Tech Friday: Adding Network User Accounts

I am currently configuring user accounts for a Windows 2003 server, and for the first time ever, I want to automate adding accounts.  Checking the Windows Command-Line Administrator’s Pocket Consultant I find the following command syntax:  

dsadd user  UserDN  -samid SAMName
[-upn UPN] [-fn FirstName] [-mi Initial]
[-ln LastName] [-display DisplayName]
[-empid EmployeeID] [-pwd {Password|*}]
[-desc Description] [-memberof Group;...]
[-office Office] [-tel PhoneNumber]
[-email Email][-hometel HomePhoneNumber]
[-pager PagerNumber] [-mobile CellPhoneNumber]
[-fax FaxNumber] [-iptel IPPhoneNumber][-webpg WebPage]
[-title Title] [-dept Department] [-company Company]
[-mgr Manager] [-hmdir HomeDirectory]
[-hmdrv DriveLetter:] [-profile ProfilePath]
[-loscr ScriptPath] [-mustchpwd {yes | no}]
[-canchpwd {yes | no}] [-reversiblepwd {yes | no}]
[-pwdneverexpires {yes | no}] [-acctexpires NumberOfDays]
[-disabled {yes | no}] [{-s Server | -d Domain}]
[-u UserName][-p {Password | *}] [-q]

Even trying this to add a single account is pretty discouraging. The syntax is described on the Microsoft XP web site.

Then I remember that I’m a database programmer, and that Active Directory is really only a database. And you would think that you could put all the users into a database file, and write a “report” which is really a .CMD file to add all of the users. So I managed to do this. I wrote it up. Automating Creation of Active Directory User Accounts. (Adobe Acrobat .pdf) With a title like that it sounds like a stuffy academic paper. A further search of the, um,  literature reveals:

Simplify Tedious Administration Tasks With Windows Scripting, which mentions creating an AD user using Windows Scripting, and the Active Directory objects. The example, like all other others I’ve seen only show the creation of a single user account, which is fine for an example. but none of this makes much sense until you are looking at 30 accounts or more.

I’m still poking about to find other examples of creating a larger number of users.  An older book, Windows NT User Administration (the octopus book) from O’Reilly has a very nice discussion of account creation for Windows NT using Perl. Maybe there is more in some of the newer Windows Administrator scripting books. And, sorry, Tech Friday turned into Tech Monday.


Leave a Reply

Fill in your details below or click an icon to log in: Logo

You are commenting using your account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s