Solved

a script to copy user logon name pre-windows 2000 to user logn name

Posted on 2006-11-06
11
706 Views
Last Modified: 2012-06-22
Windows 2000 domain

I am working in a school.  Each year as the students enter 5th grade they get a logon  In the past I have created these accounts with the adduser tool and a spreadsheet.  Works rather well, except in AD in the user properties under account it puts the user name in user logon name pre-windows 2000.  This works fine.  But I have found a few things like quotas work better if also the user logon name field is filled in.  Of course they say the same thing.  In the past I have cut and paste each user, very tedious and time consuming.  Can anyone write a script to speed this up?
0
Comment
Question by:lrpage
  • 5
  • 4
  • 2
11 Comments
 
LVL 63

Expert Comment

by:SysExpert
ID: 17884692
try

Import users into AD

http://support.microsoft.com/kb/327620/en-us

How to use Csvde to import contacts and user objects into Active Directory
View products that this article applies to.
Article ID     :     327620
Last Review     :     September 19, 2005
Revision     :     8.4
This article was previously published under Q327620
On This Page
SUMMARYSUMMARY
Windows 2000 contact with no e-mail addressWindows 2000 contact with no e-mail address
Windows 2000 user, no mailbox or e-mail addressWindows 2000 user, no mailbox or e-mail address
TroubleshootingTroubleshooting
 
SUMMARY
This step-by-step article describes how to use the Csvde.exe utility to create contacts and user accounts in Active Directory. You may have to use this method in some scenarios, for example, when administrators want to export custom recipients from Microsoft Exchange Server 5.5 and import them into Active Directory as Microsoft Windows contacts.

Csvde.exe is a Microsoft Windows 2000 command-line utility that is located in the SystemRoot\System32 folder after you install Windows 2000. Csvde.exe is similar to Ldifde.exe, but it extracts information in a comma-separated value (CSV) format. You can use Csvde to import and export Active Directory data that uses the comma-separated value format. Use a spreadsheet program such as Microsoft Excel to open this .csv file and view the header and value information. See Microsoft Excel Help for information about functions such as Concatenate that can simplify the process of building a .csv file.
--------------------------------
Tools Available in Windows 2000 Support Tools

---------

I hope this helps !
0
 
LVL 3

Author Comment

by:lrpage
ID: 17886139
Thank you.  That may be a better way to create the new users.  I will have to try that next time.  But right now I have 200 users that I need to add the logon name to.  I need a script or a tool that will help me clean up the current users.
0
 
LVL 63

Expert Comment

by:SysExpert
ID: 17886673
I am not positive, but the same tool may be able to export and then import the  extra field changes.

0
 
LVL 70

Expert Comment

by:Chris Dent
ID: 17888412

Should be pretty easy really. This is all in VbScript and will need saving as .vbs.

It will need running as an Administrator and at the moment it won't make any changes, just write a report of what it would have changed. The value you're looking into is called the User Principal Name which is what the script refers to.

Once you're happy with it you can change this line:

Const REPORT_ONLY = True

To:

Const REPORT_ONLY = False

And it'll make the changes.

Please let me know if you have any problems.

Chris



Option Explicit

Const REPORT_ONLY = True

Const ADS_SCOPE_SUBTREE = 2

Dim objConnection, objCommand, objRecordSet, objRootDSE, objFileSystem, objFile, objUser
Dim strDomain, strUPN
Dim arrTemp

Set objConnection = CreateObject("ADODB.Connection")
objConnection.Provider = "ADsDSOObject"
objConnection.Open "Active Directory Provider"

Set objCommand = CreateObject("ADODB.Command")
objCommand.ActiveConnection = objConnection

Set objRootDSE = GetObject("LDAP://RootDSE")
objCommand.CommandText = "SELECT aDSPath, sAMAccountName, userPrincipalName FROM " &_
      "'LDAP://" & objRootDSE.Get("defaultNamingContext") & "' WHERE objectClass='user'"

strDomain = Replace(objRootDSE.Get("defaultNamingContext"), ",DC=", ".")
strDomain = Replace(strDomain, "DC=", "")

Set objRootDSE = Nothing

objCommand.Properties("Page Size") = 1000
objCommand.Properties("Timeout") = 600
objCommand.Properties("Searchscope") = ADS_SCOPE_SUBTREE
objCommand.Properties("Cache Results") = False

