Windows IT Pro is the authoritative and independent resource for windows nt, windows 2000, windows 2003, windows xp. Features a collection of resources and magazines for windows IT professionals.
  
  
  Advanced Search 


June 01, 1999

An ADSI Primer, Part 6: Using ADSI to Create and Manipulate User Accounts


A Web Exclusive from Windows IT Pro
Alistair G. Lowe-Norris
An ADSI Primer
InstantDoc #5456
Windows IT Pro
Email this Article
Printer Friendly
Reader Comments
Digg This
Del.icio.us
RSS
View this exclusive article with VIP access -- click here to join |
See More Systems Administration Articles Here | Reprints | Or sign up for our VIP Monthly Pass!
SideBar    Boolean Arithmetic with Hexadecimal Values, Oops

Editor's note: This article is the sixth part of a 12-part series about Active Directory Service Interfaces (ADSI) The series started in the January 1999 issue. Refer to previous installments for definitions and background information.

In the previous five articles, I discussed the basics of ADSI and how ADSI works. In the remaining articles, I'll show you how to use ADSI to help you with daily tasks, such as manipulating user accounts, services, shares, and sessions in Windows NT's SAM and Windows 2000's (Win2K's) Active Directory (AD). This month, I show you how to automate two fundamental administrative tasks: creating and manipulating user accounts.

Although tools to create user accounts already exist (e.g., the Microsoft Windows NT Server 4.0 Resource Kit's Addusers utility), ADSI's versatility lets you quickly write a script that creates one or many user accounts and manipulate existing accounts. For example, you can write a script that creates one standard or full-featured user account or a script that creates 1000 full-featured user accounts. You can even create a command-line utility that unlocks locked-out user accounts. . . .

Reader Comments
<p>Is there a way to check if a user account exists on Win 2000 to determine if the container::create (username...) is necessary?</p>
<br>
<p>Charles - Use the SearchAD function from article 5 in the ADSI Primer series (May 1999) to search the AD first using ADO.<br>
<br>
Note that September 1999 contained a correction to that article.<br>
<b>--Alistair</b></p>

Charles Schmidt March 27, 2001

<p>Can I disable the sAMAccountName property of the user class? When I try to set the sAMAccountName property data to more than 25 characters, it gives me an error like <i>Automation error.</i> Are there other possibilities?</p>
<br>
<p>Sneha - No, I'm afraid you cannot disable the sAMAccountName. As this MSDN page http://msdn.microsoft.com/library/default.asp?url=/library/en-us/netdir/ad/naming_properties.asp indicates, it's an important property for Win2K servers and needs to be unique on a per-domain basis. It should be less than 20 characters to support downlevel servers and clients. The exact definitions are here: http://msdn.microsoft.com/library/default.asp?url=/library/en-us/netdir/adschema/w2k/A_sAMAccountName.asp<br>
<b>--Alistair</b></p>

sneha February 13, 2002

<p>Hi! You mentioned the following in the article: "You can't use VBScript to access all the read-write attributes. For example, ADSI returns the ObjectSID attribute as a byte array. Unfortunately, VBScript understands only variant arrays, which renders the returned data useless. As a result, you must use Perl, Visual Basic (VB), or C++ if you want to use ObjectSID."<br>
<br>
I'm trying to search for a specific objectSID using LDAP, and I'm using VB.NET to run the search. Might you have any idea what the objectSID type would be in order to search for that user in the directory (e.g., convert objectSID byte array into a string? or search for the hex alphanumberic values? or something else?). I've been making baby steps in my application and this is possibly the last hurdle. I've attempted a number of things--even hardcoding my objectSID's ASCII value--but nothing worked. Any help would be GREATLY appreciated!</p>
<br>
<p>Jerermy - If you check MSDN, you’ll find that the Object-SID is described here: http://msdn.microsoft.com/library/default.asp?url=/library/en-us/netdir/adschema/w2k/A_objectSid.asp?frame=true. Its syntax is 2.1.1.17, which according to the page at http://msdn.microsoft.com/library/default.asp?url=/library/en-us/netdir/adschema/w2k/syntaxList.asp is a String(Sid). If you click the String(Sid) link (http://msdn.microsoft.com/library/default.asp?url=/library/en-us/netdir/adschema/w2k/S_String(Sid).asp), you can see String(Sid) is the type ADSTYPE_OCTET_STRING and the variant VT_UI1 | VT_ARRAY. You can find out more from MSDN at http://msdn.microsoft.com/library/default.asp?url=/library/en-us/netdir/adschema/schemahelp.asp. Hope that helps.<br>
<b>--Alistair</b></p>


Jeremy April 30, 2002

How can I set a user's UPN from vbscript? I am having a tough go of it! Thanks!

