We help IT Professionals succeed at work.

We've partnered with Certified Experts, Carl Webster and Richard Faulkner, to bring you a podcast all about Citrix Workspace, moving to the cloud, and analytics & intelligence. Episode 2 coming soon!Listen Now

x

a script to copy user logon name pre-windows 2000 to user logn name

lrpage
lrpage asked
on
Medium Priority
830 Views
Last Modified: 2012-06-22
Windows 2000 domain

I am working in a school.  Each year as the students enter 5th grade they get a logon  In the past I have created these accounts with the adduser tool and a spreadsheet.  Works rather well, except in AD in the user properties under account it puts the user name in user logon name pre-windows 2000.  This works fine.  But I have found a few things like quotas work better if also the user logon name field is filled in.  Of course they say the same thing.  In the past I have cut and paste each user, very tedious and time consuming.  Can anyone write a script to speed this up?
Comment
Watch Question

CERTIFIED EXPERT
Top Expert 2007

Commented:
try

Import users into AD

http://support.microsoft.com/kb/327620/en-us

How to use Csvde to import contacts and user objects into Active Directory
View products that this article applies to.
Article ID     :     327620
Last Review     :     September 19, 2005
Revision     :     8.4
This article was previously published under Q327620
On This Page
SUMMARYSUMMARY
Windows 2000 contact with no e-mail addressWindows 2000 contact with no e-mail address
Windows 2000 user, no mailbox or e-mail addressWindows 2000 user, no mailbox or e-mail address
TroubleshootingTroubleshooting
 
SUMMARY
This step-by-step article describes how to use the Csvde.exe utility to create contacts and user accounts in Active Directory. You may have to use this method in some scenarios, for example, when administrators want to export custom recipients from Microsoft Exchange Server 5.5 and import them into Active Directory as Microsoft Windows contacts.

Csvde.exe is a Microsoft Windows 2000 command-line utility that is located in the SystemRoot\System32 folder after you install Windows 2000. Csvde.exe is similar to Ldifde.exe, but it extracts information in a comma-separated value (CSV) format. You can use Csvde to import and export Active Directory data that uses the comma-separated value format. Use a spreadsheet program such as Microsoft Excel to open this .csv file and view the header and value information. See Microsoft Excel Help for information about functions such as Concatenate that can simplify the process of building a .csv file.
--------------------------------
Tools Available in Windows 2000 Support Tools

---------

I hope this helps !

Author

Commented:
Thank you.  That may be a better way to create the new users.  I will have to try that next time.  But right now I have 200 users that I need to add the logon name to.  I need a script or a tool that will help me clean up the current users.
CERTIFIED EXPERT
Top Expert 2007

Commented:
I am not positive, but the same tool may be able to export and then import the  extra field changes.

Chris DentPowerShell Developer
CERTIFIED EXPERT
Top Expert 2010

Commented:

Should be pretty easy really. This is all in VbScript and will need saving as .vbs.

It will need running as an Administrator and at the moment it won't make any changes, just write a report of what it would have changed. The value you're looking into is called the User Principal Name which is what the script refers to.

Once you're happy with it you can change this line:

Const REPORT_ONLY = True

To:

Const REPORT_ONLY = False

And it'll make the changes.

Please let me know if you have any problems.

Chris



Option Explicit

Const REPORT_ONLY = True

Const ADS_SCOPE_SUBTREE = 2

Dim objConnection, objCommand, objRecordSet, objRootDSE, objFileSystem, objFile, objUser
Dim strDomain, strUPN
Dim arrTemp

Set objConnection = CreateObject("ADODB.Connection")
objConnection.Provider = "ADsDSOObject"
objConnection.Open "Active Directory Provider"

Set objCommand = CreateObject("ADODB.Command")
objCommand.ActiveConnection = objConnection

Set objRootDSE = GetObject("LDAP://RootDSE")
objCommand.CommandText = "SELECT aDSPath, sAMAccountName, userPrincipalName FROM " &_
      "'LDAP://" & objRootDSE.Get("defaultNamingContext") & "' WHERE objectClass='user'"

strDomain = Replace(objRootDSE.Get("defaultNamingContext"), ",DC=", ".")
strDomain = Replace(strDomain, "DC=", "")

