higgsy
asked on
script to create AD user accounts including exchange mailbox
Hi
I was wondereing if there is a script or somthing that will allow me to create Active Directory user accounts and their exchange mailboxes at the same time.
An example of one would be great. Our domain consists of 2 windows 2003 domain controllers and 2 exchange 2003 servers.
Thanks
I was wondereing if there is a script or somthing that will allow me to create Active Directory user accounts and their exchange mailboxes at the same time.
An example of one would be great. Our domain consists of 2 windows 2003 domain controllers and 2 exchange 2003 servers.
Thanks
ASKER CERTIFIED SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
Others will be along to help you specifically if those links dont provide you with what you need.
SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
here is answer :
This script will create and configure a user including an Exchange mailbox, create and share home directory (with permissions) and put a user into AD groups.
It requires user input for user initials and a couple of other fields, but can easily be changed to read from a csv file.
'Option Explicit
Dim WshShell, fso
Set WSHShell = WScript.CreateObject("WScr ipt.Shell" )
Set fso = CreateObject("Scripting.Fi leSystemOb ject")
Set WshNetwork = WScript.CreateObject("WScr ipt.Networ k")
DomainName = "EnterYourDomainName.com"
OUNamePt1 = "Windows 2000 Users"
OUNamePt2 = "Tunbridge Wells Users"
DefaultPassword = "EnterYourDefaultPassword"
Set dom = GetObject("LDAP://" & DomainName)
InputPrompt1 = "Domain = "&DomainName&vbCrLf&"Conta iner = "&OUName&vbCrLf&vbCrLf&"En ter Users Initials:"
InputPrompt2 = "Domain = "&DomainName&vbCrLf&"Conta iner = "&OUName&vbCrLf&vbCrLf&"En ter Users First Name:"
InputPrompt3 = "Domain = "&DomainName&vbCrLf&"Conta iner = "&OUName&vbCrLf&vbCrLf&"En ter Users Surname:"
InputPrompt4 = "Domain = "&DomainName&vbCrLf&"Conta iner = "&OUName&vbCrLf&vbCrLf&"En ter Users Job Title:"
'InputPrompt5 = "Domain = "&DomainName&vbCrLf&"Conta iner = "&OUName&vbCrLf&vbCrLf&"Pl ease Enter F for Fee Earner or N for Non Fee Earner:"
UserName = InputBox(InputPrompt1, "UserInitials")
FirstName = InputBox(InputPrompt2, "FirstName")
Surname = InputBox(InputPrompt3, "Surname")
Department = InputBox(InputPrompt4, "Job Title")
UserStatus = WshShell.popup("Is this user a Fee Earner",,"User Type",4)
Set usr = dom.Create("user", "CN=" & Surname & ", " & FirstName & ",OU=" & OUNamePt1 & ",OU=" & OUNamePt2)
Set ProfileServer = fso.GetFolder("EnterYourFi leServerho me$")
'Create User
usr.put "samAccountName", LCase(UserName)
usr.put "userPrincipalName", FirstName & "." & Surname & "@" & DomainName
usr.put "givenName", FirstName
usr.put "sn", Surname
usr.put "displayName", Surname & ", " & FirstName
usr.put "initials", LCase(Mid(UserName,2,1))
usr.put "description", Department
usr.put "homeDirectory", "EnterYourFileServer" & LCase(UserName) & "$"
usr.put "homeDrive", "H:"
usr.put "profilePath", "EnterYourFileServerprofil e$" & LCase(UserName)
usr.setinfo
usr.setpassword DefaultPassword
usr.accountdisabled = False
usr.setinfo
'Create Users Mailbox
Dim oIADSUser
Dim MStore
strDefaultNC = "DC=EnterYourDomainName,DC =com"
