You want to create an
object, which is the standard LDAP object class to represent users.
Open the Active Directory Users and Computers snap-in.
If you need to change domains, right-click on “Active Directory Users and Computers” in the left pane, select Connect to Domain, enter the domain name, and click OK.
In the left pane, browse to the parent container of the new user, right-click on it, and select New → InetOrgPerson.
Enter first name, last name, and user logon name fields as appropriate and click Next.
Enter and confirm the password, set any of the password flags, and click Next.
dsadd command does not support creating
inetOrgPerson objects so we’ll
ldifde instead. First, we need to create an
LDIF file called create_inetorgperson.ldf with the following
<UserDN>changetype: add objectclass: inetorgperson sAMAccountName:
Be sure to replace
<UserDN> with the
distinguished name of the user you want to add and
<UserName> with the
user’s username. Then run the following command:
> ldifde -i -f create_inetorgperson.ldf
' This code creates an inetOrgPerson object set objParent = GetObject("LDAP://<
ParentDN>") set objUser = objParent.Create("inetorgperson", "cn=<
UserName>") ' Taken from ADS_USER_FLAG_ENUM Const ADS_UF_NORMAL_ACCOUNT = 512 objUser.Put "sAMAccountName", "<