Set objRecordSet = objCommand.Execute

Set objFileSystem = CreateObject("Scripting.FileSystemObject")
Set objFile = objFileSystem.CreateTextFile("UPNChange.txt")
objFile.WriteLine "User Path" & VbTab & "Old UPN" & VbTab & "New UPN"

While Not objRecordSet.EOF
      If Not IsNull(objRecordSet.Fields("userPrincipalName")) Then
            strUPN = objRecordSet.Fields("userPrincipalName")
            arrTemp = Split(strUPN, "@")
            If arrTemp(0) <> objRecordSet.Fields("sAMAccountName") Then
                  strUPN = objRecordSet.Fields("sAMAccountName") & "@" & arrTemp(1)
            End If
      Else
            strUPN = objRecordSet.Fields("sAMAccountName") & "@" & strDomain
      End If

      If strUPN <> objRecordSet.Fields("userPrincipalName") Then
            Set objUser = GetObject(objRecordSet.Fields("aDSPath"))
            
            objFile.WriteLine objRecordSet.Fields("aDSPath") & VbTab &_
                  objRecordSet.Fields("userPrincipalName") & VbTab & strUPN
                  
            If REPORT_ONLY = False Then
                  objUser.Put "userPrincipalName", strUPN
                  objUser.SetInfo
            End If
      End If
      objRecordSet.MoveNext
Wend
objConnection.Close

Set objFile = Nothing
Set objFileSystem = Nothing

Set objRecordSet = Nothing
Set objCommand = Nothing
Set objConnection = Nothing
0
 
LVL 3

Author Comment

by:lrpage
ID: 17907513
I realize it will create a file that logs the changes it would have made.

The txt doc it creates only have about 100 items and most of those are computer objects in my AD, only about 10 are user items in my AD
0
6 Surprising Benefits of Threat Intelligence

All sorts of threat intelligence is available on the web. Intelligence you can learn from, and use to anticipate and prepare for future attacks.

 
LVL 70

Expert Comment

by:Chris Dent
ID: 17908175

An irritation of AD... Computer Objects sometimes get the objectClass user. Anyway, this is a more reliable way of getting user accounts only.

It isn't ordinarily necessary to increase the Size Limit for the search. However if it still doesn't return everything you're looking for then you could add in this line:

objCommand.Properties("Size Limit") = 100000

In the same place as the rest of the objCommand.Properties statements.

Otherwise, here is a modification that may get rid of the computer accounts from the search results:


Option Explicit

Const REPORT_ONLY = True

Const ADS_SCOPE_SUBTREE = 2

Dim objConnection, objCommand, objRecordSet, objRootDSE, objFileSystem, objFile, objUser
Dim strDomain, strUPN
Dim arrTemp

Set objConnection = CreateObject("ADODB.Connection")
objConnection.Provider = "ADsDSOObject"
objConnection.Open "Active Directory Provider"

Set objCommand = CreateObject("ADODB.Command")
objCommand.ActiveConnection = objConnection

Set objRootDSE = GetObject("LDAP://RootDSE")

objCommand.CommandText = "SELECT aDSPath, sAMAccountName, userPrincipalName " &_
      "FROM 'LDAP://" & objRootDSE.Get("defaultNamingContext") & "' WHERE " &_
      "objectCategory='CN=Person,CN=Schema," & objRootDSE.Get("configurationNamingContext") & "'"

strDomain = Replace(objRootDSE.Get("defaultNamingContext"), ",DC=", ".")
strDomain = Replace(strDomain, "DC=", "")

Set objRootDSE = Nothing

objCommand.Properties("Page Size") = 1000
objCommand.Properties("Timeout") = 600
objCommand.Properties("Searchscope") = ADS_SCOPE_SUBTREE
objCommand.Properties("Cache Results") = False

Set objRecordSet = objCommand.Execute

Set objFileSystem = CreateObject("Scripting.FileSystemObject")
Set objFile = objFileSystem.CreateTextFile("UPNChange.txt")
objFile.WriteLine "User Path" & VbTab & "Old UPN" & VbTab & "New UPN"

While Not objRecordSet.EOF
      If Not IsNull(objRecordSet.Fields("userPrincipalName")) Then
            strUPN = objRecordSet.Fields("userPrincipalName")
            arrTemp = Split(strUPN, "@")
            If arrTemp(0) <> objRecordSet.Fields("sAMAccountName") Then
                  strUPN = objRecordSet.Fields("sAMAccountName") & "@" & arrTemp(1)
            End If
      Else
            strUPN = objRecordSet.Fields("sAMAccountName") & "@" & strDomain
      End If

