Solved

Add-user script

Posted on 2004-08-27
9
1,219 Views
Last Modified: 2010-08-05
I'm after a script which I can run, and it will prompt me for a username, a first name and a surname. This will then add a user to active directory, and set the profile path to "\\boss\mandatory\", and also set it so the next time that user logs in, they must change their password.

Thanks,

Paul.
0
Comment
Question by:H4Inf
  • 4
  • 3
  • 2
9 Comments
 
LVL 57

Expert Comment

by:Pete Long
ID: 11920789
well everythig exept the drive mapping was provided in my Q here
http://www.experts-exchange.com/Operating_Systems/Win2000/Q_20896223.html

as for the mapped drive, if thay are all being mapped to the same location, then just put a net use command in the logon script to map it
0
 
LVL 57

Expert Comment

by:Pete Long
ID: 11920797
This is the code I used and it works (just enter YOUR domain info)

http:Q_20896223.html#11141720
0
 
LVL 84

Expert Comment

by:oBdA
ID: 11923019
This will ask for the necessary information, then create a user accordingly, including display name, user principal name, profile path, and a default password. Simply adjust the new user's OU settings at the beginning.
Home drive and logon script could be added easily, if necessary.
Note that the script is currently in test mode, it will only display the dsadd command it would otherwise issue.
More information about dsadd and the other command line tools:
The new command-line tools for Active Directory in Windows Server 2003
http://support.microsoft.com/?kbid=298882

====8<----[NewUser.cmd]----
@echo off
setlocal

:: *** Distinguished Name of the OU to add the new user to:
set UsersDN=CN=Users,DC=your,DC=domain,DC=local

:: *** Path to the user's roaming profile:
set ProfilePath=\\boss\mandatory

:: *** Default password for first logon:
set Password=password

:loopNewUser
set /p NewUser=Username:    
if "%NewUser%"=="" goto loopNewUser

:loopFirstName
set /p FirstName=First Name:  
if "%FirstName%"=="" goto loopFirstName

:loopLastName
set /p LastName=Last Name:  
if "%LastName%"=="" goto loopLastName

set UPN=%NewUser%@%UserDNSDomain%
set DisplayName=%LastName%, %FirstName%
set NewUserDN=CN=%NewUser%,%UsersDN%

echo You are about to create a new user with the following properties:
echo.
echo Username:     %NewUser%
echo Display name: %DisplayName%
echo UPN:          %UPN%
echo OU:           %UsersDN%
echo.
echo Hit ^<ctrl-c^> to stop, any other key to create the user.
pause >NUL
echo.

:: *** Test mode: Remove the "ECHO" in front of the following line to run the script for real; the following needs to be one single line:
ECHO dsadd user "%NewUserDN%" -samid %NewUser% -upn %UPN% -fn "%FirstName%" -ln "%LastName%" -display "%DisplayName%" -pwd "%Password%" -desc "%DisplayName%" -profile "%ProfilePath%" -mustchpwd yes -disabled no
====8<----[NewUser.cmd]----
0
Ransomware: The New Cyber Threat & How to Stop It

This infographic explains ransomware, type of malware that blocks access to your files or your systems and holds them hostage until a ransom is paid. It also examines the different types of ransomware and explains what you can do to thwart this sinister online threat.  

 

Author Comment

by:H4Inf
ID: 11927713
That's excellent oBdA!!

One more thing - is it possible to also join a user to a group in this script.... then create them a folder in d:\groupname\username and give them permission to read and write to it?

Thanks so much!!

Paul.
0
 
LVL 84

Expert Comment

by:oBdA
ID: 11929710
That is possible. Is that always the same group, or should the group name be asked for as well?
0
 

Author Comment

by:H4Inf
ID: 11929759
The group name should be asked for as well! Thanks so much!!
0
 
LVL 84

Accepted Solution

by:
oBdA earned 500 total points
ID: 11932162
That should do it; I just can't test it at the moment. Note that you have to specify the server on which the folder is to be created (so that you can run the script from any machine, not only from the server itself).

====8<----[NewUser.cmd]----
@echo off
setlocal

:: *** Distinguished Name of the OU to add the new user to:
set UsersDN=CN=Users,DC=your,DC=domain,DC=local

:: *** Path to the user's roaming profile:
set ProfilePath=\\boss\mandatory

:: *** Default password for first logon:
set Password=password

:: *** Name of the home server:
set HomeServer=SomeServer

:loopNewUser
set /p NewUser=Username:    
if "%NewUser%"=="" goto loopNewUser

:loopFirstName
set /p FirstName=First Name:  
if "%FirstName%"=="" goto loopFirstName

:loopLastName
set /p LastName=Last Name:  
if "%LastName%"=="" goto loopLastName

:loopJoinGroup
set /p JoinGroup=Join Group:  
if "%JoinGroup%"=="" goto loopJoinGroup

set UPN=%NewUser%@%UserDNSDomain%
set DisplayName=%LastName%, %FirstName%
set NewUserDN=CN=%NewUser%,%UsersDN%

echo You are about to create a new user with the following properties:
echo.
echo Username:     %NewUser%
echo Display name: %DisplayName%
echo UPN:          %UPN%
echo OU:           %UsersDN%
echo Join Group:   %JoinGroup%
echo.
echo Hit ^<ctrl-c^> to stop, any other key to create the user.
pause >NUL
echo.

set NewFolder=\\%HomeServer%\D$\%JoinGroup%\%NewUser%
for /f "delims=" %%a in ('dsquery.exe group domainroot -name "%JoinGroup%"') do set GroupDN=%%a
:: *** Test mode: Remove the "ECHO" in front of the following line(s) to run the script for real; the following needs to be one single line:
ECHO dsadd user "%NewUserDN%" -samid %NewUser% -upn %UPN% -fn "%FirstName%" -ln "%LastName%" -display "%DisplayName%" -pwd "%Password%" -desc "%DisplayName%" -memberof "%GroupDN%" -profile "%ProfilePath%" -mustchpwd yes -disabled no
ECHO if not exist "%NewFolder%" md "%NewFolder%"
ECHO cacls "%NewFolder%" /t /e /g %UserDomain%\%NewUser%:C
====8<----[NewUser.cmd]----
0
 

Author Comment

by:H4Inf
ID: 11948235
Perfect! Completely perfect! Thanks so much =)

Paul.
0
 

Author Comment

by:H4Inf
ID: 13300853
0

Featured Post

Technology Partners: We Want Your Opinion!

We value your feedback.

Take our survey and automatically be enter to win anyone of the following:
Yeti Cooler, Amazon eGift Card, and Movie eGift Card!

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

This may not be a text book method to resolve VSS backup issues but it seemed to have worked on few of the Windows 2003 servers we had issues while performing a Volume Shadow Copy backup. If you have issues while performing a shadow copy backup usin…
Restoring deleted objects in Active Directory has been a standard feature in Active Directory for many years, yet some admins may not know what is available.
Exchange organizations may use the Journaling Agent of the Transport Service to archive messages going through Exchange. However, if the Transport Service is integrated with some email content management application (such as an antispam), the admini…

696 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question