Set oIADSUser = GetObject("LDAP://CN=" & Surname & ", " & FirstName & ",OU=Windows 2000 Users,OU=Tunbridge Wells Users,DC=EnterYourDomainNa me,DC=com" )
If UCase(Right(Username,1)) <= Chr(76) Then
MStore = "Mailboxes A-L"
Else
MStore = "Mailboxes M-Z"
End If
oIADSUser.CreateMailbox "LDAP://CN=" & MStore & ",CN=First Storage Group,CN=InformationStore, CN=EnterYo urMailServ er,CN=Serv ers,CN=Ent erYourAdmi nGroup,CN= Administra tive Groups,CN=EnterYourSMTPOrg anisationN ame,CN=Mic rosoft Exchange,CN=Services,CN=Co nfiguratio n,DC=Enter YourDomain Name,DC=co m"
oIADSUser.SetInfo
'Add member to groups
Const ADS_PROPERTY_APPEND = 3
Set objGroup = GetObject("LDAP://CN=Docs_ Users,CN=U sers,DC=En terYourDom ainName,DC =com")
objGroup.PutEx ADS_PROPERTY_APPEND, "member", Array("CN=" & Surname & ", " & FirstName & ",OU=Windows 2000 Users,OU=Tunbridge Wells Users,DC=EnterYourDomainNa me,DC=com" )
objGroup.SetInfo
Set objGroup = GetObject("LDAP://CN=Super Scout All Users,CN=Users,DC=EnterYou rDomainNam e,DC=com")
objGroup.PutEx ADS_PROPERTY_APPEND, "member", Array("CN=" & Surname & ", " & FirstName & ",OU=Windows 2000 Users,OU=Tunbridge Wells Users,DC=EnterYourDomainNa me,DC=com" )
objGroup.SetInfo
If UserStatus = vbYes Then
Set objGroup = GetObject("LDAP://CN=Fee Earners,CN=Users,DC=EnterY ourDomainN ame,DC=com ")
objGroup.PutEx ADS_PROPERTY_APPEND, "member", Array("CN=" & Surname & ", " & FirstName & ",OU=Windows 2000 Users,OU=Tunbridge Wells Users,DC=EnterYourDomainNa me,DC=com" )
objGroup.SetInfo
UserStatus = WshShell.popup("Is this user a Trainee Solicitor",,"User Type",4)
If UserStatus = vbYes Then
Set objGroup = GetObject("LDAP://CN=All Solicitors,OU=Exchange Mailing Lists,OU=Tunbridge Wells Users,DC=EnterYourDomainNa me,DC=com" )
objGroup.PutEx ADS_PROPERTY_APPEND, "member", Array("CN=" & Surname & ", " & FirstName & ",OU=Windows 2000 Users,OU=Tunbridge Wells Users,DC=EnterYourDomainNa me,DC=com" )
objGroup.SetInfo
End If
Else
UserStatus = WshShell.popup("Is this user a standard Non Fee Earner",,"User Type",4)
If UserStatus = vbYes Then
Set objGroup = GetObject("LDAP://CN=Non Fee Earners,CN=Users,DC=EnterY ourDomainN ame,DC=com ")
Else
UserStatus = WshShell.popup("Is this a member of IT",,"User Type",4)
End If
End If
Wscript.quit
'Create users home directory
If fso.FolderExists(ProfileSe rver & "" & UserName) = False Then
fso.CreateFolder(ProfileSe rver & "" & LCase(UserName))
fso.CreateFolder(ProfileSe rver & "" & UserName & "interface")
End If
'Share user home directory
AdminServer = "EnterYourAdminServer"
ShareName = LCase(Username) & "$"
FolderName = "E:usershome" & UserName
Set Services = GetObject("WINMGMTS:{imper sonationLe vel=impers onate,(Sec urity)}!" & AdminServer & "ROOTCIMV2")
Set SecDescClass = Services.Get("Win32_Securi tyDescript or")
Set SecDesc = SecDescClass.SpawnInstance _()
Set Share = Services.Get("Win32_Share" )
Set InParam = Share.Methods_("Create").I nParameter s.SpawnIns tance_()
InParam.Properties_.Item(" Access") = SecDesc
InParam.Properties_.Item(" Descriptio n") = "Home Directory"
InParam.Properties_.Item(" Name") = ShareName
InParam.Properties_.Item(" Path") = FolderName
InParam.Properties_.Item(" Type") = 0
Share.ExecMethod_"Create", InParam
If fso.FileExists("C:winntsys tem32adsse curity.dll ") = False Then
