Solved

More Scripting Help - Creating AD Users with Email

Posted on 2007-04-11
27
294 Views
Last Modified: 2012-06-27
Hey,
I am a bit lost here.  I am writing a script to add a user to AD.  Here is what I have.
________________________________________________
dim strDomainName, InputOU, InputUN, InputSN, InputDN, InputDsc, objOu, objUser, InputGrp, objGroup, InputGrpOu

InputOU = InputBox("Enter OU")
InputUN = InputBox("Enter User Name")
InputGiven = InputBox("Enter First Name")
InputSN = Inputbox("Enter Last Name")
InputDsc = InputBox("Enter Description")
InputGrp = InputBox("Enter Group")
InputGrpOU = "CN=Users"            'InputBox ("Enter OU of Group")
Set objOU = GetObject("LDAP://ou=" & InputOU & ",dc=JSC,dc=com")

Set objUser = objOU.Create("User", "cn=" & InputGiven & " " & InputSN)
objUser.Put "userPrincipalName", InputUN
objUser.Put "sAMAccountName", InputUN
objUser.Put "givenName", InputGiven
objUser.Put "sn", InputSN
objUser.Put "displayName", InputGiven & " " & InputSN
objUser.Put "Description", InputDsc
objUser.SetInfo
objUser.SetPassword "TESTPW"
objUser.AccountDisabled = False

'Add to group
Set objGroup = GetObject("LDAP://CN=" & InputGrp & "," & InputGrpOU & ",dc=JSC,dc=com")
objGroup.add(objUser.ADsPath)
____________________________________________________________

My user is being created in the correct place.  But shows up disabled.  I also do not know how to add an email address for him in my domain.
0
Comment
Question by:jsctechy
  • 15
  • 12
27 Comments
 
LVL 67

Expert Comment

by:sirbounty
ID: 18890616
Your .setinfo needs to be the 'last' item when updating the properties - else those are missed...

You have:
objUser.SetInfo
objUser.SetPassword "TESTPW"
objUser.AccountDisabled = False

it should be:
objUser.SetPassword "TESTPW"
objUser.AccountDisabled = False
objUser.SetInfo

You can add the mail info using:
objUser.mail=objUser.SamAccountName & "@domain.com" 'remember to use SetInfo
0
 
LVL 1

Author Comment

by:jsctechy
ID: 18890767
I get an error that way.

Line 19 Chr 1
objUser.SetPassword "TESTPW" 'meets pw req
0
 
LVL 67

Expert Comment

by:sirbounty
ID: 18890778
What's the error?
0
 
LVL 1

Author Comment

by:jsctechy
ID: 18890793
Line: 19
Chr:  1
Error:  There is no such object on the server.
Code: 80072030
Source: (null)

Seems as when trying to set the PW, the object doesn't exist yet.
0
 
LVL 67

Accepted Solution

by:
sirbounty earned 500 total points
ID: 18890810
Ah - you can use a couple of SetInfo's for that...


Set objUser = objOU.Create("User", "cn=" & InputGiven & " " & InputSN)
objUser.SetInfo
objUser.Put "userPrincipalName", InputUN
objUser.Put "sAMAccountName", InputUN
objUser.Put "givenName", InputGiven
objUser.Put "sn", InputSN
objUser.Put "displayName", InputGiven & " " & InputSN
objUser.Put "Description", InputDsc
objUser.SetPassword "TESTPW"
objUser.AccountDisabled = False
objUser.SetInfo
0
 
LVL 1

Author Comment

by:jsctechy
ID: 18890814
hey- I did it the original way I posted, but at the end of the setpassword and accountdisabled, I setinfo again
0
 
LVL 1

Author Comment

by:jsctechy
ID: 18890819
Cool- Thanks.
So for email, I can just do this
objUser.mail=objUser.SamAccountName & "@JSC.com"
0
 
LVL 67

Expert Comment

by:sirbounty
ID: 18890824
Yep yep...
Cool. :^)
0
 
LVL 1

Author Comment

by:jsctechy
ID: 18890847
Thanks.  I will try that.
0
 
LVL 67

Expert Comment

by:sirbounty
ID: 18890868
Good luck! :^)
0
 
LVL 1

Author Comment

by:jsctechy
ID: 18891518
Hey,
1 Q-
If I use  -    objUser.mail=objUser.SamAccountName & "@JSC.com"
Does that create the mailbox on the exchange server, or just add an email in the email address field?
I want it to create the mailbox, same as when I manually create a user.  After specifying a password, the next screen will be to create an email box (checkbox), with also Server and Mailbox Store options.
0
 
LVL 67

Expert Comment

by:sirbounty
ID: 18891573
That, I've never done (the above only adds the mail property)...however according to this site, it seems to be fairly simple:

http://techtasks.com/code/viewbookcode/1237

Try adding:

objUser.CreateMailbox objUser.adsPath

to the end of the script.

http://searchvb.techtarget.com/tip/0,289483,sid8_gci1086268,00.html gives another good example.
0
 
LVL 1

Author Comment

by:jsctechy
ID: 18891735
I am confused....
Should I do something like this?

