Hi all, can anybody see anything wrong with the following:
dsadd user "cn=%1,cn=Users,dc=Room45,dc=local" -samid %1 -upn %email@example.com -fn %2 -ln %3 -display "%2 %3" -hmdir "\\ict-svr-001\%1" -hmdrv n: -pwd "Passw0rd" -canchpwd yes -pwdneverexpires no -memberof "cn=users,dc=room45,dc=local"
I pass it the user name and the first and last name eg ADDUSER.BAT Blogs.F Fred Blogs
only I keep getting the following error message:
"An attempt was made to modify an object to include an attribute that is not legal for its class."
for the life of me I can not see whats wrong.
EDIT: deleted as info was wrong :o My bad.
But, is your domain called "Room45.local"?
"Users" is an OU, not a group - that could be why.
Originally Posted by Grazza
yes, thats correct Room45.local
If I look in AD Users is a Container, not an Organisational Unit
Originally Posted by Ephelyon
Same shizzle :P But either way it's not a group so -memberof would fail.
Containers/OU - same difference. I think @Ephelyon is right; -memberof should be referencing a group not a container/ou.
Oh yeah, get what you mean now. I took the original script from an example and just modified it. I'll take a look after and get back to you.
Originally Posted by tmcd35
Right I have had a look at the server and there is a Security Group called Users and also a Container called Users!
I have tryed DSADD USER without the member of and it seams to work fine, however the user apears in the root ROOM45.LOCAL and not the Users Container!
I am confused as to how I would put them in the Users Container using -memberof ?
You can't do it with -memberof; the "cn=%1,cn=Users,dc=Room45,dc=local" string ought to be sufficient. Can't imagine why that's not working.
Maybe try them in an actual OU.
I thought the first part:
should have placed them in the users container.
dsadd user "cn=%1,cn=Users,dc=Room45,dc=local"
For some unknown reason, after a reboot and removing the -memberof it seams to be working fine.
Thanks to all for the help