Solved

Account Creation Validation Not Working

Posted on 2011-02-23
7
349 Views
Last Modified: 2012-05-11
My script prompts the user for various account data including FN, LN, Password, with preset variables for the Description, and the ADUC template to be used.

I have a validation function that should kick out in the event that someone attempts to put in an account name that already exists. Instead it begins to create the account and errors out at:

Set objNewUser = objDestOU.Create("User", "CN=" & strNewUserID) with the following error:

Active Directory: An invalid directory pathname was passed.

I would rather have it pick this up during validation, and echo the msg I already have setup. I'm just not sure why it isn't catching it.  
' Create connection to AD
Set objCommand = CreateObject("ADODB.Command")
Set objConnection = CreateObject("ADODB.Connection")
objConnection.Provider = "ADsDSOObject"
objConnection.Open "Active Directory Provider"
objCommand.ActiveConnection = objConnection


' Specify user to copy and new user parameters and generate user ID
strSimilarUser = "user_template"
strDomain = "dc=domain,dc=com"
strNewDescription = "Wireless User"

strNewFirstName = InputBox("Enter the first name of the new user", "Create Wireless User")
strNewLastName = InputBox("Enter the last name of the new user", "Create Wireless User")
strPassword = InputBox("Enter the last 2 octets of the MAC address.", "Create Wireless User")
strPossibleUserName = InputBox("Enter the Serial Number", "Create Wireless User")
strNewPassword = "HH" & strPassword

WScript.Echo "*** Processing " & strNewDisplayName & " ***"
Validate()

WScript.Echo ""
WScript.Echo "    * Querying user attributes For " & strSimilarUser & "..."


' Define filter to query the similar user parameters
strCategory = "(objectCategory=Person)"
strClass = "(ObjectClass=User)"
strTarget = "(cn=" & strSimilarUser & ")"
strFilter = strCategory & strClass & strTarget


' Query AD with filter defined above
objCommand.CommandText = "<LDAP://" & strDomain & ">;(&" & strFilter & ")" & ";DistinguishedName;subtree"
Set objRecordSet = objCommand.Execute


' Handle the query results, assign the new user the similar user's parameters
Do Until objRecordSet.EOF
  
  WScript.Echo "    * Assigning attributes to " & strNewDisplayName & VbCrLf
  strLocation = objRecordSet.Fields("DistinguishedName")
  Set ObjUser = GetObject("LDAP:" & strLocation )'
  
  objMemberOf = objUser.GetEx("MemberOf")
  
  strNewLocation = Replace(strLocation, "CN=" & strSimilarUser & ",","")
  strNewDescription = objUser.Description
  strNewScript = ObjUser.ScriptPath
    
  objRecordSet.MoveNext
  
Loop


' Echo out the parameters for the new user
WScript.Echo "    * Attributes for " & strNewDisplayName & ":"
WScript.Echo "      ------------------------------------------"
WScript.Echo "      First Name:  " & strNewFirstName
WScript.Echo "      Last Name:  " & strNewLastName
WScript.Echo "      Display Name:  " & strNewDisplayName
WScript.Echo "      User ID:  " & strNewUserID
WScript.Echo "      Password:  " & strNewPassword
WScript.Echo "      OU:  " & strNewLocation
WScript.Echo "      Description:  " & strNewDescription
WScript.Echo ""


' Create the new user
WScript.Echo "    * Creating new accounts for " & strNewDisplayName
Set objDestOU = GetObject("LDAP://" & strNewLocation)

Set objNewUser = objDestOU.Create("User", "CN=" & strNewUserID)
    objNewUser.Put "sAMAccountName", strNewUserID
    objNewUser.Put "GivenName", strNewFirstName
    objNewUser.Put "SN", strNewLastName
    objNewUser.Put "DisplayName", strNewDisplayName
    objNewUser.Put "Description", strNewDescription
    objNewUser.Put "UserPrincipalName", strNewUserID & "@medctr.ad.wfubmc.edu"
    
    objNewUser.SetInfo
    
    objNewUser.SetPassword strNewPassword
    objNewUser.pwdLastSet = 0
    objNewUser.AccountDisabled = False
    
    objNewUser.Put "employeetype", "GENERIC"
       
    objNewUser.setinfo
    
    For Each objGroup In objMemberOf
      Set Group = GetObject("LDAP://" & objGroup)
      Group.add "LDAP://" & "CN=" & strNewUserID & "," & strNewLocation
    Next
    WScript.Echo "    - New user account for " & strNewDisplayName & " has been created"