Set objRootDSE = Nothing

objCommand.Properties("Page Size") = 1000
objCommand.Properties("Timeout") = 600
objCommand.Properties("Searchscope") = ADS_SCOPE_SUBTREE
objCommand.Properties("Cache Results") = False

Set objRecordSet = objCommand.Execute

Set objFileSystem = CreateObject("Scripting.FileSystemObject")
Set objFile = objFileSystem.CreateTextFile("UPNChange.txt")
objFile.WriteLine "User Path" & VbTab & "Old UPN" & VbTab & "New UPN"

While Not objRecordSet.EOF
      If Not IsNull(objRecordSet.Fields("userPrincipalName")) Then
            strUPN = objRecordSet.Fields("userPrincipalName")
            arrTemp = Split(strUPN, "@")
            If arrTemp(0) <> objRecordSet.Fields("sAMAccountName") Then
                  strUPN = objRecordSet.Fields("sAMAccountName") & "@" & arrTemp(1)
            End If
      Else
            strUPN = objRecordSet.Fields("sAMAccountName") & "@" & strDomain
      End If

      If strUPN <> objRecordSet.Fields("userPrincipalName") Then
            Set objUser = GetObject(objRecordSet.Fields("aDSPath"))
            
            objFile.WriteLine objRecordSet.Fields("aDSPath") & VbTab &_
                  objRecordSet.Fields("userPrincipalName") & VbTab & strUPN
                  
            If REPORT_ONLY = False Then
                  objUser.Put "userPrincipalName", strUPN
                  objUser.SetInfo
            End If
      End If
      objRecordSet.MoveNext
Wend
objConnection.Close

Set objFile = Nothing
Set objFileSystem = Nothing

Set objRecordSet = Nothing
Set objCommand = Nothing
Set objConnection = Nothing

Author

Commented:
I realize it will create a file that logs the changes it would have made.

The txt doc it creates only have about 100 items and most of those are computer objects in my AD, only about 10 are user items in my AD
Chris DentPowerShell Developer
CERTIFIED EXPERT
Top Expert 2010

Commented:

An irritation of AD... Computer Objects sometimes get the objectClass user. Anyway, this is a more reliable way of getting user accounts only.

It isn't ordinarily necessary to increase the Size Limit for the search. However if it still doesn't return everything you're looking for then you could add in this line:

objCommand.Properties("Size Limit") = 100000

In the same place as the rest of the objCommand.Properties statements.

Otherwise, here is a modification that may get rid of the computer accounts from the search results:


Option Explicit

Const REPORT_ONLY = True

Const ADS_SCOPE_SUBTREE = 2

Dim objConnection, objCommand, objRecordSet, objRootDSE, objFileSystem, objFile, objUser
Dim strDomain, strUPN
Dim arrTemp

Set objConnection = CreateObject("ADODB.Connection")
objConnection.Provider = "ADsDSOObject"
objConnection.Open "Active Directory Provider"

Set objCommand = CreateObject("ADODB.Command")
objCommand.ActiveConnection = objConnection

Set objRootDSE = GetObject("LDAP://RootDSE")

objCommand.CommandText = "SELECT aDSPath, sAMAccountName, userPrincipalName " &_
      "FROM 'LDAP://" & objRootDSE.Get("defaultNamingContext") & "' WHERE " &_
      "objectCategory='CN=Person,CN=Schema," & objRootDSE.Get("configurationNamingContext") & "'"

strDomain = Replace(objRootDSE.Get("defaultNamingContext"), ",DC=", ".")
strDomain = Replace(strDomain, "DC=", "")

Set objRootDSE = Nothing

objCommand.Properties("Page Size") = 1000
objCommand.Properties("Timeout") = 600
objCommand.Properties("Searchscope") = ADS_SCOPE_SUBTREE
objCommand.Properties("Cache Results") = False

Set objRecordSet = objCommand.Execute

Set objFileSystem = CreateObject("Scripting.FileSystemObject")
Set objFile = objFileSystem.CreateTextFile("UPNChange.txt")
objFile.WriteLine "User Path" & VbTab & "Old UPN" & VbTab & "New UPN"

While Not objRecordSet.EOF
      If Not IsNull(objRecordSet.Fields("userPrincipalName")) Then
            strUPN = objRecordSet.Fields("userPrincipalName")
            arrTemp = Split(strUPN, "@")
            If arrTemp(0) <> objRecordSet.Fields("sAMAccountName") Then
                  strUPN = objRecordSet.Fields("sAMAccountName") & "@" & arrTemp(1)
            End If
      Else
            strUPN = objRecordSet.Fields("sAMAccountName") & "@" & strDomain
      End If