fso.CopyFile("EnterYourFil eServerins tallsoftwa readsiadss ecurity.dl l"),("c:wi nntsystem3 2")
WshShell.Run("%comspec% /c regsvr32.exe /s C:winntsystem32adssecurity .dll")
Wscript.sleep 50000
End If
ReplaceACL ProfileServer & "" & Username,"add(" & UserName & ":F)+add(domain admins:F)"
Set WshShell = Nothing
Set fso = Nothing
Set WshNetwork = Nothing
Set usr = Nothing
Set NewShare = Nothing
Set Services = Nothing
Set SecDescClass = Nothing
Set SecDesc = Nothing
Set Share = Nothing
Set InParam = Nothing
Set sec = Nothing
Set sd = Nothing
Set dacl = Nothing
Set ace = Nothing
Set oIADSUser = Nothing
Set objGroup = Nothing
MsgBox "The creation of user: " & FirstName & " " & Surname & VbCrLf &_
"has completed without error"
'Functions
'Set permissions on users home directory
Function ReplaceACL(foldernm, permspart)
foldernm = ProfileServer & "" & Username
If fso.FolderExists(foldernm) = False Then
MsgBox "Sorry this folder is not present on the server"
Else
ChangeACLS foldernm, permspart, "REPLACE", "FOLDER"
End If
End Function
'Edit ACLS of specified folder
Function ChangeAcls(FILE,PERMS,REDI T,FFOLDER)
Const ADS_ACETYPE_ACCESS_ALLOWED = 0
Const ADS_ACETYPE_ACCESS_DENIED = 1
Const ADS_ACEFLAG_INHERIT_ACE = 2
Const ADS_ACEFLAG_SUB_NEW = 9
Set sec = Wscript.CreateObject("ADsS ecurity")
Set sd = sec.GetSecurityDescriptor( "FILE://" & FILE)
Set dacl = sd.DiscretionaryAcl
If UCase(REDIT)="REPLACE" Then
For Each existingAce In dacl
dacl.removeace existingace
Next
End If
'break up Perms into individual actions
cmdArray=split(perms,"+")
For x=0 to ubound(cmdarray)
tmpVar1=cmdarray(x)
If UCase(left(tmpVar1,3))="DE L" Then
ACLAction="DEL"
Else
ACLAction="ADD"
End If
tmpcmdVar=left(tmpVar1,len (tmpVar1)- 1)
tmpcmdVar=right(tmpcmdVar, len(tmpcmd Var)-4)
cmdparts=split(tmpcmdVar," :")
nameVar=cmdparts(0)
rightVar=cmdparts(1)
If ACLAction="ADD" Then
If UCase(FFOLDER)="FOLDER" Then
addace dacl, namevar, rightvar, ADS_ACETYPE_ACCESS_ALLOWED , ADS_ACEFLAG_SUB_NEW
addace dacl, namevar, rightvar, ADS_ACETYPE_ACCESS_ALLOWED , ADS_ACEFLAG_INHERIT_ACE
Else
addace dacl, namevar, rightvar, ADS_ACETYPE_ACCESS_ALLOWED ,0
End If
End If
Next
For Each ace in dacl
If instr(ucase(ace.trustee)," NT AUTHORITY") then
newtrustee=right(ace.trust ee, len(ace.trustee)-instr(ace .trustee, ""))
ace.trustee=newtrustee
End If
Next
sd.DiscretionaryAcl = dacl
sec.SetSecurityDescriptor sd
End Function
Function addace(dacl,trustee, maskvar, acetype, aceflags)
' add ace to the specified dacl
Const RIGHT_READ = &H80000000
Const RIGHT_EXECUTE = &H20000000
Const RIGHT_WRITE = &H40000000
Const RIGHT_DELETE = &H10000
Const RIGHT_FULL = &H10000000
Const RIGHT_CHANGE_PERMS = &H40000
Const RIGHT_TAKE_OWNERSHIP = &H80000
Set ace = CreateObject("AccessContro lEntry")
ace.Trustee = trustee
Select Case UCase(MaskVar)
Case "F"
ace.AccessMask = RIGHT_FULL
Case "C"
ace.AccessMask = RIGHT_READ or RIGHT_WRITE or RIGHT_EXECUTE or RIGHT_DELETE
Case "R"
ace.AccessMask = RIGHT_READ or RIGHT_EXECUTE
End Select
ace.AceType = acetype
ace.AceFlags = aceflags
dacl.AddAce ace
End Function
Source : http://searchwincomputing.techtarget.com/tip/0,289483,sid68_gci1089792,00.html
This script will create and configure a user including an Exchange mailbox, create and share home directory (with permissions) and put a user into AD groups.
