I need to script user creation in an Active Directory Domain, DSADD doesn't allow you to change the PrimaryGroup and by default it's set to Domain Users.
dsadd user "CN=NEWUSER,OU=xxx,DC=domain,DC=net" -samid
NEWUSER -upn NewUser@domain.net -fn FirstName -ln LastName
-pwd MyPassword -desc "A new user on my domain" -memberof "CN=MyGroup,OU=xxx,DC=domain,DC=net" -mustchpwd yes
The following script change the primayGroupID of all users in a specified Organizational Unit.
MyGroupID = 1300
DomainUserGroupID = 513
Const ADS_SCOPE_SUBTREE = 2
Set objConnection = CreateObject("ADODB.Connection")
Set objCommand = CreateObject("ADODB.Command")
objConnection.Provider = "ADsDSOObject"
objConnection.Open "Active Directory Provider"
Set objCommand.ActiveConnection = objConnection
objCommand.Properties("Page Size") = 1000
objCommand.Properties("Searchscope") = ADS_SCOPE_SUBTREE
objCommand.CommandText = _
"SELECT AdsPath,samAccountName,DisplayName, GivenName, sn, PrimaryGroupID FROM " & _
"'LDAP://OU=xxx,DC=domain,DC=net' WHERE objectCategory='user'"
Set objRecordSet = objCommand.Execute
objRecordSet.MoveFirst
Do Until objRecordSet.EOF
if objRecordSet.Fields("PrimaryGroupID").Value = DomainUserGroupID then
strUser = objRecordSet.Fields("ADsPath").Value
Set objUser = GetObject(strUser)
objUser.PrimaryGroupID = MyGroupID
objUser.SetInfo
end if
objRecordSet.MoveNext
Loop
- Blogger Comment
- Facebook Comment
Subscribe to:
Post Comments
(
Atom
)
0 commenti:
Post a Comment