|
|
|||||||
I am a newbie to using kix to control Active directory functions. I have been looking at the scripts others have created and taking pieces to play with them to better understand how to make things work. I have know hit a wall and need some more direct help. I have created (via other scripts) this script to add a user to the OU in AD. I am having the following problems: 1) Account shows as disabled 2) Can not add Login Script, password, Street information, exchange account and some other fields. (it would be great if someone could explain how I could find the information for all the fields) Any help will be great! ;Sets up User ID and Name in Test OU Code: CreateAccount("123456","Lastname Test", "LDAP://OU=test,OU=ouinformation,OU=nextleaveOU, dc=Domain ,dc=ad") Function CreateAccount($UserName, $FullName, $ADsPath) $OU = GetObject($ADsPath) $UserObj = $OU.Create("User","cn=$FullName") $UserObj.Put ("sAMAccountName", $UserName) $UserObj.Put ("givenName", "John") ;First Name $UserObj.Put ("Initials", "Frank") ;Initials $UserObj.Put ("sn", "Smith") ;Last Name(Surname) $UserObj.Put("displayName","Smith" + IIf("smith", ", ","") + "John" + IIf("Frank", " ", "") + "Frank") ;Display name $UserObj.Put ("description", "Head Man in charge") ;Description $UserObj.Put ("physicalDeliveryOfficeName","Wahington, DC") ;Office $UserObj.Put ("telephoneNumber","222-555-5555");Telephone $UserObj.Put ("mail","first_Last@company.com") ;E-mail $UserObj.Put ("wWWHomePage","www.kixtart.org") ;Web page $UserObj.Put ("userPrincipalName", "123456") ;userPrincipalName $UserObj.Put ("LoginScript", "common.bat") ;Logon Script $UserObj.Put ("Street", "1234 A Street, NW") ;Street $UserObj.Put ("Password", "gensler") $UserObj.Put ("AccountDisabled", "False") $UserObj.Put ("LoginScript", "gensler_dc\common.bat") $UserObj.SetInfo ; Objects cleanup $UserObj = 0 $OU = 0 EndFunction |
||||||||
|
|
|||||||
****Second Post**** No replys on other post.... :-( I am a newbie to using kix to control Active directory functions. I have been looking at the scripts others have created and taking pieces to play with them to better understand how to make things work. I have know hit a wall and need some more direct help. I have created (via other scripts) this script to add a user to the OU in AD. I am having the following problems: 1) Account shows as disabled 2) Can not add Login Script, password, Street information, exchange account and some other fields. (it would be great if someone could explain how I could find the information for all the fields) Any help will be great! ;Sets up User ID and Name in Test OU Code: CreateAccount("123456","Lastname Test", "LDAP://OU=test,OU=ouinformation,OU=nextleaveOU, dc=Domain ,dc=ad") Function CreateAccount($UserName, $FullName, $ADsPath) $OU = GetObject($ADsPath) $UserObj = $OU.Create("User","cn=$FullName") $UserObj.Put ("sAMAccountName", $UserName) $UserObj.Put ("givenName", "John") ;First Name $UserObj.Put ("Initials", "Frank") ;Initials $UserObj.Put ("sn", "Smith") ;Last Name(Surname) $UserObj.Put("displayName","Smith" + IIf("smith", ", ","") + "John" + IIf("Frank", " ", "") + "Frank") ;Display name $UserObj.Put ("description", "Head Man in charge") ;Description $UserObj.Put ("physicalDeliveryOfficeName","Wahington, DC") ;Office $UserObj.Put ("telephoneNumber","222-555-5555");Telephone $UserObj.Put ("mail","first_Last@company.com") ;E-mail $UserObj.Put ("wWWHomePage","www.kixtart.org") ;Web page $UserObj.Put ("userPrincipalName", "123456") ;userPrincipalName $UserObj.Put ("LoginScript", "common.bat") ;Logon Script $UserObj.Put ("Street", "1234 A Street, NW") ;Street $UserObj.Put ("Password", "gensler") $UserObj.Put ("AccountDisabled", "False") $UserObj.Put ("LoginScript", "gensler_dc\common.bat") $UserObj.SetInfo ; Objects cleanup $UserObj = 0 $OU = 0 EndFunction |
||||||||
|
|
|||||||
Maybe this can help? Hey, Scripting Guy! How Can I Use a Script to Create a Sequential Series of User Accounts? |
||||||||
|
|
|||||||