It requires user input for user initials and a couple of other fields, but can easily be changed to read from a csv file.
'Option Explicit
Dim WshShell, fso
Set WSHShell = WScript.CreateObject("WScr
Set fso = CreateObject("Scripting.Fi
Set WshNetwork = WScript.CreateObject("WScr
DomainName = "EnterYourDomainName.com"
OUNamePt1 = "Windows 2000 Users"
OUNamePt2 = "Tunbridge Wells Users"
DefaultPassword = "EnterYourDefaultPassword"
Set dom = GetObject("LDAP://" & DomainName)
InputPrompt1 = "Domain = "&DomainName&vbCrLf&"Conta
InputPrompt2 = "Domain = "&DomainName&vbCrLf&"Conta
InputPrompt3 = "Domain = "&DomainName&vbCrLf&"Conta
InputPrompt4 = "Domain = "&DomainName&vbCrLf&"Conta
'InputPrompt5 = "Domain = "&DomainName&vbCrLf&"Conta
UserName = InputBox(InputPrompt1, "UserInitials")
FirstName = InputBox(InputPrompt2, "FirstName")
Surname = InputBox(InputPrompt3, "Surname")
Department = InputBox(InputPrompt4, "Job Title")
UserStatus = WshShell.popup("Is this user a Fee Earner",,"User Type",4)
Set usr = dom.Create("user", "CN=" & Surname & ", " & FirstName & ",OU=" & OUNamePt1 & ",OU=" & OUNamePt2)
Set ProfileServer = fso.GetFolder("EnterYourFi
'Create User
usr.put "samAccountName", LCase(UserName)
usr.put "userPrincipalName", FirstName & "." & Surname & "@" & DomainName
usr.put "givenName", FirstName
usr.put "sn", Surname
usr.put "displayName", Surname & ", " & FirstName
usr.put "initials", LCase(Mid(UserName,2,1))
usr.put "description", Department
usr.put "homeDirectory", "EnterYourFileServer" & LCase(UserName) & "$"
usr.put "homeDrive", "H:"
usr.put "profilePath", "EnterYourFileServerprofil
usr.setinfo
usr.setpassword DefaultPassword
usr.accountdisabled = False
usr.setinfo
'Create Users Mailbox
Dim oIADSUser
Dim MStore
strDefaultNC = "DC=EnterYourDomainName,DC
Set oIADSUser = GetObject("LDAP://CN=" & Surname & ", " & FirstName & ",OU=Windows 2000 Users,OU=Tunbridge Wells Users,DC=EnterYourDomainNa
If UCase(Right(Username,1)) <= Chr(76) Then
MStore = "Mailboxes A-L"
Else
MStore = "Mailboxes M-Z"
End If
oIADSUser.CreateMailbox "LDAP://CN=" & MStore & ",CN=First Storage Group,CN=InformationStore,
oIADSUser.SetInfo
'Add member to groups
Const ADS_PROPERTY_APPEND = 3
Set objGroup = GetObject("LDAP://CN=Docs_
objGroup.PutEx ADS_PROPERTY_APPEND, "member", Array("CN=" & Surname & ", " & FirstName & ",OU=Windows 2000 Users,OU=Tunbridge Wells Users,DC=EnterYourDomainNa
objGroup.SetInfo
Set objGroup = GetObject("LDAP://CN=Super
objGroup.PutEx ADS_PROPERTY_APPEND, "member", Array("CN=" & Surname & ", " & FirstName & ",OU=Windows 2000 Users,OU=Tunbridge Wells Users,DC=EnterYourDomainNa
objGroup.SetInfo
If UserStatus = vbYes Then
Set objGroup = GetObject("LDAP://CN=Fee Earners,CN=Users,DC=EnterY
objGroup.PutEx ADS_PROPERTY_APPEND, "member", Array("CN=" & Surname & ", " & FirstName & ",OU=Windows 2000 Users,OU=Tunbridge Wells Users,DC=EnterYourDomainNa
objGroup.SetInfo
UserStatus = WshShell.popup("Is this user a Trainee Solicitor",,"User Type",4)
If UserStatus = vbYes Then
Set objGroup = GetObject("LDAP://CN=All Solicitors,OU=Exchange Mailing Lists,OU=Tunbridge Wells Users,DC=EnterYourDomainNa
objGroup.PutEx ADS_PROPERTY_APPEND, "member", Array("CN=" & Surname & ", " & FirstName & ",OU=Windows 2000 Users,OU=Tunbridge Wells Users,DC=EnterYourDomainNa
objGroup.SetInfo
End If
Else
UserStatus = WshShell.popup("Is this user a standard Non Fee Earner",,"User Type",4)
If UserStatus = vbYes Then
Set objGroup = GetObject("LDAP://CN=Non Fee Earners,CN=Users,DC=EnterY
