Solved

Account Creation Validation Not Working

Posted on 2011-02-23
7
347 Views
Last Modified: 2012-05-11
My script prompts the user for various account data including FN, LN, Password, with preset variables for the Description, and the ADUC template to be used.

I have a validation function that should kick out in the event that someone attempts to put in an account name that already exists. Instead it begins to create the account and errors out at:

Set objNewUser = objDestOU.Create("User", "CN=" & strNewUserID) with the following error:

Active Directory: An invalid directory pathname was passed.

I would rather have it pick this up during validation, and echo the msg I already have setup. I'm just not sure why it isn't catching it.  
' Create connection to AD
Set objCommand = CreateObject("ADODB.Command")
Set objConnection = CreateObject("ADODB.Connection")
objConnection.Provider = "ADsDSOObject"
objConnection.Open "Active Directory Provider"
objCommand.ActiveConnection = objConnection


' Specify user to copy and new user parameters and generate user ID
strSimilarUser = "user_template"
strDomain = "dc=domain,dc=com"
strNewDescription = "Wireless User"

strNewFirstName = InputBox("Enter the first name of the new user", "Create Wireless User")
strNewLastName = InputBox("Enter the last name of the new user", "Create Wireless User")
strPassword = InputBox("Enter the last 2 octets of the MAC address.", "Create Wireless User")
strPossibleUserName = InputBox("Enter the Serial Number", "Create Wireless User")
strNewPassword = "HH" & strPassword

WScript.Echo "*** Processing " & strNewDisplayName & " ***"
Validate()

WScript.Echo ""
WScript.Echo "    * Querying user attributes For " & strSimilarUser & "..."


' Define filter to query the similar user parameters
strCategory = "(objectCategory=Person)"
strClass = "(ObjectClass=User)"
strTarget = "(cn=" & strSimilarUser & ")"
strFilter = strCategory & strClass & strTarget


' Query AD with filter defined above
objCommand.CommandText = "<LDAP://" & strDomain & ">;(&" & strFilter & ")" & ";DistinguishedName;subtree"
Set objRecordSet = objCommand.Execute


' Handle the query results, assign the new user the similar user's parameters
Do Until objRecordSet.EOF
  
  WScript.Echo "    * Assigning attributes to " & strNewDisplayName & VbCrLf
  strLocation = objRecordSet.Fields("DistinguishedName")
  Set ObjUser = GetObject("LDAP:" & strLocation )'
  
  objMemberOf = objUser.GetEx("MemberOf")
  
  strNewLocation = Replace(strLocation, "CN=" & strSimilarUser & ",","")
  strNewDescription = objUser.Description
  strNewScript = ObjUser.ScriptPath
    
  objRecordSet.MoveNext
  
Loop


' Echo out the parameters for the new user
WScript.Echo "    * Attributes for " & strNewDisplayName & ":"
WScript.Echo "      ------------------------------------------"
WScript.Echo "      First Name:  " & strNewFirstName
WScript.Echo "      Last Name:  " & strNewLastName
WScript.Echo "      Display Name:  " & strNewDisplayName
WScript.Echo "      User ID:  " & strNewUserID
WScript.Echo "      Password:  " & strNewPassword
WScript.Echo "      OU:  " & strNewLocation
WScript.Echo "      Description:  " & strNewDescription
WScript.Echo ""


' Create the new user
WScript.Echo "    * Creating new accounts for " & strNewDisplayName
Set objDestOU = GetObject("LDAP://" & strNewLocation)

Set objNewUser = objDestOU.Create("User", "CN=" & strNewUserID)
    objNewUser.Put "sAMAccountName", strNewUserID
    objNewUser.Put "GivenName", strNewFirstName
    objNewUser.Put "SN", strNewLastName
    objNewUser.Put "DisplayName", strNewDisplayName
    objNewUser.Put "Description", strNewDescription
    objNewUser.Put "UserPrincipalName", strNewUserID & "@medctr.ad.wfubmc.edu"
    
    objNewUser.SetInfo
    
    objNewUser.SetPassword strNewPassword
    objNewUser.pwdLastSet = 0
    objNewUser.AccountDisabled = False
    
    objNewUser.Put "employeetype", "GENERIC"
       
    objNewUser.setinfo
    
    For Each objGroup In objMemberOf
      Set Group = GetObject("LDAP://" & objGroup)
      Group.add "LDAP://" & "CN=" & strNewUserID & "," & strNewLocation
    Next
    WScript.Echo "    - New user account for " & strNewDisplayName & " has been created"