      If strUPN <> objRecordSet.Fields("userPrincipalName") Then
            Set objUser = GetObject(objRecordSet.Fields("aDSPath"))
            
            objFile.WriteLine objRecordSet.Fields("aDSPath") & VbTab &_
                  objRecordSet.Fields("userPrincipalName") & VbTab & strUPN
                  
            If REPORT_ONLY = False Then
                  objUser.Put "userPrincipalName", strUPN
                  objUser.SetInfo
            End If
      End If
      objRecordSet.MoveNext
Wend
objConnection.Close

Set objFile = Nothing
Set objFileSystem = Nothing

Set objRecordSet = Nothing
Set objCommand = Nothing
Set objConnection = Nothing
0
 
LVL 3

Author Comment

by:lrpage
ID: 17929696
ok now it does not see the computer objects, but still only reports on 9 users
0
 
LVL 70

Expert Comment

by:Chris Dent
ID: 17954888

Okay, I'm guessing it has problems with one of the lines. Could you try this:


Option Explicit

Const REPORT_ONLY = True

Const ADS_SCOPE_SUBTREE = 2

Dim objConnection, objCommand, objRecordSet, objRootDSE, objFileSystem, objFile, objUser
Dim strDomain, strUPN, strOldUPN
Dim arrTemp

Set objConnection = CreateObject("ADODB.Connection")
objConnection.Provider = "ADsDSOObject"
objConnection.Open "Active Directory Provider"

Set objCommand = CreateObject("ADODB.Command")
objCommand.ActiveConnection = objConnection

Set objRootDSE = GetObject("LDAP://RootDSE")

objCommand.CommandText = "SELECT aDSPath, sAMAccountName, userPrincipalName " &_
     "FROM 'LDAP://" & objRootDSE.Get("defaultNamingContext") & "' WHERE " &_
     "objectCategory='CN=Person,CN=Schema," & objRootDSE.Get("configurationNamingContext") & "'"

strDomain = Replace(objRootDSE.Get("defaultNamingContext"), ",DC=", ".")
strDomain = Replace(strDomain, "DC=", "")

Set objRootDSE = Nothing

objCommand.Properties("Page Size") = 1000
objCommand.Properties("Timeout") = 600
objCommand.Properties("Searchscope") = ADS_SCOPE_SUBTREE
objCommand.Properties("Cache Results") = False

Set objRecordSet = objCommand.Execute

Set objFileSystem = CreateObject("Scripting.FileSystemObject")
Set objFile = objFileSystem.CreateTextFile("UPNChange.txt")
objFile.WriteLine "User Path" & VbTab & "Old UPN" & VbTab & "New UPN"

While Not objRecordSet.EOF
     If Not IsNull(objRecordSet.Fields("userPrincipalName")) Then
          strUPN = objRecordSet.Fields("userPrincipalName")
          arrTemp = Split(strUPN, "@")
          If arrTemp(0) <> objRecordSet.Fields("sAMAccountName") Then
               strUPN = objRecordSet.Fields("sAMAccountName") & "@" & arrTemp(1)
          End If
     Else
          strUPN = objRecordSet.Fields("sAMAccountName") & "@" & strDomain
     End If

     Set objUser = GetObject(objRecordSet.Fields("aDSPath"))
     On Error Resume Next
     strOldUPN = "" : strOldUPN = objRecordSet.Fields("userPrincipalName")
     On Error Goto 0

     objFile.WriteLine objRecordSet.Fields("aDSPath") & VbTab &_
          strOldUPN & VbTab & strUPN
               
     If REPORT_ONLY = False And strUPN <> strOldUPN Then
          objUser.Put "userPrincipalName", strUPN
          objUser.SetInfo
     End If
     objRecordSet.MoveNext
Wend
objConnection.Close

Set objFile = Nothing
Set objFileSystem = Nothing

Set objRecordSet = Nothing
Set objCommand = Nothing
Set objConnection = Nothing
0
 
LVL 3

Author Comment

by:lrpage
ID: 17955791
ahhh the test txt file came out good.
Now the question is... do I trust it in my production enviroment.  How can I test it on a small number of users?
0
 
LVL 70

Accepted Solution

by:
Chris Dent earned 500 total points
ID: 17955896

You can't really test it on a small number as it is at the moment. Certainly run it in debug mode first (of course).

It would be possible to add another statement in so it only picks up your test user. For example, if you have a user with the username TestUser then you could use the script below, which will look for the TestUser and make the change if it bumps into it (regardless of whether it's running in Test Mode or not).

