Creating a Full-Featured User Account
Creating user accounts as we’ve done previously is fine for an introduction, but typically you’ll need to set many more attributes to make them usable in your environment. The approaches you use to create fully featured users in the NT and Active Directory environments differ slightly; Active Directory offers considerably more properties than NT, such as the office and home addresses of users, as well as lists of email addresses and pager, fax, and phone numbers.
You can manipulate User objects with a special interface called
IADsUser
.
IADsUser's methods and property
methods let you directly set many of the User
object’s property values. Table 21-1 through Table 21-3
contain the methods, read-write property methods, and read-only
property methods, respectively, for the IADsUser
interface. The corresponding Active Directory attribute is included
in parentheses for the property methods that can be set with the LDAP
provider.
Table 21-1. IADsUser methods
|
Method |
Description |
|---|---|
|
IADsUser::ChangePassword |
Changes the existing password. |
|
IADsUser::SetPassword |
Sets a new password without needing the old one. |
|
IADsUser::Groups |
Gets a list of groups of which the user is a member. You can use the
|
Table 21-2. IADsUser read-write property methods
|
Property method |
Available with WinNT or LDAP? |
|---|---|
|
IADsUser::AccountDisabled |
WinNT, LDAP (userAccountControl mask) |
|
IADsUser::AccountExpirationDate |
WinNT, LDAP ... |
Get Active Directory, Second Edition now with the O’Reilly learning platform.
O’Reilly members experience books, live events, courses curated by job role, and more from O’Reilly and nearly 200 top publishers.
