachers help to log on with there first name and then put there own password in. )

2 .. how do you do it.


Thanks. From Michael.

[plexer]

When you create the user account just set the password there or to do it afterwards right click on the user and select reset password from the menu.

Ben

[indiegirl]

I think if you set the password as blank, it overrides the 'change password at next logon' because there's no password to change.

We used UserManagemeNT to set our users up, which allowed us to set all the passwords at once.

The only way we force the students to change their password at next logon is to set a password in the first place, and then tick the 'change password at next logon'.

I've not found another way to bulk-set passwords, but I'm sure one of these lovely people here will have a way (when there's a means, there's a method 'n all that)

[apeo]

We created users using a script and i think there is one on this forum (cant remember where yet.. need coffee i think ). The script we use is quite customised for us wont be suitable for you but i can give you sections of it to do what you want.. if you like.

[Disease]

I think you should seek a professional to come in and sort the system out as you are doing the children a disservice at the moment, I am sorry but thats the way I see it from the subject of your posts.

[Ric_]

There is a script at http://www.computerperformance.co.uk/ezine/ezine23.htm to reset all the password in a OU. Make sure you know what you are doing with it though!!!

[plexer]

We can set a blank password and still have them change it at next logon.

Ben

[SimpleSi]

I think you should seek a professional to come in and sort the system out

I know quite a few primary schools that operate with the level of help that Michael provides (or less in a lot of cases)

The difference here is that all his mistakes and trials and errors and learning curves are public.

I think he's got in a little too deep by trying to provide a server setup in a small school that probably doesn't need one.

And he's been fooled by Mr Gates saying he sells a server/networking system that works like it says on the box or the books (if it worked then there wouldn't be all the posts here :P )

And he's asking question's of real geeks who just don't know that their offered solutions are way over his (and for the record - mine) head and not really useful at all :P

As I see it - this forum is to share knowledge and get help - so I say lets do it

regards

Simon

[Jake]

Hey !! I'm not a geek

I am a seriously cool tech who rebels against the geek tech stereotype by specificly not being a sad geek and combining a strong dislike of technology with an equally sufficient dislike of geek-like obsessions such as cars, motorbikes and other geek toys !

[plexer]

I think Jake should go sit in the naughty corner after that outburst

Ben

[SpuffMonkey]

Probably the quickest and easiest way to set a lot of passwords is to write a little batch file containing lines in the following format

net user <userlogin> <password>

and run it on the server

[ChrisH]

/edit sorry read the post again and this is overkill for what you were asking didnt read enough but the info is here now


Here is my old user import script I wrote. It will take a list of names and convert them into usernames (which is hard coded but I can help with that).
It will create the user directory and set better permissions and give the user ownership of the folder so quotas and such work. I have a friendlier GUI version but it doesnt have as many features. This script also needs some extra files I can attach if anyone needs them.

Use at your own risk blah blah. But all the code you need to do this kind of script is in there for you to pick at from the file I/O, username generation, checking if users exist already and compensating, logging, adding users to AD and manipulating their home folders. There are other fields that can be added but I generally do a select all and add things like the logon script.

Code:

'This script imporTs users from a CSV file into the OU specified
'Chris Hindmarch 11/07/2005 Fishermore High School
'************* USE AT YOUR OWN RISK **************
'THE AUTHOR TAKES NO RESPONSIBILITY FOR ANY DAMAGE THAT COULD BE CAUSED BY THIS SCRIPT

'********* Begin Object Paths **********
'This is the path to the OU. For a top Level OU just put the name of the OU
'If the OU is nested then the path must look like this
'studenTs,OU=limitedusers
Const StudentOU = "year7,ou=studenTs,ou=fmlimitedusers"
Const GroupName = "year7"
Const GroupPath = "year7,ou=studenTs,ou=fmlimitedusers"
Const UPNName = "fishermore.lancs.sch.uk"
Const Dom_Short_Name = "fishermore" 'Needed for the xcacls doesnt seem to like UPNs
'********* End Object Paths **********
Const Temp_Password = "fmpassword"
Const ForReading = 1
Const ForAppending = 8
Const ADS_PROPERTY_APPEND = 3 

Const server="\\filesrv\fmstudent$\year7"
Const Home_Local_Path="d:\Home\FMStudent\Year7"
RecordsRead = 0
UsersCreated = 0
FoldersChanged = 0
inputfile="Year72006fullnames2.csv"
outputfile="userdone.txt"
Set ObjShell = Wscript.CreateObject("Wscript.Shell")
Set objRootDSE = GetObject("LDAP://RootDSE")
Set ObjFSO = CreateObject("Scripting.FileSystemObject")
Set UserFile = ObjFSO.opentextfile(inputfile,forreading)

Set logFso = CreateObject("Scripting.FileSystemObject")
Set Tslog = logFso.OpenTextFile(outputfile, ForAppending)
UserADPath = ""
'while not at end of file
while UserFile.atendofstream <> true
sstring=UserFile.readline
RecordsRead = RecordsRead + 1
UserName = sstring
'UserName = CreateUserName(sstring)
tslog.writeline "Begin New Record"
tslog.writeline "Name read = " & UserName
'*************** Begin UserName Generation
On Error Resume Next
i = 1
UserExists = True
'Takes a full name and coverts it to a username
'in the format of smith.b
'***************************************************
TheSpace = InStr(1,Username, " ",1) 'Find the space in the name
'Wscript.echo TheSpace
'Get the first name
FirstName = Left(Username,(TheSpace -1))
tslog.writeline "First name generated = " & FirstName
'Wscript.echo "First Name = " & Firstname
'Get Surname
Surname = Right(UserName,Len(UserName) - TheSpace )
tslog.writeline "Surname Generated = " & SurName
'Wscript.echo "Surname = " & Surname
'****************************************************
'generate username. Check if it exists already
While UserExists
'Old style username
'UserName = Surname & "." & Left(Firstname,i)
'begin new style username