Good enough for a quick test?

Chris


Option Explicit

Const TEST_USER = "TestUser"
Const REPORT_ONLY = True

Const ADS_SCOPE_SUBTREE = 2

Dim objConnection, objCommand, objRecordSet, objRootDSE, objFileSystem, objFile, objUser
Dim strDomain, strUPN, strOldUPN
Dim arrTemp

Set objConnection = CreateObject("ADODB.Connection")
objConnection.Provider = "ADsDSOObject"
objConnection.Open "Active Directory Provider"

Set objCommand = CreateObject("ADODB.Command")
objCommand.ActiveConnection = objConnection

Set objRootDSE = GetObject("LDAP://RootDSE")

objCommand.CommandText = "SELECT aDSPath, sAMAccountName, userPrincipalName " &_
     "FROM 'LDAP://" & objRootDSE.Get("defaultNamingContext") & "' WHERE " &_
     "objectCategory='CN=Person,CN=Schema," & objRootDSE.Get("configurationNamingContext") & "'"

strDomain = Replace(objRootDSE.Get("defaultNamingContext"), ",DC=", ".")
strDomain = Replace(strDomain, "DC=", "")

Set objRootDSE = Nothing

objCommand.Properties("Page Size") = 1000
objCommand.Properties("Timeout") = 600
objCommand.Properties("Searchscope") = ADS_SCOPE_SUBTREE
objCommand.Properties("Cache Results") = False

Set objRecordSet = objCommand.Execute

Set objFileSystem = CreateObject("Scripting.FileSystemObject")
Set objFile = objFileSystem.CreateTextFile("UPNChange.txt")
objFile.WriteLine "User Path" & VbTab & "Old UPN" & VbTab & "New UPN"

While Not objRecordSet.EOF
     If Not IsNull(objRecordSet.Fields("userPrincipalName")) Then
          strUPN = objRecordSet.Fields("userPrincipalName")
          arrTemp = Split(strUPN, "@")
          If arrTemp(0) <> objRecordSet.Fields("sAMAccountName") Then
               strUPN = objRecordSet.Fields("sAMAccountName") & "@" & arrTemp(1)
          End If
     Else
          strUPN = objRecordSet.Fields("sAMAccountName") & "@" & strDomain
     End If

     Set objUser = GetObject(objRecordSet.Fields("aDSPath"))
     On Error Resume Next
     strOldUPN = "" : strOldUPN = objRecordSet.Fields("userPrincipalName")
     On Error Goto 0

     objFile.WriteLine objRecordSet.Fields("aDSPath") & VbTab &_
          strOldUPN & VbTab & strUPN
               
     If REPORT_ONLY = False And strUPN <> strOldUPN Then
          objUser.Put "userPrincipalName", strUPN
          objUser.SetInfo
     End If

     If objUser.Get("sAMAccountName") = TEST_USER Then
          objUser.Put "userPrincipalName", strUPN
          objUser.SetInfo
     End If

     objRecordSet.MoveNext
Wend
objConnection.Close

Set objFile = Nothing
Set objFileSystem = Nothing

Set objRecordSet = Nothing
Set objCommand = Nothing
Set objConnection = Nothing
0
 
LVL 3

Author Comment

by:lrpage
ID: 18093749
ok i finally had time to try this.  I changed Const REPORT_ONLY = False and then ran it.  It still created the log file.  But when i look in AD there are no changes.  I also get no errors

0

Featured Post

Backup Your Microsoft Windows Server®

Backup all your Microsoft Windows Server – on-premises, in remote locations, in private and hybrid clouds. Your entire Windows Server will be backed up in one easy step with patented, block-level disk imaging. We achieve RTOs (recovery time objectives) as low as 15 seconds.

Join & Write a Comment

Suggested Solutions

NTFS file system has been developed by Microsoft that is widely used by Windows NT operating system and its advanced versions. It is the mostly used over FAT file system as it provides superior features like reliability, security, storage, efficienc…
Find out what the Office 365 disclaimer function is, why you would use it and its limited ability to create Office 365 signatures.
Access reports are powerful and flexible. Learn how to create a query and then a grouped report using the wizard. Modify the report design after the wizard is done to make it look better. There will be another video to explain how to put the final p…
This tutorial demonstrates a quick way of adding group price to multiple Magento products.

762 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

16 Experts available now in Live!

Get 1:1 Help Now