Chapter 24. Users and Groups
In this chapter, we will show you how to automate the creation and manipulation of user and group accounts. Although tools to create user and group accounts already exist (e.g., the Windows 2000 Resource Kit’s Addusers utility), ADSI’s versatility lets you quickly write a script that creates 1,000 fully featured user or group accounts based on whatever business logic you require. You can also create command-line utilities or web-based interfaces using the techniques shown in this chapter to perform such functions as unlocking locked-out user accounts or adding users to groups.
Creating a Simple User Account
You can quickly create a user account with minimal attributes with ADSI. The following code shows how to create a user on a local computer and in an Active Directory domain:
Option Explicit Dim objDomain, objUser 'Creating a local user on a computer or member server 'Valid for Windows NT/2000/2003/2008 Set objComputer = GetObject("WinNT://MYCOMPUTER,Computer") Set objUser = objComputer.Create("user","vlaunders") objUser.SetInfo 'Creating a user in Active Directory Set objDomain = GetObject("LDAP://cn=Users,dc=mycorp,dc=com") Set objUser = objDomain.Create("user", "cn=vlaunders") objUser.Put "sAMAccountName", "vlaunders" objUser.Put "userPrincipalName", "email@example.com" objUser.SetInfo
The code is composed of two sections. The first section uses the WinNT provider to create a user account on a local computer that could be a member server or part ...