Hi, and welcome to the board. Please use [ CODE ] [ /CODE ] (without the spaces) to wrap your code in. This is something I wrote a long time, I'm sure I have an optimized version somewhere too but this earlier version is the only one I found at the moment, change the $usr variable to the username and the path below to your text file path and the script will generate a list of all available options to you. Code: Break ON $=SetOption("WrapAtEOL","ON") $usr = @USERID $logf = "D:\Schema.txt" $cnusr = TranslateName($usr) $usrnfo = GetObject("LDAP://" + $cnusr) $usrclas = GetObject($usrnfo.schema) $fso = CreateObject("Scripting.FileSystemObject") $log = $fso.OpenTextFile($logf, 8, 1) $log.WriteLine("Mandatory Properties:") $log.WriteLine("---------------------") $log.WriteLine("") For Each $prop in $usrclas.MandatoryProperties If NOT Instr($prop,"-") $= Execute("$$Type=VarTypeName($$usrnfo."+$prop+")") $= Execute("$$Value=$$usrnfo."+$prop) If $type <> "Object" AND $type <> "Variant[]" WriteLog($prop,$type,$value) Else WriteLog($prop,$type) EndIf Else WriteLog($prop,"N/A") EndIf Next $log.WriteLine("") $log.WriteLine("Optional Properties:") $log.WriteLine("--------------------") $log.WriteLine("") For Each $prop in $usrclas.OptionalProperties If NOT Instr($prop,"-") $= Execute("$$Type=VarTypeName($$usrnfo."+$prop+")") $= Execute("$$Value=$$usrnfo."+$prop) If $type = "Variant[]" For Each $obj in $Value WriteLog($prop,$type,$obj) Next EndIf If $type <> "Object" AND $type <> "Variant[]" WriteLog($prop,$type,$value) Else WriteLog($prop,$type) EndIf Else WriteLog($prop,"N/A") EndIf Next $log.Close Function WriteLog($LineToWrite,$sType,Optional $sValue) If LEN($LineToWrite) < 8 $log.WriteLine($LineToWrite + " " + $sType + " " + $sValue) EndIf If LEN($LineToWrite) >= 8 AND LEN($LineToWrite) < 16 $log.WriteLine($LineToWrite + " " + $sType + " " + $sValue) EndIf If LEN($LineToWrite) >= 16 AND LEN($LineToWrite) < 24 $log.WriteLine($LineToWrite + " " + $sType + " " + $sValue) EndIf If LEN($LineToWrite) >= 24 AND LEN($LineToWrite) < 32 $log.WriteLine($LineToWrite + " " + $sType + " " + $sValue) EndIf If LEN($LineToWrite) >= 32 $log.WriteLine($LineToWrite + " " + $sType + " " + $sValue) EndIf EndFunction Function TranslateName($NameToTranslate) Dim $NameTranslate $NameTranslate = CreateObject("NameTranslate") $NameTranslate.Init(3,"") $NameTranslate.Set(3, @LDOMAIN + "\" + $NameToTranslate) $TranslateName = $NameTranslate.Get(1) EndFunction |
||||||||
|
|
|||||||
Thanks Witto but when I try to pull in the code from that site it seems like I need to change it to run with kix but I am not sure how. Thanks apronk! I will take a look when I am back on a AD domain. Thank you both! |
||||||||
|
|
|||||||
Originally Posted By: rossw Thanks Witto but when I try to pull in the code from that site it seems like I need to change it to run with kix but I am not sure how. .... That's because the Scripting Guy scripts in vbs and not kix. Most vbs scripts can be converted to kix but that takes some knowledge of how to construct the vbs commands/function in kix. |
||||||||
|
|
|||||||
Thanks apronk! I ran your script and I was able to get some more information. It really helped. I am still not able to figure out why the account is aways created disabled but I will keep at it. Thanks again! |
||||||||
|
|
|||||||
I'm not 100% sure and I might burn myself saying this but I think I heard this issue once before. The answer was that one needs to explicitly enable the account after creating it with a script. |
||||||||
|
|
|||||||
Originally Posted By: Mart I'm not 100% sure and I might burn myself saying this but I think I heard this issue once before. The answer was that one needs to explicitly enable the account after creating it with a script. thanks Mart, but how do you enable an ad user account. I also think it might have something to do with the password not being set. Do you know how to set a default password? Will |
||||||||
|
|
|||||||
Code: $usr.SetPassword("newpassword") ;Sets the password to "newpassword" $usr.Put("pwdLastSet", 0) ;User has to change the pw as soon as he/she logs in $usr.AccountDisabled = 0 ;Enables the account $usr.SetInfo |
||||||||
|
|
|||||||
Originally Posted By: apronk Code: $usr.SetPassword("newpassword") ;Sets the password to "newpassword" $usr.Put("pwdLastSet", 0) ;User has to change the pw as soon as he/she logs in $usr.AccountDisabled = 0 ;Enables the account $usr.SetInfo Thanks apronk but the code is not working. When I check it for error it always fails. (except for the change password at next login) Not sure what I am doing wrong but this is driving me crazy! |