Dim oIADSUser
Dim MStore
strDefaultNC = "DC=EnterYourDomainName,DC=com"
Set oIADSUser = GetObject("LDAP://CN=" & InputUN & "," & "OU=" & InputOU & "," & "DC=JSC,DC=com")

oIADSUser.CreateMailbox "LDAP://CN=First Storage Group,
CN=InformationStore,
CN=JSCEMAIL,
CN=Servers,
CN=First Administrative Group,
CN=Administrative Groups,
CN=EnterYourSMTPOrganisationName, -????????
CN=Microsoft Exchange,
CN=Services,
CN=Configuration,
DC=JSC,DC=com"
oIADSUser.SetInfo

0
Windows Server 2016: All you need to know

Learn about Hyper-V features that increase functionality and usability of Microsoft Windows Server 2016. Also, throughout this eBook, you’ll find some basic PowerShell examples that will help you leverage the scripts in your environments!

 
LVL 1

Author Comment

by:jsctechy
ID: 18891868
unsure how to get the full DN for the exchange server info.
Right now I am trying from command prompt to get the info-
CMD>ldifde -d cn=existinguser,ou=someou,dc=domain,dc=root -f con
0
 
LVL 67

Expert Comment

by:sirbounty
ID: 18891910
Again, Im not really familiar with the Exchange piece of this, but I was thinking it would be:

Set objUser = objOU.Create("User", "cn=" & InputGiven & " " & InputSN)
objUser.SetInfo
objUser.Put "userPrincipalName", InputUN
objUser.Put "sAMAccountName", InputUN
objUser.Put "givenName", InputGiven
objUser.Put "sn", InputSN
objUser.Put "displayName", InputGiven & " " & InputSN
objUser.Put "Description", InputDsc
objUser.SetPassword "TESTPW"
objUser.AccountDisabled = False
objUser.CreateMailbox objUser.adsPath 'does this work?
objUser.SetInfo
0
 
LVL 1

Author Comment

by:jsctechy
ID: 18891915
I think I got it.....

homeMDB:
 CN=Mailbox Store (JSEMAIL),CN=First Storage Group,CN=InformationStore,CN=JSEMAIL,CN=Servers,CN=First Administrative Group,CN=Administrative Groups,CN=JSC,CN=Microsoft Exchange,CN=Services,CN=Configuration,DC=JSC,DC=com
0
 
LVL 67

Expert Comment

by:sirbounty
ID: 18891931
Or what about:

Set objUser = objOU.Create("User", "cn=" & InputGiven & " " & InputSN)
objUser.SetInfo
objUser.Put "userPrincipalName", InputUN
objUser.Put "sAMAccountName", InputUN
objUser.Put "givenName", InputGiven
objUser.Put "sn", InputSN
objUser.Put "displayName", InputGiven & " " & InputSN
objUser.Put "Description", InputDsc
objUser.SetPassword "TESTPW"
objUser.AccountDisabled = False
objUser.CreateMailbox objUser.DN 'does this work?
objUser.SetInfo
0
 
LVL 1

Author Comment

by:jsctechy
ID: 18891995
Hi,
No-
objUser.CreateMailbox is not supported...?  This is for Exchange 2003 on a 2000 Domain
0
 
LVL 67

Expert Comment

by:sirbounty
ID: 18892024
According to this it is - but perhaps the reference was setup incorrectly..
http://www.msexchange.org/articles/Scripting-Exchange-VBScript-ADSI-Part2.html

Set objUser = objOU.Create("User", "cn=" & InputGiven & " " & InputSN)
objUser.SetInfo
'[...]
objUser.AccountDisabled = False
objUser.CreateMailbox objUser.DN 'does this work?
objUser.SetInfo
'adding this...of course, I don't know what these settings are though...
'  would've though simply using the DN to the newly created user would do it?
Set objMailbox = objUser
  objMailbox.CreateMailbox "LDAP://CN=" & MDBName & _
                               ",CN=" & StorageGroup & _
                               ",CN=InformationStore" & _
                               ",CN=" & Server & _
                               ",CN=Servers" & _
                               ",CN=" & AdminGroup & _
                               ",CN=Administrative Groups" & _
                               ",CN=" & Organization & _
                               ",CN=Microsoft Exchange,CN=Services" & _
                               ",CN=Configuration," & DomainDN
objUser.SetInfo
0
 
LVL 1

Author Comment

by:jsctechy
ID: 18892106
getting an error on this:

Set objMailbox = objUser
0
 
LVL 67

Expert Comment

by:sirbounty
ID: 18892176
Unfortunately, I don't have a test domain to try this out on...
I'm just not sure what to do from here as I've not worked with creating mailboxes before...sorry.
0
 