      If strUPN <> objRecordSet.Fields("userPrincipalName") Then
            Set objUser = GetObject(objRecordSet.Fields("aDSPath"))
            
            objFile.WriteLine objRecordSet.Fields("aDSPath") & VbTab &_
                  objRecordSet.Fields("userPrincipalName") & VbTab & strUPN
                  
            If REPORT_ONLY = False Then
                  objUser.Put "userPrincipalName", strUPN
                  objUser.SetInfo
            End If
      End If
      objRecordSet.MoveNext
Wend
objConnection.Close

Set objFile = Nothing
Set objFileSystem = Nothing

Set objRecordSet = Nothing
Set objCommand = Nothing
Set objConnection = Nothing

Author

Commented:
ok now it does not see the computer objects, but still only reports on 9 users
Chris DentPowerShell Developer
CERTIFIED EXPERT
Top Expert 2010

Commented:

Okay, I'm guessing it has problems with one of the lines. Could you try this:


Option Explicit

Const REPORT_ONLY = True

Const ADS_SCOPE_SUBTREE = 2

Dim objConnection, objCommand, objRecordSet, objRootDSE, objFileSystem, objFile, objUser
Dim strDomain, strUPN, strOldUPN
Dim arrTemp

Set objConnection = CreateObject("ADODB.Connection")
objConnection.Provider = "ADsDSOObject"
objConnection.Open "Active Directory Provider"

Set objCommand = CreateObject("ADODB.Command")
objCommand.ActiveConnection = objConnection

Set objRootDSE = GetObject("LDAP://RootDSE")

objCommand.CommandText = "SELECT aDSPath, sAMAccountName, userPrincipalName " &_
     "FROM 'LDAP://" & objRootDSE.Get("defaultNamingContext") & "' WHERE " &_
     "objectCategory='CN=Person,CN=Schema," & objRootDSE.Get("configurationNamingContext") & "'"

strDomain = Replace(objRootDSE.Get("defaultNamingContext"), ",DC=", ".")
strDomain = Replace(strDomain, "DC=", "")

Set objRootDSE = Nothing

objCommand.Properties("Page Size") = 1000
objCommand.Properties("Timeout") = 600
objCommand.Properties("Searchscope") = ADS_SCOPE_SUBTREE
objCommand.Properties("Cache Results") = False

Set objRecordSet = objCommand.Execute

Set objFileSystem = CreateObject("Scripting.FileSystemObject")
Set objFile = objFileSystem.CreateTextFile("UPNChange.txt")
objFile.WriteLine "User Path" & VbTab & "Old UPN" & VbTab & "New UPN"

While Not objRecordSet.EOF
     If Not IsNull(objRecordSet.Fields("userPrincipalName")) Then
          strUPN = objRecordSet.Fields("userPrincipalName")
          arrTemp = Split(strUPN, "@")
          If arrTemp(0) <> objRecordSet.Fields("sAMAccountName") Then
               strUPN = objRecordSet.Fields("sAMAccountName") & "@" & arrTemp(1)
          End If
     Else
          strUPN = objRecordSet.Fields("sAMAccountName") & "@" & strDomain
     End If

     Set objUser = GetObject(objRecordSet.Fields("aDSPath"))
     On Error Resume Next
     strOldUPN = "" : strOldUPN = objRecordSet.Fields("userPrincipalName")
     On Error Goto 0

     objFile.WriteLine objRecordSet.Fields("aDSPath") & VbTab &_
          strOldUPN & VbTab & strUPN
               
     If REPORT_ONLY = False And strUPN <> strOldUPN Then
          objUser.Put "userPrincipalName", strUPN
          objUser.SetInfo
     End If
     objRecordSet.MoveNext
Wend
objConnection.Close

Set objFile = Nothing
Set objFileSystem = Nothing

Set objRecordSet = Nothing
Set objCommand = Nothing
Set objConnection = Nothing

Author

Commented:
ahhh the test txt file came out good.
Now the question is... do I trust it in my production enviroment.  How can I test it on a small number of users?
PowerShell Developer
CERTIFIED EXPERT
Top Expert 2010
Commented:

You can't really test it on a small number as it is at the moment. Certainly run it in debug mode first (of course).