Else
UserStatus = WshShell.popup("Is this a member of IT",,"User Type",4)
End If
End If
Wscript.quit
'Create users home directory
If fso.FolderExists(ProfileSe
fso.CreateFolder(ProfileSe
fso.CreateFolder(ProfileSe
End If
'Share user home directory
AdminServer = "EnterYourAdminServer"
ShareName = LCase(Username) & "$"
FolderName = "E:usershome" & UserName
Set Services = GetObject("WINMGMTS:{imper
Set SecDescClass = Services.Get("Win32_Securi
Set SecDesc = SecDescClass.SpawnInstance
Set Share = Services.Get("Win32_Share"
Set InParam = Share.Methods_("Create").I
InParam.Properties_.Item("
InParam.Properties_.Item("
InParam.Properties_.Item("
InParam.Properties_.Item("
InParam.Properties_.Item("
Share.ExecMethod_"Create",
If fso.FileExists("C:winntsys
fso.CopyFile("EnterYourFil
WshShell.Run("%comspec% /c regsvr32.exe /s C:winntsystem32adssecurity
Wscript.sleep 50000
End If
ReplaceACL ProfileServer & "" & Username,"add(" & UserName & ":F)+add(domain admins:F)"
Set WshShell = Nothing
Set fso = Nothing
Set WshNetwork = Nothing
Set usr = Nothing
Set NewShare = Nothing
Set Services = Nothing
Set SecDescClass = Nothing
Set SecDesc = Nothing
Set Share = Nothing
Set InParam = Nothing
Set sec = Nothing
Set sd = Nothing
Set dacl = Nothing
Set ace = Nothing
Set oIADSUser = Nothing
Set objGroup = Nothing
MsgBox "The creation of user: " & FirstName & " " & Surname & VbCrLf &_
"has completed without error"
'Functions
'Set permissions on users home directory
Function ReplaceACL(foldernm, permspart)
foldernm = ProfileServer & "" & Username
If fso.FolderExists(foldernm)
MsgBox "Sorry this folder is not present on the server"
Else
ChangeACLS foldernm, permspart, "REPLACE", "FOLDER"
End If
End Function
'Edit ACLS of specified folder
Function ChangeAcls(FILE,PERMS,REDI
Const ADS_ACETYPE_ACCESS_ALLOWED
Const ADS_ACETYPE_ACCESS_DENIED = 1
Const ADS_ACEFLAG_INHERIT_ACE = 2
Const ADS_ACEFLAG_SUB_NEW = 9
Set sec = Wscript.CreateObject("ADsS
Set sd = sec.GetSecurityDescriptor(
Set dacl = sd.DiscretionaryAcl
If UCase(REDIT)="REPLACE" Then
For Each existingAce In dacl
dacl.removeace existingace
Next
End If
'break up Perms into individual actions
cmdArray=split(perms,"+")
For x=0 to ubound(cmdarray)
tmpVar1=cmdarray(x)
If UCase(left(tmpVar1,3))="DE
ACLAction="DEL"
Else
ACLAction="ADD"
End If
tmpcmdVar=left(tmpVar1,len
tmpcmdVar=right(tmpcmdVar,
cmdparts=split(tmpcmdVar,"
nameVar=cmdparts(0)
rightVar=cmdparts(1)
If ACLAction="ADD" Then
If UCase(FFOLDER)="FOLDER" Then
addace dacl, namevar, rightvar, ADS_ACETYPE_ACCESS_ALLOWED
addace dacl, namevar, rightvar, ADS_ACETYPE_ACCESS_ALLOWED
Else
addace dacl, namevar, rightvar, ADS_ACETYPE_ACCESS_ALLOWED
End If
End If
Next
For Each ace in dacl
If instr(ucase(ace.trustee),"
newtrustee=right(ace.trust
ace.trustee=newtrustee
End If
Next
sd.DiscretionaryAcl = dacl
sec.SetSecurityDescriptor sd
End Function
Function addace(dacl,trustee, maskvar, acetype, aceflags)
' add ace to the specified dacl
Const RIGHT_READ = &H80000000
Const RIGHT_EXECUTE = &H20000000
Const RIGHT_WRITE = &H40000000
Const RIGHT_DELETE = &H10000
Const RIGHT_FULL = &H10000000
Const RIGHT_CHANGE_PERMS = &H40000
Const RIGHT_TAKE_OWNERSHIP = &H80000
Set ace = CreateObject("AccessContro
ace.Trustee = trustee
Select Case UCase(MaskVar)
Case "F"
ace.AccessMask = RIGHT_FULL
Case "C"
ace.AccessMask = RIGHT_READ or RIGHT_WRITE or RIGHT_EXECUTE or RIGHT_DELETE
Case "R"
ace.AccessMask = RIGHT_READ or RIGHT_EXECUTE
