Chapter 23. Users and Groups
In this chapter, we will show you how to automate the creation and manipulation of user and group accounts . Although tools to create user and group accounts already exist (e.g., the Windows 2000 Resource Kit's Addusers utility), ADSI's versatility lets you quickly write a script that creates 1,000 fully featured user or group accounts based on whatever business logic you require. You can also create command-line utilities or web-based interfaces using the techniques shown in this chapter to perform such functions as unlocking locked-out user accounts or adding users to groups.
Creating a Simple User Account
You can quickly create a user account with minimal attributes with ADSI. The following code shows how to create a user in an NT domain, a local computer, and an Active Directory domain:
Option Explicit Dim objDomain, objUser 'Creating a user in a Windows NT domain Set objDomain = GetObject("WinNT://MYDOMAIN") Set objUser = objDomain.Create("user","vlaunders") objUser.SetInfo 'Creating a local user on a computer or member server 'Valid for Windows NT/2000/2003 Set objComputer = GetObject("WinNT://MYCOMPUTER,Computer") Set objUser = objComputer.Create("user","vlaunders") objUser.SetInfo 'Creating a user in Active Directory Set objDomain = GetObject("LDAP://cn=Users,dc=mycorp,dc=com") Set objUser = objDomain.Create("user","cn=vlaunders") objUser.Put "sAMAccountName", "vlaunders" objUser.Put "userPrincipalName", "vlaunders@mycorp.com" objUser.SetInfo ...