UserName = "06" & Left(Firstname,3) & Left(Surname,(i + 1))

tslog.writeline "UserName Generated = " & Username
'Wscript.echo "UserName= " & UserName


Set ObjUser = GetObject("WinNT://" & Dom_Short_Name & "/" & UserName & ",user")

If Err.Number <> 0 Then
	UserExists = False
	tslog.writeline "No accounts matching the UserName " & UserName _
	& " Could be found"
	tslog.writeline "Creating User"
'Wscript.Echo "User Does not exist creating account"
	
	Else
	'Wscript.echo "User Exists"
	tslog.writeline "The UserName already exists... Restarting UserName generation"
	i = i + 1
	Err.Clear
End If 'Error handling

Wend
'*************** End UserName Generation
'Wscript.Echo "First Name Passed = " & FirstName
'Wscript.Echo "Surname Passed = " & SurName
'Wscript.Echo "The Username Generated is " & Username


UserADPath = "ou=" & StudentOU  & "," & objRootDSE.Get("DefaultNamingContext")
Set ObjParent = Getobject ("LDAP://" & UserADPath)
Set ObjUser = ObjParent.Create("user", "cn=" & UserName )

ObjUser.put "name", firstname & " " & surname
ObjUser.Put "sAMAccountName", UserName
ObjUser.put "userPrincipalName", UserName & "@" & UPNName
ObjUser.Put "givenName", firstname
ObjUser.Put "sn", surname
ObjUser.put "displayName", firstname & " " & surname
ObjUser.put "homeDirectory", server & "\" & UserName
ObjUser.put "homeDrive", "z:"
ObjUser.put "description", "Year 7"

ObjUser.Setinfo

ObjUser.Setpassword(Temp_Password)
ObjUser.accountdisabled=FALSE
ObjUser.Put "pwdLasTSet", CLng(0)

ObjUser.Setinfo
UsersCreated = UsersCreated + 1
tslog.writeline "User Account Created " & "no:" & UsersCreated

'Put user in the selected group
Set ObjGroup = GetObject _
   ("LDAP://cn="& GroupName & "," & "ou=" & GroupPath _
& "," & objRootDSE.Get("DefaultNamingContext")) 


ObjGroup.PutEx ADS_PROPERTY_APPEND, _
    "member", Array("cn=" & UserName & "," & UserADPath)
ObjGroup.SetInfo
tslog.writeline "Added User to group " & GroupName

Set objFolder = ObjFSO.CreateFolder(Home_Local_Path & "/" & UserName)

'Set NTFS Permissions on the folder
CMDLine = "cscript xcacls.vbs " & Home_Local_Path & "\" _
& UserName &  " /T /G teachers:r ""Domain admins:f"" " & Dom_Short_Name & "\" & UserName & ":m"
wscript.echo CMDline
ObjShell.Run CMDLine
tslog.writeline  "Done Setting permissions on folder " & Dom_Short_Name & "\" & UserName 

'The Method below does not seem to work
'CMDLine = "%comspec% /k cscript xcacls.vbs " & Home_Local_Path & "\" _
'& UserName &  " " & "/o" & " " & "fishermore\" & UserName
'ObjShell.Run CMDLine, 1

'Use the Win32 Version of CHOWN to set ownership
CMDLine = "chown " & UserName & " " & Home_Local_Path & "\" _
& UserName
wscript.echo CMDLine
ObjShell.Run CMDLine
tslog.writeline "Made the user the owner of their home directory"
FoldersChanged = FoldersChanged + 1
tslog.writeline VbCrLf
Wend

tslog.writeline "Records read " & RecordsRead
tslog.writeline "users created " & UsersCreated
tslog.writeline "Folders Changed = " & FoldersChanged






Function CreateUserName (UserName)
On Error Resume Next
i = 1
UserExists = True
'Takes a full name and coverts it to a username
'in the format of smith.b
TheSpace = InStr(1,Username, " ",1) 'Find the space in the name
'Wscript.echo TheSpace
'Get the first name
FirstName = Left(Username,(TheSpace -1))
Wscript.echo "First Name = " & Firstname
'Get Surname
Surname = Right(UserName,Len(UserName) - TheSpace )
Wscript.echo "Surname = " & Surname

'generate username. Check if it exists already
While UserExists
UserName = Surname & "." & Left(Firstname,i)
Wscript.echo "UserName= " & UserName


Set ObjUser = GetObject("WinNT://" & Dom_Short_Name & "/" & UserName & ",user")

If Err.Number <> 0 Then
	UserExists = False
Wscript.Echo "User Does not exist creating account"
	
	Else
	Wscript.echo "User Exists"
	i = i + 1
	Err.Clear
End If 'Error handling

Wend
CreateUser = UserName
End Function

Function CheckUser (UserName)

End Function

[Jake]

/sits in corner plotting world domination

[kingswood]

I think you should seek a professional to come in and sort the system out as you are doing the children a disservice at the moment, I am sorry but thats the way I see it from the subject of your posts.

That just wasn't very nice. Period.

Good job other folk chose to help isn't it?

As for the advice being over heads- it went right over mine too. I'm no expert at all and not afraid to say it. I learn even from the "basic" posts. Keep em coming is what I say!

[plexer]

Is it likely that the school which is run by the charity and parents could get this soo called expert to come in and fix everything for free??? I very much doubt it.

That is their situation there is just no excess money to plough into the ICT so I think what Mike has done so far for them should be applauded.

At the end of the day ICT isn't everything and I'm sure the Teachers etc... are managing to teach just fine without relying on the ICT and once it is up and running they will have another strand to use in their teaching.

Ben