Go4Expert - View Single Post - Adding New Users To Active Directory/LDAP Server Using A Script

pradeep

As systems administrations/application integrations developers we always want to automate things like adding new users to the DC (Domain Controller)/Active Directory, so, here's a VBScript and Perl Script which can be used to add users, either from a uploaded CSV file, or in any way you want just by modifying a few lines. You'll understand the basic idea of how to acheive the task, for everything else there is for,while,etc.

The VBScript reads a CSV file containing names, creates the users and sets a default password for the newly created users. This script needs to be run on the active directory itself.

Code: VB

Const ADS_PROPERTY_APPEND = 3
 set WshShell = WScript.CreateObject("WScript.Shell")
 Set FSO = CreateObject("Scripting.FileSystemObject")
 
 Set NamesFile = FSO.OpenTextFile("dc_users.csv", 1)
 FullName = "NoName"
 
 do until namesfile.AtEndOfStream
 
     Temp = NamesFile.ReadLine
     NamesList = Nameslist & ", " & temp
     if temp <> "" then
         Seperator = instr(Temp, ",") + 1
         Seperator2 = instr((seperator), temp, ",") - 1
         FirstName = left(Temp, Seperator - 2)
         LastName = Mid(Temp, Seperator, Seperator2 - Seperator + 1)
         userName = Left(firstname,1) & lastname
         FullName = FirstName & " " & LastName
 
         Set objOU = GetObject("LDAP://ou=Development,dc=Go4Expert,dc=com")
 
         'create user account
         Set objUser = objOU.Create("user", "cn=" & FullName)
         objUser.Put "sAMAccountName", username
         objUser.sn = LastName
         objUser.givenname = FirstName
         objUser.physicalDeliveryOfficeName = "MD"
         objUser.displayname = FirstName & " " & LastName
         objUser.userPrincipalName = UserName & "@go4expert.com"
         objUser.Description = "Developer"
         objUser.SetInfo
 
         'things that have to be set after account created
         objUser.ChangePassword "", "password"
         objUser.AccountDisabled = FALSE
         objUser.Put "pwdLastSet", 0
         objUser.SetInfo
 
         'put in to groups if required
         Set objGroup = GetObject("LDAP://cn=Developers,dc=Go4Expert,dc=com")
         objGroup.PutEx ADS_PROPERTY_APPEND, "member", Array("cn=" & FullName & ",ou=Development,dc=Go4Expert,dc=com")
         objGroup.SetInfo
 
     end if
 
 loop
 
 NamesFile.close

The Perl script uses an all-together different approach, for those who don't know, active directory also works like a LDAP server, so you can connect to it using LDAP and do you stuff! :-) This script can be used to connect to the Active Directory from a different server/remote location to create the new user. You can modify the code to read a CSV file, like the VBScript example above.

Code: Perl

#!/usr/bin/perl
 
 use Net::LDAPS;
 
 $Ad = Net::LDAPS->new("ldap.go4expert.com", version => 3, port => 636) or die("failed $!");
 print "Failed connecting" if(!$Ad);
 
 ## bind as an admin or someone who has privileges to create an user
 $b = $Ad->bind(dn => 'cn=Admin,cn=Developers,dc=Go4Expert,dc=com', password => 'adminzhsh') or die("failed $!; ".$b->error);
 
 $result = $ldap->add( 'cn=Developers,dc=Go4Expert,dc=com',
                        attr => [
                          'cn'   => 'Shabbir Bhimani',
                          'sn'   => 'Bhimani',
                          'mail' => 'shabbir @ go4expert.com',
                          'objectclass' => ['top', 'person','organizationalPerson','inetOrgPerson' ]]
                      );
 
 $result->code && warn "failed to add entry: ", $result->error ;