• Status: Solved
  • Priority: Medium
  • Security: Public
  • Views: 1244
  • Last Modified:

Add-user script

I'm after a script which I can run, and it will prompt me for a username, a first name and a surname. This will then add a user to active directory, and set the profile path to "\\boss\mandatory\", and also set it so the next time that user logs in, they must change their password.

Thanks,

Paul.
0
H4Inf
Asked:
H4Inf
  • 4
  • 3
  • 2
1 Solution
 
Pete LongTechnical ConsultantCommented:
well everythig exept the drive mapping was provided in my Q here
http://www.experts-exchange.com/Operating_Systems/Win2000/Q_20896223.html

as for the mapped drive, if thay are all being mapped to the same location, then just put a net use command in the logon script to map it
0
 
Pete LongTechnical ConsultantCommented:
This is the code I used and it works (just enter YOUR domain info)

http:Q_20896223.html#11141720
0
 
oBdACommented:
This will ask for the necessary information, then create a user accordingly, including display name, user principal name, profile path, and a default password. Simply adjust the new user's OU settings at the beginning.
Home drive and logon script could be added easily, if necessary.
Note that the script is currently in test mode, it will only display the dsadd command it would otherwise issue.
More information about dsadd and the other command line tools:
The new command-line tools for Active Directory in Windows Server 2003
http://support.microsoft.com/?kbid=298882

====8<----[NewUser.cmd]----
@echo off
setlocal

:: *** Distinguished Name of the OU to add the new user to:
set UsersDN=CN=Users,DC=your,DC=domain,DC=local

:: *** Path to the user's roaming profile:
set ProfilePath=\\boss\mandatory

:: *** Default password for first logon:
set Password=password

:loopNewUser
set /p NewUser=Username:    
if "%NewUser%"=="" goto loopNewUser

:loopFirstName
set /p FirstName=First Name:  
if "%FirstName%"=="" goto loopFirstName

:loopLastName
set /p LastName=Last Name:  
if "%LastName%"=="" goto loopLastName

set UPN=%NewUser%@%UserDNSDomain%
set DisplayName=%LastName%, %FirstName%
set NewUserDN=CN=%NewUser%,%UsersDN%

echo You are about to create a new user with the following properties:
echo.
echo Username:     %NewUser%
echo Display name: %DisplayName%
echo UPN:          %UPN%
echo OU:           %UsersDN%
echo.
echo Hit ^<ctrl-c^> to stop, any other key to create the user.
pause >NUL
echo.

:: *** Test mode: Remove the "ECHO" in front of the following line to run the script for real; the following needs to be one single line:
ECHO dsadd user "%NewUserDN%" -samid %NewUser% -upn %UPN% -fn "%FirstName%" -ln "%LastName%" -display "%DisplayName%" -pwd "%Password%" -desc "%DisplayName%" -profile "%ProfilePath%" -mustchpwd yes -disabled no
====8<----[NewUser.cmd]----
0
Cloud Class® Course: Certified Penetration Testing

This CPTE Certified Penetration Testing Engineer course covers everything you need to know about becoming a Certified Penetration Testing Engineer. Career Path: Professional roles include Ethical Hackers, Security Consultants, System Administrators, and Chief Security Officers.

 
H4InfAuthor Commented:
That's excellent oBdA!!

One more thing - is it possible to also join a user to a group in this script.... then create them a folder in d:\groupname\username and give them permission to read and write to it?

Thanks so much!!

Paul.
0
 
oBdACommented:
That is possible. Is that always the same group, or should the group name be asked for as well?
0
 
H4InfAuthor Commented:
The group name should be asked for as well! Thanks so much!!
0
 
oBdACommented:
That should do it; I just can't test it at the moment. Note that you have to specify the server on which the folder is to be created (so that you can run the script from any machine, not only from the server itself).

====8<----[NewUser.cmd]----
@echo off
setlocal

:: *** Distinguished Name of the OU to add the new user to:
set UsersDN=CN=Users,DC=your,DC=domain,DC=local

:: *** Path to the user's roaming profile:
set ProfilePath=\\boss\mandatory

:: *** Default password for first logon:
set Password=password

:: *** Name of the home server:
set HomeServer=SomeServer

:loopNewUser
set /p NewUser=Username:    
if "%NewUser%"=="" goto loopNewUser

:loopFirstName
set /p FirstName=First Name:  
if "%FirstName%"=="" goto loopFirstName

:loopLastName
set /p LastName=Last Name:  
if "%LastName%"=="" goto loopLastName

:loopJoinGroup
set /p JoinGroup=Join Group:  
if "%JoinGroup%"=="" goto loopJoinGroup

set UPN=%NewUser%@%UserDNSDomain%
set DisplayName=%LastName%, %FirstName%
set NewUserDN=CN=%NewUser%,%UsersDN%

echo You are about to create a new user with the following properties:
echo.
echo Username:     %NewUser%
echo Display name: %DisplayName%
echo UPN:          %UPN%
echo OU:           %UsersDN%
echo Join Group:   %JoinGroup%
echo.
echo Hit ^<ctrl-c^> to stop, any other key to create the user.
pause >NUL
echo.

set NewFolder=\\%HomeServer%\D$\%JoinGroup%\%NewUser%
for /f "delims=" %%a in ('dsquery.exe group domainroot -name "%JoinGroup%"') do set GroupDN=%%a
:: *** Test mode: Remove the "ECHO" in front of the following line(s) to run the script for real; the following needs to be one single line:
ECHO dsadd user "%NewUserDN%" -samid %NewUser% -upn %UPN% -fn "%FirstName%" -ln "%LastName%" -display "%DisplayName%" -pwd "%Password%" -desc "%DisplayName%" -memberof "%GroupDN%" -profile "%ProfilePath%" -mustchpwd yes -disabled no
ECHO if not exist "%NewFolder%" md "%NewFolder%"
ECHO cacls "%NewFolder%" /t /e /g %UserDomain%\%NewUser%:C
====8<----[NewUser.cmd]----
0
 
H4InfAuthor Commented:
Perfect! Completely perfect! Thanks so much =)

Paul.
0
 
H4InfAuthor Commented:
0
Question has a verified solution.

Are you are experiencing a similar issue? Get a personalized answer when you ask a related question.

Have a better answer? Share it in a comment.

Join & Write a Comment

Featured Post

Cloud Class® Course: CompTIA Cloud+

The CompTIA Cloud+ Basic training course will teach you about cloud concepts and models, data storage, networking, and network infrastructure.

  • 4
  • 3
  • 2
Tackle projects and never again get stuck behind a technical roadblock.
Join Now