Chapter 24. Users and Groups

In this chapter, we will show you how to automate the creation and manipulation of user and group accounts. Although tools to create user and group accounts already exist (e.g., the Windows 2000 Resource Kit’s Addusers utility), ADSI’s versatility lets you quickly write a script that creates 1,000 fully featured user or group accounts based on whatever business logic you require. You can also create command-line utilities or web-based interfaces using the techniques shown in this chapter to perform such functions as unlocking locked-out user accounts or adding users to groups.

Creating a Simple User Account

You can quickly create a user account with minimal attributes with ADSI. The following code shows how to create a user on a local computer and in an Active Directory domain:

Option Explicit
Dim objDomain, objUser

'Creating a local user on a computer or member server
'Valid for Windows NT/2000/2003/2008
Set objComputer = GetObject("WinNT://MYCOMPUTER,Computer")
Set objUser = objComputer.Create("user","vlaunders")
objUser.SetInfo

'Creating a user in Active Directory
Set objDomain = GetObject("LDAP://cn=Users,dc=mycorp,dc=com")
Set objUser = objDomain.Create("user", "cn=vlaunders")
objUser.Put "sAMAccountName", "vlaunders"
objUser.Put "userPrincipalName", "vlaunders@mycorp.com"
objUser.SetInfo

The code is composed of two sections. The first section uses the WinNT provider to create a user account on a local computer that could be a member server or part ...

Get Active Directory, 4th Edition now with the O’Reilly learning platform.

O’Reilly members experience books, live events, courses curated by job role, and more from O’Reilly and nearly 200 top publishers.

Start your free trial

Active Directory, 4th Edition by Brian Desmond, Joe Richards, Robbie Allen, Alistair G. Lowe-Norris

Chapter 24. Users and Groups

Creating a Simple User Account

Don’t leave empty-handed

It’s yours, free.

Check it out now on O’Reilly