i need to write a script for windows server 2003 that will allow me to add new users to the Active Directory, but not conventionally, as i will soon explain.
This is a full command right now:
dsadd user "CN=ATEST001,OU=local-admins,DC=red,DC=qumranet,DC=com" -display "ATEST001 FAMILYNAME" -pwd 123456 -u RED\administrator -p 123456 -samid ATEST001 -memberof "CN=rdp-admin,OU=local-admins,DC=red,DC=qumranet,DC=com" -upn "ATEST001@red.qumranet.com" -disabled no -pwdneverexpires yes
Parameters that i want to be able to play with in the creation process are:
1. User - an admin or not? i want to give them descriptive name - for example, Axxxx would be an admin, Uxxxx would be a user.
2. Domain name - as you can see above, it is all for RED right now.
3. basic group membership. Right now, it's 'local-admins' (which may not be true for users!)
4. member of which groups: Above, it's rdp-admin. We may want to have others, or more than one
any kind of help would be great.