BDakis August 23, 2004 (Article Rating: )

You must log on before posting a comment.

If you don't have a username & password, please register now.




Top Viewed ArticlesView all articles
Microsoft Kills OneCare, Will Launch Free Security Solution

Microsoft on Tuesday announced that it would retire its $50-a-year security subscription product, Windows Live OneCare, and replace it with a free solution codenamed "Morro." Unlike OneCare, however, Morro will focus only on core anti-malware features and ...

The website is down because someone removed the X-Box

What happens when a manager mistakes a server for a games console. ...

Xbox 360 Overhaul Arrives with New UI, Avatars

Xbox 360 owners who logon to the system's Xbox Live system this morning will receive the most significant functional change yet to the console's user interface, or dashboard. Dubbed the New Xbox Experience, this new front-end features a completely new ...
Related Events Check out our list of Free Email Newsletters!
Scripting eBooks Keeping Your Business Safe from Attack: Encryption and Certificate Services

Best Practices for Managing Linux and UNIX Servers

Building an Effective Reporting System
Related Scripting Resources Become a VIP member of the Windows IT Pro community!
Get it all with the VIP CD and VIP access. A $500+ value for only $279!

Subscribe to Windows IT Pro!
Solve your toughest technical problems with our experts and access 10,000 + articles online. 30% off

Monthly Online Pass - Only $5.95!
Get instant access to 10,000+ articles from Windows IT Pro Magazine!

TechNet Virtual Labs
Evaluate and test Microsoft's newest products.



ADS BY GOOGLE

Job Openings in IT SPONSORED LINKS FEATURED LINKS
Free Download –VS 2008 Training
Experts Ken Getz & Robert Green plus labs, code, courseware

Maximize speed, performance and reliablity of your PCs and servers—automatically!
Speed Up Your PC! Try Diskeeper 2008 with InvisiTasking Free Now!

Register for SolarWinds VM Monitor
Get X-Ray Vision into Your ESX Servers with SolarWinds FREE VM Monitor

GoGrid Offers FREE Trial for Windows Cloud Servers
Deploy Windows Server 2003 and 2008 with free load balancing through GoGrid’s award winning web-based GUI – all in less than 5 minutes

Order Your SQL Fundamentals CD Today!
Learn how to use SQL Server, understand Office integration techniques and dive into the essentials of SQL Express and Visual Basic with this free SQL Fundamentals CD.

How healthy is your Exchange Server? Find out Now!
Automatic Exchange Server Maintenance helps prevent disasters and improves performance. Download a FREE Exchange Server analysis tool.
You've Deployed SharePoint...Now What?
This one-day free online conference delivers the technical knowledge needed to kick MOSS up a notch. In one information-packed day, independent SharePoint experts will present practical, real-world information and provide take-away, ready-to-use solutions

Ease Your Scripting Pains with the Flexibility of PowerShell!
Paul Robichaux equips you with PowerShell basics in 3 introductory lessons, each followed by live Q&A—all on your own computer! Register today!

What Would You Do If You Ran Microsoft?
ITTV's 2008 inaugural video contest, "If I Ran Microsoft..." is your chance to tell it like it is. Be goofy or be serious, but don"t miss this chance to have fun, win prizes, and go viral in a major way.

Maximize Your SharePoint Investment
This web seminar discusses how true bi-directional replication of SharePoint content from one server to another enables branch offices to maintain access to current SharePoint content.

Rock Your Knowledge, and Compete with Friends and Colleagues!
Are you the Web Application Performance Guru in your office? It's time to have fun! Download now to access the crossword puzzle. Challenge yourself and complete this fun activity!
Windows IT Pro Home Register FAQ for Windows WinInfo News
Europe Edition About Us Contact Us/Customer Service Media Kit Affiliates / Licensing  
SQL Server Magazine Office & SharePoint Pro Windows Dev Pro IT Job Hound ITTV
IT Library Technology Resource Directory Connected Home Windows Excavator Windows SuperSite 
 
 Windows IT Pro is a Division of Penton Media Inc.
 Copyright © 2008 Penton Media, Inc., All rights reserved. Terms and Use | Privacy Statement | Reprints and Licensing