LVL 1

Author Comment

by:jsctechy
ID: 18892199
Here is what I have right now
____________________________

dim strDomainName, InputOU, InputUN, InputSN, InputDN, InputDsc, objOu, objUser, InputGrp, objGroup, InputGrpOu, strHomeMDB, objMailbox

InputOU = InputBox("Enter OU")
InputUN = InputBox("Enter User Name")
InputGiven = InputBox("Enter First Name")
InputSN = Inputbox("Enter Last Name")
InputDsc = InputBox("Enter Description")
InputGrp = InputBox("Enter Group")
InputGrpOU = "CN=Users"            'InputBox ("Enter OU of Group")
Set objOU = GetObject("LDAP://ou=" & InputOU & ",dc=JSC,dc=com")
'Set objMailbox = objUser
strHomeMDB = "CN=Mailbox Store (JSEMAIL),CN=First Storage Group,CN=InformationStore,CN=JSEMAIL,CN=Servers,CN=First Administrative Group,CN=Administrative Groups,CN=JSINC,CN=Microsoft Exchange,CN=Services,CN=Configuration,DC=JSC,DC=com"
Set objUser = objOU.Create("User", "cn=" & InputGiven & " " & InputSN)
objUser.Put "userPrincipalName", InputUN
objUser.Put "sAMAccountName", InputUN
objUser.Put "givenName", InputGiven
objUser.Put "sn", InputSN
objUser.Put "displayName", InputGiven & " " & InputSN
objUser.Put "Description", InputDsc
objUser.SetInfo
objUser.SetPassword "arkansas"
objUser.AccountDisabled = False
objUser.Put "physicalDeliveryOfficeName", InputOU
objUser.Put "homeDirectory", "\\Jsfile\%username%"
objUser.Put "homedrive", "H:"
objUser.Put "ScriptPath", "logon.cmd"
objUser.SetInfo
'create mailbox
objUser.CreateMailBox "LDAP://" & strHomeMDB
objUser.SetInfo

'Add to group
Set objGroup = GetObject("LDAP://CN=" & InputGrp & "," & InputGrpOU & ",dc=JSC,dc=com")
objGroup.add(objUser.ADsPath)
____________________________
0
 
LVL 1

Author Comment

by:jsctechy
ID: 18892204
Oh- maybe someone else will answer.  I am searching online and find stuff that doesn't seem to work w/ my Exchange/AD versions.
0
 
LVL 1

Author Comment

by:jsctechy
ID: 18892661
Figured it out.....!  Finally
_____________________________
strHomeMDB = "CN=Mailbox Store (JSEMAIL),CN=First Storage Group,CN=InformationStore,CN=JSEMAIL,CN=Servers,CN=First Administrative Group,CN=Administrative Groups,CN=JSCINC,CN=Microsoft Exchange,CN=Services,CN=Configuration,DC=JSC,DC=com"
'create mailbox
objUser.Put "msExchHomeServerName", "/o=JSINC/ou=First Administrative Group/cn=Configuration/cn=Servers/cn=JSEMAIL"
objUser.Put "mailNickname", InputUN
objUser.Put "mail", InputUN & "@JSC.com"
objUser.Put "homeMDB", strHomeMDB
objUser.Put "mDBUseDefaults", True
objUser.SetInfo
________________________________________
0
 
LVL 67

Expert Comment

by:sirbounty
ID: 18892672
Awesome!
Glad you got it sorted. :^)
0
 
LVL 1

Author Comment

by:jsctechy
ID: 18892785
Thanks- points go to you (obviously) for the reason I started to post.

Thanks again- will be posting more shortly :)
0
 
LVL 67

Expert Comment

by:sirbounty
ID: 18892794
Thanx! :
0

Featured Post

Why You Should Analyze Threat Actor TTPs

After years of analyzing threat actor behavior, it’s become clear that at any given time there are specific tactics, techniques, and procedures (TTPs) that are particularly prevalent. By analyzing and understanding these TTPs, you can dramatically enhance your security program.

Join & Write a Comment

Introduction You may have a need to setup a group of users to allow local administrative access on workstations.  In a domain environment this can easily be achieved with Restricted Groups and Group Policies. This article will demonstrate how to…
Find out how to use Active Directory data for email signature management in Microsoft Exchange and Office 365.
This tutorial will walk an individual through the process of transferring the five major, necessary Active Directory Roles, commonly referred to as the FSMO roles from a Windows Server 2008 domain controller to a Windows Server 2012 domain controlle…
This tutorial will walk an individual through the process of transferring the five major, necessary Active Directory Roles, commonly referred to as the FSMO roles to another domain controller. Log onto the new domain controller with a user account t…

708 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

19 Experts available now in Live!

Get 1:1 Help Now