End Select
ace.AceType = acetype
ace.AceFlags = aceflags
dacl.AddAce ace
End Function
Source : http://searchwincomputing.techtarget.com/tip/0,289483,sid68_gci1089792,00.html
you can also look at here : http://www.computerperformance.co.uk/Logon/Logon_CSVDE.htm
When you manually create user accounts and mailboxes in Exchange 5.5, two possible scenarios exist. In one scenario, you create an NT user account, then create the mailbox. In the other scenario, you create an AD domain user account, then the Active Directory Connector (ADC) automatically creates the mailbox. In either case, Exchange 5.5 automatically assigns the user account SID to a mailbox attribute. When you use CrUM55 to programmatically create user accounts and mailboxes in Exchange 5.5, the script automatically creates the user account and mailbox. CrUM55 uses the user account SID that NT or AD creates to link the account and mailbox.
Before running CrUM55, you need to perform three minor tasks on the client computer on which you intend to run the script. First, you must make sure that you can manually create a user account and mailbox from the client computer.
Second, you must install WSH 5.6. You need version 5.6 because the script uses WSH 5.6's improved method of managing command-line arguments and its XML file format; earlier WSH versions don't support either feature. Windows XP includes WSH 5.6. You can download the WSH 5.6 upgrade for Win2K, NT, Windows Me, and Windows 98 at (http://msdn.microsoft.com/library/default.asp?url=/downloads/list/webdev.asp).
Finally, you need to copy and register AcctCrt.dll on the client computer on which CrUM55 will run. AcctCrt.dll contains the AcctMgmt class, which the utility needs to associate a user account with an Exchange 5.5 mailbox and to generate a Security Descriptor (SD) for the mailbox. The SD gives the user account permission to use the mailbox. The DLL's source code is part of the Exchange 5.5 SDK. I've compiled the source code for the x86 platform and included it in the CrUM55_Utility.zip file, which you can download from http://www.exchangeadmin.com, InstantDoc ID 39177. After you download CrUM55_Utility.zip, copy AcctCrt.dll to the \%systemroot%\system32 folder on a computer running an NT-based OS, such as XP, Win2K, or NT. Then, from a command line, type
regsvr32 acctcrt.dll
and press Enter.
The Script Basics
The CrUM55 utility consists of two files: CrUM55.wsf, which contains the XML-based command-line Help for running the script, and CrUM55.vbs, which contains the VBScript code to complete the creation tasks. The version of this tool that I wrote for creating Exchange 2000 mailboxes and AD user accounts consists of only one file—a .wsf file. However, for creating Exchange 5.5 mailboxes and NT or AD user accounts, I found that separating the VBScript code from the XML code made the utility easier with which to work. For more information about the .wsf file format, see "The Script Basics" section of "Script User Account and Mailbox Creation."
You can run CrUM55.wsf from either WScript (the WSH graphical interface) or CScript (the command-line interface). For command-line help with CrUM55.wsf, type
crum55.wsf /?
or
crum55.wsf
and press Enter.
When you run CrUM55.wsf from WScript, the .wsf file displays status and Help information in a message box, as Figure 1 shows. When you run CrUM55.wsf from CScript, the .wsf file displays the same information in a command window, as Figure 2 shows.