||||||||
|
|
|||||||
Can you post the code you have so far? Please use the code tags when posting code. |
||||||||
|
|
|||||||
Hmmm, I know kix doesn't support True and False statements, but this seems to work for me as well: Code: $usr.AccountDisabled = False |
||||||||
|
|
|||||||
Originally Posted By: apronk Hmmm, I know kix doesn't support True and False statements, but this seems to work for me as well: Code: $usr.AccountDisabled = False It works by accident of the way that the interpreter deals with unknowns, so don't rely on it. KiXtart supports the right types for TRUE / FALSE, so you just need to declare them: Code: Global $TRUE $TRUE=Not 0 Global $FALSE $FALSE=Not $TRUE ... $usr.AccountDisabled = $FALSE |
||||||||
|
|
|||||||
Originally Posted By: Richard H. Originally Posted By: apronk Hmmm, I know kix doesn't support True and False statements, but this seems to work for me as well: Code: $usr.AccountDisabled = False It works by accident of the way that the interpreter deals with unknowns, so don't rely on it. KiXtart supports the right types for TRUE / FALSE, so you just need to declare them: Code: Global $TRUE $TRUE=Not 0 Global $FALSE $FALSE=Not $TRUE ... $usr.AccountDisabled = $FALSE Which is not per definition true (ehm ascii true.. hehe) The "Not 0" statement doesn't always work in COM aquired boolean values. So it is subject to change with every COM object you're attempting to use. |
||||||||
|
|
|||||||
Originally Posted By: Mart Can you post the code you have so far? Please use the code tags when posting code. Code: CreateAccount("123456","Lastname Test", "LDAP://OU=test,OU=ouinformation,OU=nextleaveOU, dc=Domain ,dc=ad") Function CreateAccount($UserName, $FullName, $ADsPath) $OU = GetObject($ADsPath) $UserObj = $OU.Create("User","cn=$FullName") $UserObj.Put ("sAMAccountName", $UserName) $UserObj.Put ("givenName", "John") ;First Name $UserObj.Put ("Initials", "Frank") ;Initials $UserObj.Put ("sn", "Smith") ;Last Name(Surname) $UserObj.Put("displayName","Smith" + IIf("smith", ", ","") + "John" + IIf("Frank", " ", "") + "Frank") ;Display name $UserObj.Put ("description", "Head Man in charge") ;Description $UserObj.Put ("physicalDeliveryOfficeName","Wahington, DC") ;Office $UserObj.Put ("telephoneNumber","222-555-5555");Telephone $UserObj.Put ("mail","first_Last@company.com") ;E-mail $UserObj.Put ("wWWHomePage","www.kixtart.org") ;Web page $UserObj.Put ("userPrincipalName", "123456") ;userPrincipalName $UserObj.Put ("LoginScript", "common.bat") ;Logon Script $UserObj.Put ("Street", "1234 A Street, NW") ;Street $UserObj.Put ("Password", "gensler") $UserObj.Put ("AccountDisabled", "False") $UserObj.Put ("LoginScript", "gensler_dc\common.bat") ; Added Code $userObj.SetPassword("password") ;Sets the password to "newpassword" $userObj.Put("pwdLastSet", 0) ;User has to change the pw as soon as he/she logs in $userObj.AccountDisabled = 0 ;Enables the account ;End of test code $UserObj.SetInfo ; Objects cleanup $UserObj = 0 $OU = 0 EndFunction Do I need to write a new function that runs after the account is created? |
||||||||
|
|
|||||||
Please try this code, you've made a few errors, one of which is having "LoginScript" 2 times, LoginScript is actually "scriptPath", You need to use .SetInfo 2 times, one before you enable the account and set password. And some "" errors. here is the cleaned up code: Code: CreateAccount("123456","Lastname Test", "LDAP://OU=test,OU=ouinformation,OU=nextleaveOU, dc=Domain ,dc=ad") Function CreateAccount($UserName, $FullName, $ADsPath) $OU = GetObject($ADsPath) $UserObj = $OU.Create("User","cn="+$FullName) $UserObj.Put("sAMAccountName", $UserName) $UserObj.Put("givenName", "John") ;First Name $UserObj.Put("Initials", "Frank") ;Initials $UserObj.Put("sn", "Smith") ;Last Name(Surname) $UserObj.Put("displayName","Smith" + IIf("smith", ", ","") + "John" + IIf("Frank", " ", "") + "Frank") ;Display name $UserObj.Put("description", "Head Man in charge") ;Description $UserObj.Put("physicalDeliveryOfficeName","Wahington, DC") ;Office $UserObj.Put("telephoneNumber","222-555-5555");Telephone $UserObj.Put("mail","first_Last@company.com") ;E-mail $UserObj.Put("wWWHomePage","www.kixtart.org") ;Web page $UserObj.Put("userPrincipalName", "123456") ;userPrincipalName $UserObj.Put("scriptPath", "common.bat") ;Logon Script $UserObj.Put("Street", "1234 A Street, NW") ;Street $UserObj.Put("Password", "gensler") $UserObj.SetInfo ; Added Code $userObj.SetPassword("password") ;Sets the password to "newpassword" $userObj.Put("pwdLastSet", 0) ;User has to change the pw as soon as he/she logs in $userObj.AccountDisabled = 0 ;Enables the account $UserObj.SetInfo ; Objects cleanup $UserObj = 0 $OU = 0 EndFunction |
