Easiest way for an administrative admin to add/change AD mobile phone numbers

I have an admin that is not too technical and now she is delegated to add/change mobile numbers for all users. Is there an easy way like RBAC or something so she won't have to use the AD tools?
CiscoAznAsked:
Who is Participating?

[Product update] Infrastructure Analysis Tool is now available with Business Accounts.Learn More

x
I wear a lot of hats...

"The solutions and answers provided on Experts Exchange have been extremely helpful to me over the last few years. I wear a lot of hats - Developer, Database Administrator, Help Desk, etc., so I know a lot of things but not a lot about one thing. Experts Exchange gives me answers from people who do know a lot about one thing, in a easy to use platform." -Todd S.

Tony MassaCommented:
RBAC just means "role-based access control".  I'm assuming that you have already delegated the access to write to that attribute.
Just write a script for the user or create a custom MMC with a taskpad (script).  Is ADUC really too difficult for the user?
0
CiscoAznAuthor Commented:
I want something else beside using ADUC. What script are you referring to? Do you have a sample?
0
Tony MassaCommented:
I haven't tested this thoroughly, but it does work:
'http://www.rlmueller.net/NameTranslateFAQ.htm
'Constants for the Name Translate Object
Const ADS_NAME_INITTYPE_GC = 3
Const ADS_NAME_TYPE_NT4 = 3
Const ADS_NAME_TYPE_1779 = 1

'NetBIOS domain name for your AD
strNetBIOSDomain = "MYDOMAIN"  'Enter NETBIOS DomainName

'Get username and phone number
strNTName = InputBox("Enter user logon ID:", "Change User Phone Number")
strNewTele = InputBox("Enter the new phone number for " & strNTName,"New Number")

' Use the NameTranslate object to convert the NT user name to the
' Distinguished Name required for the LDAP provider.
Set objTrans = CreateObject("NameTranslate")

' Initialize NameTranslate by locating the Global Catalog.
objTrans.Init ADS_NAME_INITTYPE_GC, ""
' Use the Set method to specify the NT format of the object name.
objTrans.Set ADS_NAME_TYPE_NT4, strNetBIOSDomain & "\" & strNTName

' Use the Get method to retrieve the RPC 1779 Distinguished Name.
strUserDN = objTrans.Get(ADS_NAME_TYPE_1779)

err.Clear

'Bind to the AD user object
Set objUser = GetObject("LDAP://" & strUserDN)

'Debug
WScript.Echo "Found user, number is currently: " & objUser.telephoneNumber

'If error, exit
If err.Number <> 0 Then
	WScript.Echo "Error connecting to: " & strUserDN
	WScript.Quit
Else
  'Change the phone number
  err.Clear
  objUser.telephoneNumber = strNewTele
  objUser.SetInfo
End If

If err.Number = 0 Then
	WScript.Echo "Success"
Else
	WScript.Echo "Fail.  Error code: " & err.Number
End If

Open in new window



Just remember to comment out the "Debug" echo on line 32.
0
Simplify Active Directory Administration

Administration of Active Directory does not have to be hard.  Too often what should be a simple task is made more difficult than it needs to be.The solution?  Hyena from SystemTools Software.  With ease-of-use as well as powerful importing and bulk updating capabilities.

CiscoAznAuthor Commented:
Not working
0
Tony MassaCommented:
What's the error code
0
CiscoAznAuthor Commented:
Error: Name translation: Could not find the name or insufficient right to see name.
Code: 80072116
Source: (null)
0
Tony MassaCommented:
The username and/or domain (NETBIOS domain name on line 8) is wrong.
0
Tony MassaCommented:
That's the error you'll get when it can't find the user object in AD.
0
CiscoAznAuthor Commented:
Thanks Tony this works now but how do I modify it to have it change the mobile number instead of the work number?
0
Tony MassaCommented:
Just change the AD attribute from objuser.phoneNumber to  objUser.mobile or whatever the attribute name is.
https://msdn.microsoft.com/en-us/library/ms675090(v=vs.85).aspx
0

Experts Exchange Solution brought to you by

Your issues matter to us.

Facing a tech roadblock? Get the help and guidance you need from experienced professionals who care. Ask your question anytime, anywhere, with no hassle.

Start your 7-day free trial
CiscoAznAuthor Commented:
Solution worked!
0
CiscoAznAuthor Commented:
Tony,
I do have one other question related. Since pulling this data requires admin rights how do I script this to change or prompt to change username and password so it can have permission to change these phone numbers?
0
It's more than this solution.Get answers and train to solve all your tech problems - anytime, anywhere.Try it for free Edge Out The Competitionfor your dream job with proven skills and certifications.Get started today Stand Outas the employee with proven skills.Start learning today for free Move Your Career Forwardwith certification training in the latest technologies.Start your trial today
Active Directory

From novice to tech pro — start learning today.