Whether the Help information appears in a message box or command window depends on which script host you've configured as the default. WScript is the default script host unless you specifically configure WSH to use CScript. To configure CScript as your default script host, type the following code at the command line:
cscript //h:cscript
and press Enter.
CrUM55.wsf requires five parameters (i.e., /a, /u, /d, /f, and /l) to create an NT domain user account and Exchange 5.5 mailbox and six parameters (i.e., /a, /u, /d, /c, /f, and /l) to create an AD domain user account and Exchange 5.5 mailbox. Figure 1 and Figure 2 describe the values you specify for each parameter. For example, if you want to create a mailbox and an AD domain user account named EthanW for Ethan Wilansky in the Scripters OU below the IT OU of the adatum.com domain, you'd type
Crum55.wsf /a:ad /u:EthanW
/f:Ethan /l:Wilansky
/c:ou=scripters,ou=it,
dc=adatum,dc=com
/d:adatum
and press Enter
Before running CrUM55, you need to perform three minor tasks on the client computer on which you intend to run the script. First, you must make sure that you can manually create a user account and mailbox from the client computer.
Second, you must install WSH 5.6. You need version 5.6 because the script uses WSH 5.6's improved method of managing command-line arguments and its XML file format; earlier WSH versions don't support either feature. Windows XP includes WSH 5.6. You can download the WSH 5.6 upgrade for Win2K, NT, Windows Me, and Windows 98 at (http://msdn.microsoft.com/library/default.asp?url=/downloads/list/webdev.asp).
Finally, you need to copy and register AcctCrt.dll on the client computer on which CrUM55 will run. AcctCrt.dll contains the AcctMgmt class, which the utility needs to associate a user account with an Exchange 5.5 mailbox and to generate a Security Descriptor (SD) for the mailbox. The SD gives the user account permission to use the mailbox. The DLL's source code is part of the Exchange 5.5 SDK. I've compiled the source code for the x86 platform and included it in the CrUM55_Utility.zip file, which you can download from http://www.exchangeadmin.com, InstantDoc ID 39177. After you download CrUM55_Utility.zip, copy AcctCrt.dll to the \%systemroot%\system32 folder on a computer running an NT-based OS, such as XP, Win2K, or NT. Then, from a command line, type
regsvr32 acctcrt.dll
and press Enter.
The Script Basics
The CrUM55 utility consists of two files: CrUM55.wsf, which contains the XML-based command-line Help for running the script, and CrUM55.vbs, which contains the VBScript code to complete the creation tasks. The version of this tool that I wrote for creating Exchange 2000 mailboxes and AD user accounts consists of only one file—a .wsf file. However, for creating Exchange 5.5 mailboxes and NT or AD user accounts, I found that separating the VBScript code from the XML code made the utility easier with which to work. For more information about the .wsf file format, see "The Script Basics" section of "Script User Account and Mailbox Creation."
You can run CrUM55.wsf from either WScript (the WSH graphical interface) or CScript (the command-line interface). For command-line help with CrUM55.wsf, type
crum55.wsf /?
or
crum55.wsf
and press Enter.
When you run CrUM55.wsf from WScript, the .wsf file displays status and Help information in a message box, as Figure 1 shows. When you run CrUM55.wsf from CScript, the .wsf file displays the same information in a command window, as Figure 2 shows.
Whether the Help information appears in a message box or command window depends on which script host you've configured as the default. WScript is the default script host unless you specifically configure WSH to use CScript. To configure CScript as your default script host, type the following code at the command line:
cscript //h:cscript
and press Enter.
CrUM55.wsf requires five parameters (i.e., /a, /u, /d, /f, and /l) to create an NT domain user account and Exchange 5.5 mailbox and six parameters (i.e., /a, /u, /d, /c, /f, and /l) to create an AD domain user account and Exchange 5.5 mailbox. Figure 1 and Figure 2 describe the values you specify for each parameter. For example, if you want to create a mailbox and an AD domain user account named EthanW for Ethan Wilansky in the Scripters OU below the IT OU of the adatum.com domain, you'd type
Crum55.wsf /a:ad /u:EthanW
/f:Ethan /l:Wilansky
/c:ou=scripters,ou=it,
dc=adatum,dc=com
/d:adatum
and press Enter