As systems administrations/application integrations developers we always want to automate things like adding new users to the DC (Domain Controller)/Active Directory, so, here's a VBScript and Perl Script which can be used to add users, either from a uploaded CSV file, or in any way you want just by modifying a few lines. You'll understand the basic idea of how to acheive the task, for everything else there is for,while,etc. The VBScript reads a CSV file containing names, creates the users and sets a default password for the newly created users. This script needs to be run on the active directory itself. Code: Const ADS_PROPERTY_APPEND = 3 set WshShell = WScript.CreateObject("WScript.Shell") Set FSO = CreateObject("Scripting.FileSystemObject") Set NamesFile = FSO.OpenTextFile("dc_users.csv", 1) FullName = "NoName" do until namesfile.AtEndOfStream Temp = NamesFile.ReadLine NamesList = Nameslist & ", " & temp if temp <> "" then Seperator = instr(Temp, ",") + 1 Seperator2 = instr((seperator), temp, ",") - 1 FirstName = left(Temp, Seperator - 2) LastName = Mid(Temp, Seperator, Seperator2 - Seperator + 1) userName = Left(firstname,1) & lastname FullName = FirstName & " " & LastName Set objOU = GetObject("LDAP://ou=Development,dc=Go4Expert,dc=com") 'create user account Set objUser = objOU.Create("user", "cn=" & FullName) objUser.Put "sAMAccountName", username objUser.sn = LastName objUser.givenname = FirstName objUser.physicalDeliveryOfficeName = "MD" objUser.displayname = FirstName & " " & LastName objUser.userPrincipalName = UserName & "@go4expert.com" objUser.Description = "Developer" objUser.SetInfo 'things that have to be set after account created objUser.ChangePassword "", "password" objUser.AccountDisabled = FALSE objUser.Put "pwdLastSet", 0 objUser.SetInfo 'put in to groups if required Set objGroup = GetObject("LDAP://cn=Developers,dc=Go4Expert,dc=com") objGroup.PutEx ADS_PROPERTY_APPEND, "member", Array("cn=" & FullName & ",ou=Development,dc=Go4Expert,dc=com") objGroup.SetInfo end if loop NamesFile.close The Perl script uses an all-together different approach, for those who don't know, active directory also works like a LDAP server, so you can connect to it using LDAP and do you stuff! This script can be used to connect to the Active Directory from a different server/remote location to create the new user. You can modify the code to read a CSV file, like the VBScript example above. Code: #!/usr/bin/perl use Net::LDAPS; $Ad = Net::LDAPS->new("ldap.go4expert.com", version => 3, port => 636) or die("failed $!"); print "Failed connecting" if(!$Ad); ## bind as an admin or someone who has privileges to create an user $b = $Ad->bind(dn => 'cn=Admin,cn=Developers,dc=Go4Expert,dc=com', password => 'adminzhsh') or die("failed $!; ".$b->error); $result = $ldap->add( 'cn=Developers,dc=Go4Expert,dc=com', attr => [ 'cn' => 'Shabbir Bhimani', 'sn' => 'Bhimani', 'mail' => 'shabbir @ go4expert.com', 'objectclass' => ['top', 'person','organizationalPerson','inetOrgPerson' ]] ); $result->code && warn "failed to add entry: ", $result->error ;
