Adding New Users To Active Directory/LDAP Server Using A Script

Discussion in 'Programming' started by pradeep, May 14, 2008.

  1. pradeep

    pradeep Team Leader

    Apr 4, 2005
    Likes Received:
    Trophy Points:
    Kolkata, India
    Home Page:
    As systems administrations/application integrations developers we always want to automate things like adding new users to the DC (Domain Controller)/Active Directory, so, here's a VBScript and Perl Script which can be used to add users, either from a uploaded CSV file, or in any way you want just by modifying a few lines. You'll understand the basic idea of how to acheive the task, for everything else there is for,while,etc.

    The VBScript reads a CSV file containing names, creates the users and sets a default password for the newly created users. This script needs to be run on the active directory itself.

     set WshShell = WScript.CreateObject("WScript.Shell")
     Set FSO = CreateObject("Scripting.FileSystemObject")
     Set NamesFile = FSO.OpenTextFile("dc_users.csv", 1)
     FullName = "NoName"
     do until namesfile.AtEndOfStream
         Temp = NamesFile.ReadLine
         NamesList = Nameslist & ", " & temp
         if temp <> "" then
             Seperator = instr(Temp, ",") + 1
             Seperator2 = instr((seperator), temp, ",") - 1
             FirstName = left(Temp, Seperator - 2)
             LastName = Mid(Temp, Seperator, Seperator2 - Seperator + 1)
             userName = Left(firstname,1) & lastname
             FullName = FirstName & " " & LastName
             Set objOU = GetObject("LDAP://ou=Development,dc=Go4Expert,dc=com")
             'create user account
             Set objUser = objOU.Create("user", "cn=" & FullName)
             objUser.Put "sAMAccountName", username
    = LastName
             objUser.givenname = FirstName
             objUser.physicalDeliveryOfficeName = "MD"
             objUser.displayname = FirstName & " " & LastName
             objUser.userPrincipalName = UserName & ""
             objUser.Description = "Developer"
             'things that have to be set after account created
             objUser.ChangePassword "", "password"
             objUser.AccountDisabled = FALSE
             objUser.Put "pwdLastSet", 0
             'put in to groups if required
             Set objGroup = GetObject("LDAP://cn=Developers,dc=Go4Expert,dc=com")
             objGroup.PutEx ADS_PROPERTY_APPEND, "member", Array("cn=" & FullName & ",ou=Development,dc=Go4Expert,dc=com")
         end if
    The Perl script uses an all-together different approach, for those who don't know, active directory also works like a LDAP server, so you can connect to it using LDAP and do you stuff! :) This script can be used to connect to the Active Directory from a different server/remote location to create the new user. You can modify the code to read a CSV file, like the VBScript example above.

     use Net::LDAPS;
     $Ad = Net::LDAPS->new("", version => 3, port => 636) or die("failed $!");
     print "Failed connecting" if(!$Ad);
     ## bind as an admin or someone who has privileges to create an user
     $b = $Ad->bind(dn => 'cn=Admin,cn=Developers,dc=Go4Expert,dc=com', password => 'adminzhsh') or die("failed $!; ".$b->error);
     $result = $ldap->add( 'cn=Developers,dc=Go4Expert,dc=com',
                            attr => [
                              'cn'   => 'Shabbir Bhimani',
                              'sn'   => 'Bhimani',
                              'mail' => 'shabbir @',
                              'objectclass' => ['top', 'person','organizationalPerson','inetOrgPerson' ]]
     $result->code && warn "failed to add entry: ", $result->error ;

Share This Page

  1. This site uses cookies to help personalise content, tailor your experience and to keep you logged in if you register.
    By continuing to use this site, you are consenting to our use of cookies.
    Dismiss Notice