'----------------------------------------------------------------
' Function to validate user name
'----------------------------------------------------------------
Function Validate()

strCategory = "(objectCategory=person)"
strClass = "(ObjectClass=user)"
strTarget = "(cn=" & strPossibleUserName & ")"
strfilter = strCategory & strClass & strTarget

objCommand.CommandText = "<GC://dc=domain,dc=com>;(&" & strFilter & ")" & ";DistinguishedName;subtree"
Set objRecordset = objCommand.Execute

intNumberofRecords = objRecordset.RecordCount

If intNumberofRecords > 0 Then
  While Not objRecordSet.EOF
    strLocation = objRecordset.Fields("DistinguishedName")
    Set objUser = GetObject("LDAP://" & strLocation )
    strExistingUser = objUser.DisplayName
    WScript.Echo "    > User ID is assigned to " & strExistingUser
    strAssignID = 0
    objRecordSet.MoveNext
  Wend
Else
  WScript.Echo "    > User ID doesn't exist and will be assigned to " & strNewDisplayName
  strAssignID = 1
  strNewUserID = strPossibleUserName
  strNewDisplayName = strNewUserID
End If

End Function

' Close AD connection
objConnection.Close

Open in new window

0
Comment
Question by:JB4375
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
  • 4
  • 3
7 Comments
 
LVL 12

Expert Comment

by:prashanthd
ID: 34961171
Where are you assigning a value to "strNewUserID" ?
0
 
LVL 1

Author Comment

by:JB4375
ID: 34961224
Line 126
0
 
LVL 12

Expert Comment

by:prashanthd
ID: 34961231
strNewUserID is not a Global variable, so value is not retained outside function
0
VIDEO: THE CONCERTO CLOUD FOR HEALTHCARE

Modern healthcare requires a modern cloud. View this brief video to understand how the Concerto Cloud for Healthcare can help your organization.

 
LVL 12

Accepted Solution

by:
prashanthd earned 500 total points
ID: 34961250
Declare strNewUserID and other variables as Global variables
0
 
LVL 1

Author Comment

by:JB4375
ID: 34961705
My bad.... I'm running Option Explicit, with On Error Resume Next commented out, and I've declared everything. I was just attempting to save space.

I know the value is holding because it's listing it on the echo before it attempts to create the account.

Solution: I added a more descriptive error msg stating that it was already in use, and then adding a WScript.Quit within the IF to prevent it from moving forward at all. Because it's getting user input it's never going to have another record to read anyway.

Final result of the Validation below.

Thanks for your help!!
Function Validate()

strCategory = "(objectCategory=person)"
strClass = "(ObjectClass=user)"
strTarget = "(cn=" & strPossibleUserName & ")"
strFilter = strCategory & strClass & strTarget

objCommand.CommandText = "<GC://dc=Domain,dc=ad,dc=xxx,dc=com>;(&" & strFilter & ")" & ";DistinguishedName;subtree"
Set objRecordset = objCommand.Execute

intNumberofRecords = objRecordset.RecordCount

If intNumberofRecords > 0 Then
  While Not objRecordSet.EOF
    strLocation = objRecordset.Fields("DistinguishedName")
    Set objUser = GetObject("LDAP://" & strLocation )
    strExistingUser = objUser.DisplayName
    WScript.Echo "    > User ID is is already in use. Assigned to " & strExistingUser
    strAssignID = 0
    WScript.Quit
'     objRecordSet.MoveNext
  Wend
Else
  WScript.Echo "    > User ID doesn't exist and will be assigned to " & strNewDisplayName
  strAssignID = 1
  strNewUserID = strPossibleUserName
  strNewDisplayName = strNewUserID
End If

End Function

<Edited by SouthMod to remove live domain information>

Open in new window

0
 
LVL 1

Author Closing Comment

by:JB4375
ID: 34961728
Points assigned because I felt PRASHANTHD was accurated based on the information I had provided.

Further, talking through the process helped me to arrive at a solution.
0
 
LVL 12

Expert Comment

by:prashanthd
ID: 34962507
Thanks!! JB
0

Featured Post

Online Training Solution

Drastically shorten your training time with WalkMe's advanced online training solution that Guides your trainees to action. Forget about retraining and skyrocket knowledge retention rates.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Did you know that more than 4 billion data records have been recorded as lost or stolen since 2013? It was a staggering number brought to our attention during last week’s ManageEngine webinar, where attendees received a comprehensive look at the ma…
Uncontrolled local administrators groups within any organization pose a huge security risk. Because these groups are locally managed it becomes difficult to audit and maintain them.
This tutorial will walk an individual through the process of transferring the five major, necessary Active Directory Roles, commonly referred to as the FSMO roles to another domain controller. Log onto the new domain controller with a user account t…
This video shows how to use Hyena, from SystemTools Software, to bulk import 100 user accounts from an external text file. View in 1080p for best video quality.
Suggested Courses

627 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question