Creating Domain user accounts script

Hi Experts,

I am looking for a VBScript example of how to create a Windows Domain user account from a computer within the domain.

Currently I have a script that was creating a user account in a specifed OU and group but the server (Win2k3) that was running the script was the Domain Controller. With our new network design the domain controller is running on a separate server and the computer running the script is simply a member of the domain. The domain controller is using Active Directory and the server that will be running the script does not. The server executing the script is running an application that requires to create new user accounts within the domain. The scripting server is and scripts will be executed by the Domain Controller Administrator account as that is login i use.

I am not a skilled VB programmer but can work with a script to include command line supplied arguments to replace values for DOMAIN, OU, GROUP, PASSWORD. The user account password should never expire.

Many thanks,

Who is Participating?
David LeeCommented:
Hi, Greg.

I'm a little confused.  If you already have a script that creates users, then it should work regardless of where it's run from.  The only requirement I know of is that the script be run under an account that has sufficient permissions to create accounts in the domain.  Are you saying that the script you currently have does not work when run from a computer other than the domain controller?  If so, can you post the script?  It might be something that could be fixed rather than coming up with a new script.  Or is it that your current script used fixed parameters and you'd like one with flexible parameters?

greghessAuthor Commented:
Hi thanks for your reply,

Sorry for my confusing post.

Yes my script that I was using befor does not work on any other computer other than the Domain Controller. Below you will find my current impl.

'Declare all variables
option explicit

'Dont fail on error
on error resume next

' Constants for the NameTranslate object.
Const ADS_NAME_TYPE_1779 = 1

dim args
dim bExists
dim sDomain, sOU, sGroup, sUserName, sPassword
dim sDNSDomain, sNetBIOSDomain, sGroupPath
dim objRoot, objDomain, objOU, objContainer, objGroup, objLeaf, objTrans

' Get the arguments
set args = wscript.arguments
call processCommandLine(args, sDomain, sOU, sGroup, sUserName, sPassword)

set objRoot = GetObject("LDAP://rootDSE")
set objDomain = GetObject("LDAP://" & objRoot.Get("defaultNamingContext"))      

'Create the user      
set objContainer = GetObject("LDAP://OU=" & sOU &"," & _
call displayErrorAndBail(err, TRUE, "Unable to get OU")
set objLeaf = objContainer.create("User", "cn=" & sUserName)
call displayErrorAndBail(err, TRUE, "Unable to create user")
objLeaf.put "samAccountName", sUserName
call objLeaf.setPassword(sPassword)
objLeaf.AccountDisabled = FALSE
objLeaf.AllowLogon = 1
'Add user to specified group
set objTrans = CreateObject("NameTranslate")
sDNSDomain = objRoot.Get("DefaultNamingContext")
objTrans.Init ADS_NAME_INITTYPE_GC, ""
objTrans.Set ADS_NAME_TYPE_1779, sDNSDomain
sNetBIOSDomain = objTrans.Get(ADS_NAME_TYPE_NT4)
' Remove trailing backslash.
sNetBIOSDomain = Left(sNetBIOSDomain, Len(sNetBIOSDomain) - 1)
objTrans.Set ADS_NAME_TYPE_NT4, sNetBIOSDomain & "\" & sGroup
sGroupPath = objTrans.Get(ADS_NAME_TYPE_1779)
call displayErrorAndBail(err, TRUE, "Unable to find group")
set objGroup = GetObject("LDAP://" & sGroupPath)

'All Done            
wscript.echo "Added Windows User:" & sUserName & " to OU:" & sOU & " group:" & sGroup

'Clean up
set objRoot = Nothing
set objDomain = Nothing
set objOU = Nothing
set objContainer = Nothing
set objGroup = Nothing
set objLeaf = Nothing
set objTrans = Nothing

' Sub to display the usage for the script
sub displayUsage
  WScript.Echo "USAGE: cscipt.exe createUserAccount.vbs DOMAIN_NAME OU GROUP USER_NAME PASSWORD"
  WScript.Echo VbCrLf & "Where: DOMAIN_NAME is the computer domain name"
  WScript.Echo "GROUP is the user group th add this user account to"
  WScript.Echo "OU is the users organizational unit"
  WScript.Echo "USER_NAME is the userId"
  WScript.Echo "PASSWORD valid user password"
end Sub

' Sub to process the command line
sub processCommandLine(args, sDomain, sOU, sGroup, sUserName, sPassword)
   if( args.Count < 4 ) then
      WScript.Echo "ERROR: Wrong number of arguments."
      Call displayUsage ( )
      WScript.Quit 1
      sDomain = args(0)
      sOU = args(1)
      sGroup = args(2)
      sUserName = args(3)
      sPassword = args(4)
   end if
end sub

' Error processing sub.  Takes 3 args,
' 1. is the error object
' 2. is a flag, TRUE means terminate if an error was found,
'    FALSE- Display an error, clear the error object, continue
' 3. A user defined error text to display with the error information
sub displayErrorAndBail( oErr, bFlag, sMsg )
   if( oErr.Number <> 0 ) then
      ' We have an error, display the error text and the error number
      ' along with the error description
      WScript.Echo sMsg
      WScript.Echo "ERROR Number: " & hex( oErr.Number ) & " has occurred. "
      WScript.Echo oErr.Description
      if( bFlag ) then
        WScript.Echo "Terminating script "
        WScript.Quit 1
      end if
    end if
end sub

When running the script as follows I get this error:

cscript.exe createUserAccount.vbs WIN2K goglobal clients jdoe test123test***!

Error MSG:
Unable to get OU
Error 1A8 has occurred
Object required
Terminating script

Thanks for your help,

Question has a verified solution.

Are you are experiencing a similar issue? Get a personalized answer when you ask a related question.

Have a better answer? Share it in a comment.

All Courses

From novice to tech pro — start learning today.