Solved

Add-user script

Posted on 2004-08-27
9
1,217 Views
Last Modified: 2010-08-05
I'm after a script which I can run, and it will prompt me for a username, a first name and a surname. This will then add a user to active directory, and set the profile path to "\\boss\mandatory\", and also set it so the next time that user logs in, they must change their password.

Thanks,

Paul.
0
Comment
Question by:H4Inf
  • 4
  • 3
  • 2
9 Comments
 
LVL 57

Expert Comment

by:Pete Long
ID: 11920789
well everythig exept the drive mapping was provided in my Q here
http://www.experts-exchange.com/Operating_Systems/Win2000/Q_20896223.html

as for the mapped drive, if thay are all being mapped to the same location, then just put a net use command in the logon script to map it
0
 
LVL 57

Expert Comment

by:Pete Long
ID: 11920797
This is the code I used and it works (just enter YOUR domain info)

http:Q_20896223.html#11141720
0
 
LVL 84

Expert Comment

by:oBdA
ID: 11923019
This will ask for the necessary information, then create a user accordingly, including display name, user principal name, profile path, and a default password. Simply adjust the new user's OU settings at the beginning.
Home drive and logon script could be added easily, if necessary.
Note that the script is currently in test mode, it will only display the dsadd command it would otherwise issue.
More information about dsadd and the other command line tools:
The new command-line tools for Active Directory in Windows Server 2003
http://support.microsoft.com/?kbid=298882

====8<----[NewUser.cmd]----
@echo off
setlocal

:: *** Distinguished Name of the OU to add the new user to:
set UsersDN=CN=Users,DC=your,DC=domain,DC=local

:: *** Path to the user's roaming profile:
set ProfilePath=\\boss\mandatory

:: *** Default password for first logon:
set Password=password

:loopNewUser
set /p NewUser=Username:    
if "%NewUser%"=="" goto loopNewUser

:loopFirstName
set /p FirstName=First Name:  
if "%FirstName%"=="" goto loopFirstName

:loopLastName
set /p LastName=Last Name:  
if "%LastName%"=="" goto loopLastName

set UPN=%NewUser%@%UserDNSDomain%
set DisplayName=%LastName%, %FirstName%
set NewUserDN=CN=%NewUser%,%UsersDN%

echo You are about to create a new user with the following properties:
echo.
echo Username:     %NewUser%
echo Display name: %DisplayName%
echo UPN:          %UPN%
echo OU:           %UsersDN%
echo.
echo Hit ^<ctrl-c^> to stop, any other key to create the user.
pause >NUL
echo.

:: *** Test mode: Remove the "ECHO" in front of the following line to run the script for real; the following needs to be one single line:
ECHO dsadd user "%NewUserDN%" -samid %NewUser% -upn %UPN% -fn "%FirstName%" -ln "%LastName%" -display "%DisplayName%" -pwd "%Password%" -desc "%DisplayName%" -profile "%ProfilePath%" -mustchpwd yes -disabled no
====8<----[NewUser.cmd]----
0
Netscaler Common Configuration How To guides

If you use NetScaler you will want to see these guides. The NetScaler How To Guides show administrators how to get NetScaler up and configured by providing instructions for common scenarios and some not so common ones.

 

Author Comment

by:H4Inf
ID: 11927713
That's excellent oBdA!!

One more thing - is it possible to also join a user to a group in this script.... then create them a folder in d:\groupname\username and give them permission to read and write to it?

Thanks so much!!

Paul.
0
 
LVL 84

Expert Comment

by:oBdA
ID: 11929710
That is possible. Is that always the same group, or should the group name be asked for as well?
0
 

Author Comment

by:H4Inf
ID: 11929759
The group name should be asked for as well! Thanks so much!!
0
 
LVL 84

Accepted Solution

by:
oBdA earned 500 total points
ID: 11932162
That should do it; I just can't test it at the moment. Note that you have to specify the server on which the folder is to be created (so that you can run the script from any machine, not only from the server itself).

====8<----[NewUser.cmd]----
@echo off
setlocal

:: *** Distinguished Name of the OU to add the new user to:
set UsersDN=CN=Users,DC=your,DC=domain,DC=local

:: *** Path to the user's roaming profile:
set ProfilePath=\\boss\mandatory

:: *** Default password for first logon:
set Password=password

:: *** Name of the home server:
set HomeServer=SomeServer

:loopNewUser
set /p NewUser=Username:    
if "%NewUser%"=="" goto loopNewUser

:loopFirstName
set /p FirstName=First Name:  
if "%FirstName%"=="" goto loopFirstName

:loopLastName
set /p LastName=Last Name:  
if "%LastName%"=="" goto loopLastName

:loopJoinGroup
set /p JoinGroup=Join Group:  
if "%JoinGroup%"=="" goto loopJoinGroup

set UPN=%NewUser%@%UserDNSDomain%
set DisplayName=%LastName%, %FirstName%
set NewUserDN=CN=%NewUser%,%UsersDN%

echo You are about to create a new user with the following properties:
echo.
echo Username:     %NewUser%
echo Display name: %DisplayName%
echo UPN:          %UPN%
echo OU:           %UsersDN%
echo Join Group:   %JoinGroup%
echo.
echo Hit ^<ctrl-c^> to stop, any other key to create the user.
pause >NUL
echo.

set NewFolder=\\%HomeServer%\D$\%JoinGroup%\%NewUser%
for /f "delims=" %%a in ('dsquery.exe group domainroot -name "%JoinGroup%"') do set GroupDN=%%a
:: *** Test mode: Remove the "ECHO" in front of the following line(s) to run the script for real; the following needs to be one single line:
ECHO dsadd user "%NewUserDN%" -samid %NewUser% -upn %UPN% -fn "%FirstName%" -ln "%LastName%" -display "%DisplayName%" -pwd "%Password%" -desc "%DisplayName%" -memberof "%GroupDN%" -profile "%ProfilePath%" -mustchpwd yes -disabled no
ECHO if not exist "%NewFolder%" md "%NewFolder%"
ECHO cacls "%NewFolder%" /t /e /g %UserDomain%\%NewUser%:C
====8<----[NewUser.cmd]----
0
 

Author Comment

by:H4Inf
ID: 11948235
Perfect! Completely perfect! Thanks so much =)

Paul.
0
 

Author Comment

by:H4Inf
ID: 13300853
0

Featured Post

Netscaler Common Configuration How To guides

If you use NetScaler you will want to see these guides. The NetScaler How To Guides show administrators how to get NetScaler up and configured by providing instructions for common scenarios and some not so common ones.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

by Batuhan Cetin In this article I will be guiding through the process of removing a failed DC metadata from Active Directory (hereafter, AD) using the ntdsutil tool in a Windows Server 2003 environment. These steps are not necessary in a Win…
On July 14th 2015, Windows Server 2003 will become End of Support, leaving hundreds of thousands of servers around the world that still run this 12 year old operating system vulnerable and potentially out of compliance in many organisations around t…
With Secure Portal Encryption, the recipient is sent a link to their email address directing them to the email laundry delivery page. From there, the recipient will be required to enter a user name and password to enter the page. Once the recipient …

840 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question