|
|
|||||||
First off, let me say, I haven't the foggiest idea what I am doing. I need to create user accounts in AD. Borrowed some lines of code from other posting, but can't figure out where I am going wrong. Can someone please help me from my misery? Thanks. Code: dim $domain, $user, $userName, $fullusername, $userdescription $username = "jdoe" $fullusername = "Jane Doe" $userdescription = "test $Domain = GetObject("LDAP://cn=Users,dc=something,dc=com") $user = $Domain.Create("user", "ou=" + $userName) $user.Put("FullName", $FulluserName) $user.Put("Description", $userDescription) ;$user.SetInfo $domain = 0 $user = 0 |
||||||||
|
|
|||||||
Get rid of the ";" in front of the "$user.Setinfo". Apart from that, you mixed up "cn" and "ou" in the 6. and 7. line. They should read: Code: $Domain = GetObject("LDAP://ou=Users,dc=something,dc=com") $user = $Domain.Create("user", "cn=" + $userName) You also need(!) to set the SAMaccountname: Code: $User.Put ("sAMAccountName", $username) That should do it. You might wanna add: Code: $user.AccountDisabled = 0 $user.SetInfo to unlock the new account, and Code: $user.SetPassword ($passvariable) $user.SetInfo to set a password. |
||||||||
|
|
|||||||
Actually, the default user container is CN, not OU. |
||||||||
|
|
|||||||
so, you mean it works both ways? cause mine does... |
||||||||
|
|
|||||||
CN is used for objects and folders, OU is Organizational Unit. It's weird that your script would work calling the user an OU. It shouln't work at all. |
||||||||
|
|
|||||||
Code: $Domain = GetObject("LDAP://ou=Users,dc=something,dc=com") $user = $Domain.Create("user", "cn=" + $userName) why do i call the user an OU? The OU is called "USERS". |
||||||||
|
|
|||||||
Well... you may in fact have an OU called users but it does not change the fact that a vanilla out-of-the-box install of AD has a CN called users. |
||||||||
|
|
|||||||
Can someone create a OU with the name Users next to the existing cn named Users? |
||||||||
|
|
|||||||
Maybe i'm missing something, but apart from the qestion about the USERS-OU, in MS-technet the usage of OU and CN (in the context of creating a user) is displayed exactly like i said: http://www.microsoft.com/technet/scriptcenter/guide/sas_usr_doig.mspx?mfr=true So i dont really see the problem. And yeah, it's correct, my example creates the user in the OU(!) called Users. But as "dc=something,dc=com" indicates, it was just an e x a m p l e. |
||||||||
|
|
|||||||
Keep getting: Error: Unknown command [LDAP:] |
||||||||
|
|
|||||||
Found the problem, missing " on line above. |
||||||||
|
|
|||||||
Those are the small d#mn things that'll get me to wanna throw something out the window sometimes. Started using and editor with colour coding because it was cheaper then buying a new computer every time |
||||||||
|
|
|||||||
Having a hard time finding the attributes that I need to create user account. Need the following attribute: Enable Account. Also, can I place users in groups by using memberof attribute? Does anyone know where I can get a complete of attributes that will work with kix and LDAP? thanks -- dee |
||||||||
|
|
|||||||
Lots of resources... ADSI Scriptomatic, ADSI resuorce kit, VBS script center, etc. all on the web at Microsoft. |
||||||||
|
|
|||||||
Originally Posted By: danilda Need the following attribute: Enable Account. i already wrote that above. Did you read my post at all? :| Code: $user.AccountDisabled = 0 $user.SetInfo Originally Posted By: danilda Also, can I place users in groups by using memberof attribute? No, but this can: Code: Function addtogroup ($adloginname,$adgroupname) $grouppath = "LDAP://cn="+$adgroupname+",ou=OuLocationOftheGroup,dc=domain,dc=com" $userpath = "LDAP://cn="+$adloginname+",ou=OuLocationoftheUser,dc=domain,dc=com" $GroupObj = GetObject($grouppath) $UserObj = GetObject($userpath) $GroupObj.add ($UserObj.ADsPath) $GroupObj.SetInfo EndFunction |
||||||||
|
|
|||||||
The work is already done for you... CreateUserAccount UDF from an older thread |