'----------------------------------------------------------------
' Function to validate user name
'----------------------------------------------------------------
Function Validate()

strCategory = "(objectCategory=person)"
strClass = "(ObjectClass=user)"
strTarget = "(cn=" & strPossibleUserName & ")"
strfilter = strCategory & strClass & strTarget

objCommand.CommandText = "<GC://dc=domain,dc=com>;(&" & strFilter & ")" & ";DistinguishedName;subtree"
Set objRecordset = objCommand.Execute

intNumberofRecords = objRecordset.RecordCount

If intNumberofRecords > 0 Then
  While Not objRecordSet.EOF
    strLocation = objRecordset.Fields("DistinguishedName")
    Set objUser = GetObject("LDAP://" & strLocation )
    strExistingUser = objUser.DisplayName
    WScript.Echo "    > User ID is assigned to " & strExistingUser
    strAssignID = 0
    objRecordSet.MoveNext
  Wend
Else
  WScript.Echo "    > User ID doesn't exist and will be assigned to " & strNewDisplayName
  strAssignID = 1
  strNewUserID = strPossibleUserName
  strNewDisplayName = strNewUserID
End If

End Function

' Close AD connection
objConnection.Close

Open in new window

0
Comment
Question by:JB4375
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
  • 4
  • 3
7 Comments
 
LVL 12

Expert Comment

by:prashanthd
ID: 34961171
Where are you assigning a value to "strNewUserID" ?
0
 
LVL 1

Author Comment

by:JB4375
ID: 34961224
Line 126
0
 
LVL 12

Expert Comment

by:prashanthd
ID: 34961231
strNewUserID is not a Global variable, so value is not retained outside function
0
Creating Instructional Tutorials  

For Any Use & On Any Platform

Contextual Guidance at the moment of need helps your employees/users adopt software o& achieve even the most complex tasks instantly. Boost knowledge retention, software adoption & employee engagement with easy solution.

 
LVL 12

Accepted Solution

by:
prashanthd earned 500 total points
ID: 34961250
Declare strNewUserID and other variables as Global variables
0
 
LVL 1

Author Comment

by:JB4375
ID: 34961705
My bad.... I'm running Option Explicit, with On Error Resume Next commented out, and I've declared everything. I was just attempting to save space.

I know the value is holding because it's listing it on the echo before it attempts to create the account.

Solution: I added a more descriptive error msg stating that it was already in use, and then adding a WScript.Quit within the IF to prevent it from moving forward at all. Because it's getting user input it's never going to have another record to read anyway.

Final result of the Validation below.

Thanks for your help!!
Function Validate()

strCategory = "(objectCategory=person)"
strClass = "(ObjectClass=user)"
strTarget = "(cn=" & strPossibleUserName & ")"
strFilter = strCategory & strClass & strTarget

objCommand.CommandText = "<GC://dc=Domain,dc=ad,dc=xxx,dc=com>;(&" & strFilter & ")" & ";DistinguishedName;subtree"
Set objRecordset = objCommand.Execute

intNumberofRecords = objRecordset.RecordCount

If intNumberofRecords > 0 Then
  While Not objRecordSet.EOF
    strLocation = objRecordset.Fields("DistinguishedName")
    Set objUser = GetObject("LDAP://" & strLocation )
    strExistingUser = objUser.DisplayName
    WScript.Echo "    > User ID is is already in use. Assigned to " & strExistingUser
    strAssignID = 0
    WScript.Quit
'     objRecordSet.MoveNext
  Wend
Else
  WScript.Echo "    > User ID doesn't exist and will be assigned to " & strNewDisplayName
  strAssignID = 1
  strNewUserID = strPossibleUserName
  strNewDisplayName = strNewUserID
End If

End Function

<Edited by SouthMod to remove live domain information>

Open in new window

0
 
LVL 1

Author Closing Comment

by:JB4375
ID: 34961728
Points assigned because I felt PRASHANTHD was accurated based on the information I had provided.

Further, talking through the process helped me to arrive at a solution.
0
 
LVL 12

Expert Comment

by:prashanthd
ID: 34962507
Thanks!! JB
0

Featured Post

Free Tool: Subnet Calculator

The subnet calculator helps you design networks by taking an IP address and network mask and returning information such as network, broadcast address, and host range.

One of a set of tools we're offering as a way of saying thank you for being a part of the community.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

While rebooting windows server 2003 server , it's showing "active directory rebuilding indices please wait" at startup. It took a little while for this process to complete and once we logged on not all the services were started so another reboot is …
With User Account Control (UAC) enabled in Windows 7, one needs to open an elevated Command Prompt in order to run scripts under administrative privileges. Although the elevated Command Prompt accomplishes the task, the question How to run as script…
This tutorial will walk an individual through the process of configuring their Windows Server 2012 domain controller to synchronize its time with a trusted, external resource. Use Google, Bing, or other preferred search engine to locate trusted NTP …
Are you ready to implement Active Directory best practices without reading 300+ pages? You're in luck. In this webinar hosted by Skyport Systems, you gain insight into Microsoft's latest comprehensive guide, with tips on the best and easiest way…

696 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question