#118560 - 2004-04-24 05:57 PM
Ad multiple accounts to active directory
|
futureline
Fresh Scripter
Registered: 2003-12-12
Posts: 10
|
Hello all. I am a user of KIX script but not much of a writer. Maybe you can help me get started.
The one thing a lot of people seem to be looking for is a tool to ad user accounts to active directory. Most of the time it is a lot of users. So they use a CVS or text file.
The standard user account must have a First/Last name, user name, password, email account, home-drive and maybe some settings as password change on fist logon and permissions for home-drive.
As you see. It’s a lot I am looking for. I started a small test script. But I failed. Then I thought. Why re invent the wheel again. Maybe someone had the same idea.
So my question is. Can someone help me make this or is there someone who wants to share his script with me.
Thank you for your attention.
|
|
Top
|
|
|
|
#118562 - 2004-04-24 11:57 PM
Re: Ad multiple accounts to active directory
|
Howard Bullock
KiX Supporter
Registered: 2000-09-15
Posts: 5809
Loc: Harrisburg, PA USA
|
I would recommend that you search the board for topics relating to ADSI. Review this topics so that you become familiar with some of the usage. Then go to the MSDN site and become a little familiar with ADSI and the object model.
http://msdn.microsoft.com/library/default.asp?url=/library/en-us/adsi/adsi/adsi_objects_of_ldap.asp
The KiXtart script you write will most likely use ADSI to access Active Directory.
|
|
Top
|
|
|
|
|
#118563 - 2004-04-25 11:42 AM
Re: Ad multiple accounts to active directory
|
futureline
Fresh Scripter
Registered: 2003-12-12
Posts: 10
|
@NTDOC
It’s not that I am under fire  But I was looking for a script or tool that can perform this task. Everything I found did not work or it was not completely what I wanted. As I was searching I found that more people where looking for the same sort of tool.
I started a little code to test if I could understand KIX. It not that difficult and I am familiar with some coding. The reading of the script is easy. But than I thought, maybe someone made a script like I want and then I don’t have to reinvent the script but adapt it to my needs. ( Someone PM me with who had a script for me).
Maybe I can adapt the script so many others can use it. And in the process of rewriting the script I could learn KIX and help out a lot of other people who need it just like me.
Believe me there are a lot of questions to be found on the net.
That the story. I don’t want to let others do my work. If that’s what I was sending out I apologise. I just want something that really works. And as there are may expert here, maybe I can learn.
Roy
|
|
Top
|
|
|
|
|
#118564 - 2004-04-25 03:47 PM
Re: Ad multiple accounts to active directory
|
Radimus
Moderator
Registered: 2000-01-06
Posts: 5187
Loc: Tampa, FL
|
actually what you want isn't all that hard to do... basically you want to creat a bunch of user accounts from data in a spreadsheet. Not all that bad if you verify the data before hand...
There are a Few UDFs that have what you need. It doesn't look too hard to scan these UDFs to find the fields you want to set...
ReadExcel2() - Reads from excel
UserCreate() - Creates a new user account
UsrMustChgPwd() - Force a user to change password at next login
ReadAccountStatus() - Reads the status of an user account
TranslateName() - converts a name from one type to another
and read this thread: Pulling info from AD http://www.kixtart.org/ubbthreads/showflat.php?Cat=&Board=UBB1&Number=32595&fpart=&PHPSESSID=
here is the 'complex part' of your code.
ADSI (the Winnt:) stuff is easied to do some of the things you want to do, BUT does not have access to all the AD fields you need. THerefore, I see creating the account and the account related fields like password, lockout, groups, etc in ADSI... Then running it through TranslateName, to get the LDAP name and modifying/moving OU, email, office, etc.
With those UDFs from above, I see a 3 stage development.
step one, get the code to read all the required fields, validate all fields are populated in their variables, and there are no 'import' errors.
step one and a half, sort the fields you need into ldap and adsi, to plan what needs to be done where.
step two, make the script create basic user accounts (on your local machine should be safe, rather that dumping 'test' accounts on the domain... only using the ADSI provider.
step three, move up to LDAP, you will have to switch to the domain not your test machine, so try with a limited set of accounts (all obviously test names so you can clean up after), start with reading the values from ldap... it is easy to convert to writing them after testing
I think you can see why there are no 'canned' script to do what you need, too much is dependant on what any given network needs, AD/no AD, exchange 2000 mail servers or not, etc. but what you want to do certainly can be done.
|
|
Top
|
|
|
|
|
#118565 - 2004-04-25 10:57 PM
Re: Ad multiple accounts to active directory
|
futureline
Fresh Scripter
Registered: 2003-12-12
Posts: 10
|
Radimus
Thank for the information. This helps me where to look.
I understand it very enviroment dependent. But i hope to find a way to make it universal .
I will try something. Have to start somewhere....:D
|
|
Top
|
|
|
|
Moderator: Jochen, Allen, Radimus, Glenn Barnas, ShaneEP, Ruud van Velsen, Arend_, Mart
|
0 registered
and 764 anonymous users online.
|
|
|