||||||||
|
|
|||||||
Code: Which is not per definition true (ehm ascii true.. hehe) The "Not 0" statement doesn't always work in COM aquired boolean values. So it is subject to change with every COM object you're attempting to use. Not too sure what you mean - "Not 0" is not ASCII, it creates a boolean variable with a true value. Try using VarTypeName() on the variable. |
||||||||
|
|
|||||||
ascii true was a joke, it was me saying "not per definition true" I agree that "Not 0" will create a kixtart acceptable Boolean value but some COM object don't accept that as true boolean, not saying kixtart is wrong, just that some COM objects behave differently. |
||||||||
|
|
|||||||
Originally Posted By: apronk Please try this code, you've made a few errors, one of which is having "LoginScript" 2 times, LoginScript is actually "scriptPath", You need to use .SetInfo 2 times, one before you enable the account and set password. And some "" errors. here is the cleaned up code: Apronk you ROCK!!!! THANK YOU! THANK YOU! THANK YOU! I removed the unneeded $UserObj.Put("Password", "gensler") statement and your revised code worked perfert. THANKS!!!! |
||||||||
|
|
|||||||
A yeah, I overlooked the .Put("Password") Glad I could help |
||||||||
|
|
|||||||
Originally Posted By: apronk Please try this code, you've made a few errors, one of which is having "LoginScript" 2 times, LoginScript is actually "scriptPath", You need to use .SetInfo 2 times, one before you enable the account and set password. And some "" errors. here is the cleaned up code: Code: CreateAccount("123456","Lastname Test", "LDAP://OU=test,OU=ouinformation,OU=nextleaveOU, dc=Domain ,dc=ad") Function CreateAccount($UserName, $FullName, $ADsPath) $OU = GetObject($ADsPath) $UserObj = $OU.Create("User","cn="+$FullName) $UserObj.Put("sAMAccountName", $UserName) $UserObj.Put("givenName", "John") ;First Name $UserObj.Put("Initials", "Frank") ;Initials $UserObj.Put("sn", "Smith") ;Last Name(Surname) $UserObj.Put("displayName","Smith" + IIf("smith", ", ","") + "John" + IIf("Frank", " ", "") + "Frank") ;Display name $UserObj.Put("description", "Head Man in charge") ;Description $UserObj.Put("physicalDeliveryOfficeName","Wahington, DC") ;Office $UserObj.Put("telephoneNumber","222-555-5555");Telephone $UserObj.Put("mail","first_Last@company.com") ;E-mail $UserObj.Put("wWWHomePage","www.kixtart.org") ;Web page $UserObj.Put("userPrincipalName", "123456") ;userPrincipalName $UserObj.Put("scriptPath", "common.bat") ;Logon Script $UserObj.Put("Street", "1234 A Street, NW") ;Street $UserObj.Put("Password", "gensler") $UserObj.SetInfo ; Added Code $userObj.SetPassword("password") ;Sets the password to "newpassword" $userObj.Put("pwdLastSet", 0) ;User has to change the pw as soon as he/she logs in $userObj.AccountDisabled = 0 ;Enables the account $UserObj.SetInfo ; Objects cleanup $UserObj = 0 $OU = 0 EndFunction Hi ya. Can you help when I run this code on Kix 4.60 I get an error message see below. ERROR : expected ')'! Script: H:\Folder Lock\Locker\Misc Stuff\Kix\AdminScriptEditor\ldap6.kix Line : 36 This is what the line is $UserObj = $OU.Create("User", "cn=" + $FullName) can any one help me with this one, I would love to get this working. Thanks Glyn |
||||||||
|
|
|||||||
5861king - Please do not HiJack old threads (lsat response was 4 years ago). Please start a new thread providing as many details as possible. |
||||||||
|
|
|||||||
A little more then 18 months Garg But still, a new thread would be the way to go. |
||||||||
|
|
|||||||
sorry I'll post a new thread!! |
||||||||
|
|
|||||||
@Mart, Oops looked at the Registration date of the last responder not the date of the last response. Oh well... |