It would be possible to add another statement in so it only picks up your test user. For example, if you have a user with the username TestUser then you could use the script below, which will look for the TestUser and make the change if it bumps into it (regardless of whether it's running in Test Mode or not).

Good enough for a quick test?

Chris


Option Explicit

Const TEST_USER = "TestUser"
Const REPORT_ONLY = True

Const ADS_SCOPE_SUBTREE = 2

Dim objConnection, objCommand, objRecordSet, objRootDSE, objFileSystem, objFile, objUser
Dim strDomain, strUPN, strOldUPN
Dim arrTemp

Set objConnection = CreateObject("ADODB.Connection")
objConnection.Provider = "ADsDSOObject"
objConnection.Open "Active Directory Provider"

Set objCommand = CreateObject("ADODB.Command")
objCommand.ActiveConnection = objConnection

Set objRootDSE = GetObject("LDAP://RootDSE")

objCommand.CommandText = "SELECT aDSPath, sAMAccountName, userPrincipalName " &_
     "FROM 'LDAP://" & objRootDSE.Get("defaultNamingContext") & "' WHERE " &_
     "objectCategory='CN=Person,CN=Schema," & objRootDSE.Get("configurationNamingContext") & "'"

strDomain = Replace(objRootDSE.Get("defaultNamingContext"), ",DC=", ".")
strDomain = Replace(strDomain, "DC=", "")

Set objRootDSE = Nothing

objCommand.Properties("Page Size") = 1000
objCommand.Properties("Timeout") = 600
objCommand.Properties("Searchscope") = ADS_SCOPE_SUBTREE
objCommand.Properties("Cache Results") = False

Set objRecordSet = objCommand.Execute

Set objFileSystem = CreateObject("Scripting.FileSystemObject")
Set objFile = objFileSystem.CreateTextFile("UPNChange.txt")
objFile.WriteLine "User Path" & VbTab & "Old UPN" & VbTab & "New UPN"

While Not objRecordSet.EOF
     If Not IsNull(objRecordSet.Fields("userPrincipalName")) Then
          strUPN = objRecordSet.Fields("userPrincipalName")
          arrTemp = Split(strUPN, "@")
          If arrTemp(0) <> objRecordSet.Fields("sAMAccountName") Then
               strUPN = objRecordSet.Fields("sAMAccountName") & "@" & arrTemp(1)
          End If
     Else
          strUPN = objRecordSet.Fields("sAMAccountName") & "@" & strDomain
     End If

     Set objUser = GetObject(objRecordSet.Fields("aDSPath"))
     On Error Resume Next
     strOldUPN = "" : strOldUPN = objRecordSet.Fields("userPrincipalName")
     On Error Goto 0

     objFile.WriteLine objRecordSet.Fields("aDSPath") & VbTab &_
          strOldUPN & VbTab & strUPN
               
     If REPORT_ONLY = False And strUPN <> strOldUPN Then
          objUser.Put "userPrincipalName", strUPN
          objUser.SetInfo
     End If

     If objUser.Get("sAMAccountName") = TEST_USER Then
          objUser.Put "userPrincipalName", strUPN
          objUser.SetInfo
     End If

     objRecordSet.MoveNext
Wend
objConnection.Close

Set objFile = Nothing
Set objFileSystem = Nothing

Set objRecordSet = Nothing
Set objCommand = Nothing
Set objConnection = Nothing

Not the solution you were looking for? Getting a personalized solution is easy.

Ask the Experts

Author

Commented:
ok i finally had time to try this.  I changed Const REPORT_ONLY = False and then ran it.  It still created the log file.  But when i look in AD there are no changes.  I also get no errors

Access more of Experts Exchange with a free account
Thanks for using Experts Exchange.

Create a free account to continue.

Limited access with a free account allows you to:

  • View three pieces of content (articles, solutions, posts, and videos)
  • Ask the experts questions (counted toward content limit)
  • Customize your dashboard and profile

*This site is protected by reCAPTCHA and the Google Privacy Policy and Terms of Service apply.

OR

Please enter a first name

Please enter a last name

8+ characters (letters, numbers, and a symbol)

By clicking, you agree to the Terms of Use and Privacy Policy.