Creating a Full-Featured User Account

Creating user accounts as we've done previously is fine for an introduction, but typically you'll need to set many more attributes to make them usable in your environment. The approaches you use to create fully featured users in the NT and Active Directory environments differ slightly; Active Directory offers considerably more properties than NT, such as the office and home addresses of users, as well as lists of email addresses and pager, fax, and phone numbers.

You can manipulate User objects with a special interface called IADsUser. IADsUser's methods and property methods let you directly set many of the User object's property values. Tables 23-1 through 23-3 contain the methods, read-write property methods, and read-only property methods, respectively, for the IADsUser interface. The corresponding Active Directory attribute is included in parentheses for the property methods that can be set with the LDAP provider.

Table 23-1. IADsUser methods

Method	Description
`IADsUser::ChangePassword`	Changes the existing password.
`IADsUser::SetPassword`	Sets a new password without needing the old one.
`IADsUser::Groups`	Gets a list of groups of which the user is a member. You can use the `IADsMembers` interface to iterate through the list.

Table 23-2. IADsUser read-write property methods

Property method	Available with WinNT or LDAP?
`IADsUser::AccountDisabled`	WinNT, LDAP (userAccountControl mask).
`IADsUser::AccountExpirationDate ...`

Get Active Directory, 3rd Edition now with the O’Reilly learning platform.

O’Reilly members experience books, live events, courses curated by job role, and more from O’Reilly and nearly 200 top publishers.

Start your free trial

Active Directory, 3rd Edition by Joe Richards, Robbie Allen, Alistair G. Lowe-Norris

Creating a Full-Featured User Account

Don’t leave empty-handed

It’s yours, free.

Check it out now on O’Reilly