Tutorial for Creating a User Account with VBScript
This page has VBScript examples, which show you how to create User accounts in your Windows Server 2003 domain. I urge you to trust me, and build your scripts in stages. The benefit of creating scripts in small sections is that not only do you understand each part, but also your brain will see ways of applying a section in a different scenario. For example, once you learn how to bind with Active Directory to create a User object, it's easy to modify the script and create a Computer object instead.
Topics for Creating a User Account with VBScript
- Our Mission and Goal
- Example 1: Script to Create a User in Active Directory
- VBScript Tutorial - Learning Points
- Example 2: Script to Create a User in a Named OU
- Summary for Creating User Accounts
Our Mission and Goal
Our first goal is to create a User account in Active Directory's Users container. A more realistic mission is to create users in a named OU, and we will tackle that goal in the second example.
Example 1 - Script to Create a User in Active Directory
On this page we concentrate on the essential VBscript commands necessary to build a User account in Active Directory Users and Computers. For example, GetObject("LDAP://rootDSE") and .Create("User"). Even though I am experienced at creating VBScripts, I still run manually through creating the object in Active Directory Users and Computers, the menus actions help me to rehearse the stages in my scripts.
Prerequisites
I recommend that you logon at a Windows Server 2003 domain controller. If you are a long way from the server, Remote Desktop would be a suitable alternative. If that is not possible, you could get these scripts to work from an XP machine as a non-administrator. However, why introduce extra complications? Especially at the beginning, you want easy success, with fewest obstacles.
Instructions for Creating a User Account in Active Directory
- You should run this VBScript on a Windows Active Directory domain.
- Copy and paste the example script below into notepad or a VBScript editor.
- Decide whether to change the value for strUser. DomGuy2 is not a particularly attractive name.
- Save the file with a .vbs extension, for example: Users .vbs.
- Double click Users .vbs and check the Users container for strUser.
Script to Create a User in a Named OU (Organizational Unit)
' Users .vbs
' Sample VBScript to create a User in Users .
' Author Guy Thomas http://Computerperformance.co.uk/
' Version 1.3 - September 2005
' ------------------------------------------------------'
Option Explicit
Dim strUser
Dim objRootLDAP, objContainer, objNewUser
strUser = "DomGuy2"
' Bind to Active Directory, Users container.
Set objRootLDAP = GetObject("LDAP://rootDSE")
Set objContainer = GetObject("LDAP://cn=Users," & _
objRootLDAP.Get("defaultNamingContext"))
' Build the actual User.
Set objNewUser = objContainer.Create("User", "cn=" & strUser)
objNewUser.Put "sAMAccountName", strUser
objNewUser.SetInfo
WScript.Quit
' End of free sample Create Users VBScript.
VBScript Tutorial - Learning Points
Note 1: The first 10 lines explain the purpose of the script and declare the variables.
Note 2: The simple, but clever command, which allows the script to work with any domain is: GetObject("LDAP://rootDSE"). Crucial, this statement binds WSH / VBScript to Active directory. The next line puts the focus on the Users container, as that is where the user will be born. Incidentally, the correct syntax is cn=users, whereas OUs that you create need the OU= prefix, for example OU=Accounts,.
Note 3: sAMAccountName controls the logon name, this is the name that users should enter in the dialog box after they press the Ctrl Alt Delete, logon sequence.
Note 4: .Create is a method to build an object. See how we use "User" not "Computer" or "OU".
Note 5: When creating or modifying users, invariably you need .put and .SetInfo. The .put method is the equivalent of selecting a box in Active Directory Uses and Computers, in this example sAMAccountName sets the correct property and .put unloads the value set by strUser. .SetInfo is the VBScript equivalent of pressing the OK button in the GUI. In both cases it represents the final act of creating or modifying the User object.
Note 6: This script represents 'work in progress'. For a real production script you would need to enable the account, and most likely, add several other properties, for example givenName. My desire is to get you started. Build the script in stages, understand each component, then add another section. ®
Example 2: Script to Create a User in a Named OU (Organizational Unit)
Prerequisites
Create a new OU. I called my OU Accounts, what name will your choose?
Instructions for Creating a User Account in a Named OU
- Copy and paste the example script below into notepad or a VBScript editor.
- Find the strContainer, and then change to the name of your OU.
- Decide whether to change the value for strUser.
- Save the file with a .vbs extension, for example: ComputerOU.vbs.
- Double click ComputerOU.vbs and check the Computers container for strComputer.
' UserOU.vbs
' Sample VBScript to create a User in a named OU.
' Author Guy Thomas http://Userperformance.co.uk/
' Version 2.4 - September 2005
' ------------------------------------------------------'
Option Explicit
Dim objRootLDAP, objContainer, objUser, objShell
Dim strUser, strName, strContainer
strUser = "BookKeeper21"
strName = "Bookie"
strContainer = "OU=Accounts ," ' Note the comma
' Bind to Active Directory, Users container.
Set objRootLDAP = GetObject("LDAP://rootDSE")
Set objContainer = GetObject("LDAP://" & strContainer & _
objRootLDAP.Get("defaultNamingContext"))
' Build the actual User.
Set objUser = objContainer.Create("User", "cn=" & strUser)
objUser.Put "sAMAccountName", strUser
objUser.Put "givenName", strName
objUser.SetInfo
' Optional section to launch Active Directory Uses and Users
Set objShell=CreateObject("WScript.Shell")
objShell.Run "%systemroot%\system32\dsa.msc"
WScript.Quit
' End of Sample UserOU VBScript.
VBScript Tutorial - Learning Points
Note 1: The key difference between the two scripts is: strContainer = "OU=Accounts ,". Trace how VBScript applies this variable to set the Organizational Unit.
Note 2: This command looks easy to script: GetObject("LDAP://" & strContainer & _. However it took me ages to get the speech marks and ampersands (&) just right.
Note 3: objShell.run. This optional section is just me having a little fun. What this section does is open the Active Directory Users and Users MMC ready for you to inspect the new User account. My other reason for adding this code is show that the script has executed successfully, otherwise I just sit and wonder if it has finished yet.
Note 4: I suggested in Example 1 that you could add other attributes, trace how I added givenName through strName. To see what I mean, I suggest that you alter the value from "Bookie" to a more realistic name. ˇ
Summary of Creating User Accounts
The first example script shows you how to create a new user account in your Windows Server 2003 domain. In the second example we control the name of the OU where the account appears in Active Directory Users and Computers. The tutorial's hidden agenda is learning how to apply the VBScript object, methods and value technique. There is one other guiding principle, start simply. Build complex scripts in stages.
No comments:
Post a Comment