OK, so I'm really quite new to this. However, I know that it is necessary. I have been trying to work out how to design a little widget that will add a user (don't ask why, just accept that I need to do it!) I think I've got pretty close, but an error keeps on popping up. It looks like it relates to the password bit, but I'm not quite sure (it's on line 31). I'm sure one of you will solve it instantly...or suggest I stick to something else.
Anyway, here's the code (why am I so nervous?)
Code:Option Explicit Dim objRootLDAP, objContainer, objUser, objShell, objOU, objFSO, objFolder Dim strUser, strName, strLast, strNum, strContainer, strPwd, strDirectory Dim intPwdValue Const ADS_UF_NORMAL_ACCOUNT = 512 strName = InputBox("First Name") strLast = InputBox("Last Name") strNum = InputBox("Number") strUser ="s"& Lcase(Left(strLast,3)) & strNum strContainer = "OU=Students ," strPwd = "foot" strDirectory = "F:\Students\2007\" intPwdValue = 0 ' Bind to Active Directory, Users container. Set objRootLDAP = GetObject("LDAP://rootDSE") Set objContainer = GetObject("LDAP://" & strContainer & _ objRootLDAP.Get("defaultNamingContext")) ' Build the actual User. Set objUser = objContainer.Create("User", "cn=" & strUser) objUser.Put "sAMAccountName", strUser objUser.Put "givenName", strName objUser.Put "sn", strLast objUser.Put "displayName", strName & " " & strLast objUser.Put "userAccountControl", ADS_UF_NORMAL_ACCOUNT objUser.SetPassword(strPwd) ObjUser.SetInfo objUser.AccountDisabled = FALSE objUser.SetInfo ObjUser.Put "pwdLastSet", intPwdValue objUser.SetInfo Set objFSO = CreateObject("Scripting.FileSystemObject") Set objFolder = objFSO.CreateFolder(strDirectory & strUser)
You need to put in a
before setting the password and the user account control . e.g.Code:objUser.SetInfo
Code:objUser.SetInfo objUser.Put "userAccountControl", ADS_UF_NORMAL_ACCOUNT objUser.SetPassword(strPwd) objUser.SetInfo
Brilliant! I knew it would be simple.Originally Posted by Iain
OK, so now I can create the user and a folder. The next trick is to add permissions to that folder. I did try a piece of code but it didn't want to see to work. I put it down to the fact that I was putting
instead ofCode:strUser
However, I couldn't find a way of writing that down so that it was happy. Any ideas?Code:DOMAIN\strUser
On another note, when I am going for objUser.Put - I can't find the write terminology to define the User Logon Name (it defines the pre-windows 2k one fine, but I would quite like the other box filled out).
I would also like to tell it to connect the H: drive to the user's home folder.
Any help would, as always, be gratefully appreciated.
The user logon name is defined by setting the userPrincipalName. However the string must include the domain name in the form username@domainname.sch.uk (assuming you use sch.uk, maybe .local?)
What code are you trying to use to set the folder permissions?Code:objUser.Put "userPrincipalName", strUser & "@domainname.sch.uk"
strFull = the full path to the folderCode:Set objShell = WScript.CreateObject("Wscript.Shell") objShell.Run "cacls.exe strFull /e /g strDomain & strUser:F"
strDomain = The school Domain
Unfortunatly vbscript does not substitute variable names in strings (like you can in perl / PHP / etc.), so you need to break the string up and concatenate the variables with the other parts using the & operator. E.g.
In this situation, I often find it useful to define the command as a string, which allows you to echo it for debugging purposes:Code:objShell.Run "cacls.exe " & strFull & " /e /g " & strDomain & "\" & strUser & ":F"
Hope this helps,Code:strCmd = "cacls.exe " & strFull & " /e /g " & strDomain & "\" & strUser & ":F" WScript.Echo strCmd objShell.Run strCmd
Iain.
I'll find out on Tuesday - by which time, someone will have probably done everything manually.
Thanks for all your help on this.
Sorry forgot to mention earlier, to set the home drive use:
Code:objUser.Put "homeDrive","<drive letter>" objUser.Put "homeDirectory","<path to home drive>:"
Thanks for that, it all works swimmingly - bar two things.
Firstly, when I look into User and Computers, the "Name" that is being displayed is their username. However, I define their display name as being their first and last name. Any idea how to change that?
Secondly, do you know how to script joining a particular group? I need these kids to be part of a group called "Students" so that they inherit the group policy for it.
Cheers.
I believe that the default name displayed in ADCU is whatever the CN for the object is, which in the case of your script has been set to strUser. So you will need to change what you set the CN to if you want to change this.
Adding a object to a group is quite simple first you need to bind to the group object using the GetObject method (same as you have done for binding to the students OU). You can then add the user to the group using the group's Add method. E.g.
Hope this makes sense,Code:strGroupDN = "LDAP://<GROUP DN>," & objRootLDAP.Get("defaultNamingContext") ' e.g. <GROUP DN> = cn=students,OU=something Set objGroup = GetObject(strGroupDN) strUserDN = "LDAP://cn=" & strUser & "," & strContainer & objRootLDAP.Get("defaultNamingContext") ' Assuming cn=strUser objGroup.Add(strUserDN)
Iain.
It kind of made sense. However, when I tried it, it wasn't happy. I had a route around on the internet for an alternative version - but that isn't happy either. Any ideas?
FYI:Code:Set objRootLDAP = GetObject("LDAP://RootDSE") strDNSDomain = objRootLDAP.Get("DefaultNamingContext") Set objUser = GetObject("LDAP://" & strUser & strContainer & strDNSDomain) Set objGroup = GetObject("LDAP://" & strGroup & strContainer & strDNSDomain) objGroup.add(objUser.ADsPath)
Code:strUser ="s"& Lcase(Left(strLast,3)) & strNum strContainer = "OU=Year5,OU=Students ," strGroup = "cn=Students ,"
What errors are you getting?
Where is the group that you are trying to add the users to? Looking at the code, the group should be called Students and it should be in the same OU as the users: ou=Year5,ou=Students,<rest of default naming context e.g. dc=xxx,dc=yyy etc.>.
Is this really the case or is it in the parent OU, Students?
Iain.
Try this:
Ok this has be roughly ripped from my hta so i might have missed something but i think its all there.Code:Set oDomain = GetObject("WinNT://" & DomainName Set oGroup = oDomain.GetObject("Group", GroupName) oGroup.Add ("WinNT://" & DomainName & "/" & AccountName) Set oGroup=Nothing
I get the "Can't find object on the server" error. I am certain that I am pointing to the right place (I made a mistake earlier - the group is the parent directory in a place called "Groups"). Anyway, this is the code so far:
There must be something obvious I am missing.Code:strGroup = "LDAP://cn=students,OU=Groups," & objRootLDAP.Get("defaultNamingContext") ' e.g. <GROUP DN> = cn=students,OU=something Set objGroup = GetObject(strGroup) strUserDN = "LDAP://cn=" & strUser & "," & strContainer & objRootLDAP.Get("defaultNamingContext") ' Assuming cn=strUser objGroup.Add(strUserDN)
Thanks.
There are currently 1 users browsing this thread. (0 members and 1 guests)
Posting Permissions
LinkBack URL
About LinkBacks
Reply With Quote