Easiest way for an administrative admin to add/change AD mobile phone numbers

I have an admin that is not too technical and now she is delegated to add/change mobile numbers for all users. Is there an easy way like RBAC or something so she won't have to use the AD tools?
CiscoAznAsked:
Who is Participating?
 
Tony MassaCommented:
Just change the AD attribute from objuser.phoneNumber to  objUser.mobile or whatever the attribute name is.
https://msdn.microsoft.com/en-us/library/ms675090(v=vs.85).aspx
0
 
Tony MassaCommented:
RBAC just means "role-based access control".  I'm assuming that you have already delegated the access to write to that attribute.
Just write a script for the user or create a custom MMC with a taskpad (script).  Is ADUC really too difficult for the user?
0
 
CiscoAznAuthor Commented:
I want something else beside using ADUC. What script are you referring to? Do you have a sample?
0
Ultimate Tool Kit for Technology Solution Provider

Broken down into practical pointers and step-by-step instructions, the IT Service Excellence Tool Kit delivers expert advice for technology solution providers. Get your free copy now.

 
Tony MassaCommented:
I haven't tested this thoroughly, but it does work:
'http://www.rlmueller.net/NameTranslateFAQ.htm
'Constants for the Name Translate Object
Const ADS_NAME_INITTYPE_GC = 3
Const ADS_NAME_TYPE_NT4 = 3
Const ADS_NAME_TYPE_1779 = 1

'NetBIOS domain name for your AD
strNetBIOSDomain = "MYDOMAIN"  'Enter NETBIOS DomainName

'Get username and phone number
strNTName = InputBox("Enter user logon ID:", "Change User Phone Number")
strNewTele = InputBox("Enter the new phone number for " & strNTName,"New Number")

' Use the NameTranslate object to convert the NT user name to the
' Distinguished Name required for the LDAP provider.
Set objTrans = CreateObject("NameTranslate")

' Initialize NameTranslate by locating the Global Catalog.
objTrans.Init ADS_NAME_INITTYPE_GC, ""
' Use the Set method to specify the NT format of the object name.
objTrans.Set ADS_NAME_TYPE_NT4, strNetBIOSDomain & "\" & strNTName

' Use the Get method to retrieve the RPC 1779 Distinguished Name.
strUserDN = objTrans.Get(ADS_NAME_TYPE_1779)

err.Clear

'Bind to the AD user object
Set objUser = GetObject("LDAP://" & strUserDN)

'Debug
WScript.Echo "Found user, number is currently: " & objUser.telephoneNumber

'If error, exit
If err.Number <> 0 Then
	WScript.Echo "Error connecting to: " & strUserDN
	WScript.Quit
Else
  'Change the phone number
  err.Clear
  objUser.telephoneNumber = strNewTele
  objUser.SetInfo
End If

If err.Number = 0 Then
	WScript.Echo "Success"
Else
	WScript.Echo "Fail.  Error code: " & err.Number
End If

Open in new window



Just remember to comment out the "Debug" echo on line 32.
0
 
CiscoAznAuthor Commented:
Not working
0
 
Tony MassaCommented:
What's the error code
0
 
CiscoAznAuthor Commented:
Error: Name translation: Could not find the name or insufficient right to see name.
Code: 80072116
Source: (null)
0
 
Tony MassaCommented:
The username and/or domain (NETBIOS domain name on line 8) is wrong.
0
 
Tony MassaCommented:
That's the error you'll get when it can't find the user object in AD.
0
 
CiscoAznAuthor Commented:
Thanks Tony this works now but how do I modify it to have it change the mobile number instead of the work number?
0
 
CiscoAznAuthor Commented:
Solution worked!
0
 
CiscoAznAuthor Commented:
Tony,
I do have one other question related. Since pulling this data requires admin rights how do I script this to change or prompt to change username and password so it can have permission to change these phone numbers?
0
Question has a verified solution.

Are you are experiencing a similar issue? Get a personalized answer when you ask a related question.

Have a better answer? Share it in a comment.

All Courses

From novice to tech pro — start learning today.