NOTE: The unix attribute is msSFU30UidNumber ... in my Server, you can doublecheck your value by browsing ldap path:LDAP://CN=" & strUnixDomain & ",CN=ypservers,CN=YPSERV30,CN=RpcServices,CN=System," &strDomain
#==Usage Example
D:\>cscript add-user.vbs John Smith Created: John Smith Username=John.Smith Password=3a5RurD4
#==Script Content
'UPN format: firstname.lastname@yourdomain.com.au
'Create new user in ou=Developers,dc=yourdomain,dc=com,dc=au
'Generate a random password and set it for the new user
'Set a free UnixUID based on msSFU30MaxUidNumber
'Set the pre-defined strUnixGid
'But no new Windows group membership assigned, it still belongs to domain users by default
'Author: http://honglus.blogspot.com
' ------ SCRIPT CONFIGURATION ------
strUnixShell ="/bin/bash"
strUnixDomain="yourdomain"
strUnixGid="300"
strDomain = "dc=yourdomain,dc=com,dc=au"
strDomainUPN="@yourdomain.com.au"
strParentDN = "ou=Developers," & strDomain
' Taken from ADS_USER_FLAG_ENUM
Const ADS_UF_NORMAL_ACCOUNT = 512
Const ADS_UF_DONT_EXPIRE_PASSWD = &h10000
' ------ END CONFIGURATION ---------
if (WScript.Arguments.Count <> 2 ) then
wscript.echo "*ERROR* Expected minimum input: 2, Given:"& WScript.Arguments.Count
wscript.echo "- USAGE: PROGRAM Firstname LastName"
wscript.echo "- EXAMPLE: PROGRAM John " &"""Enclose Space"""
wscript.quit
End if
strFirstName=WScript.Arguments.item(1)
strLastName=WScript.Arguments.item(2)
strLogin=WScript.Arguments.item(1) &"." & Script.Arguments.item(2)
strUnixuid=getMaxUid
strFullname = strFirstName & " " & strLastName
strUnixHome ="/home/"&strLogin
strUserpn = strLogin & strDomainUPN
set objParent = GetObject("LDAP://" & strParentDN)
Set objUser = objParent.Create("user", "cn=" & strFullname)
objUser.Put "sAMAccountName", strLogin
objUser.Put "UserPrincipalName", struserpn
objUser.Put "givenName", strFirstName
objUser.Put "sn", strLastName
objUser.Put "displayName", strFullName
objUser.Put "msSFU30NisDomain", strUnixDomain
objUser.Put "msSFU30UidNumber", strUnixUid
objUser.Put "msSFU30LoginShell", strUnixShell
objUser.Put "msSFU30HomeDirectory", strUnixHome
objUser.Put "msSFU30GidNumber", strUnixGid
objUser.SetInfo
strRndPass=RndPassword(8)
objUser.SetPassword(strRndPass)
objUser.AccountDisabled=FALSE
objUser.Put "userAccountControl", ADS_UF_DONT_EXPIRE_PASSWD
' objUser.Put "userAccountControl", ADS_UF_NORMAL_ACCOUNT
objUser.SetInfo
WScript.Echo "Created: " & strFirstName& " " strLastName &" Username=" &strlogin & " Password=" & strrndPass
'objParent.close
'
' Generate random password
'
Function RndPassword(vLength)
Randomize
' Always include a-z,A-Z,0-9
strPass3=strPass3& chr(Int((122 - 97 + 1) * Rnd + 97))
strPass3=strPass3& chr(Int((90 - 65 + 1) * Rnd + 65))
strPass3=strPass3& chr(Int((57 - 48 + 1) * Rnd + 48))
'Skip the 3 char already created
For x=4 To vLength
Randomize
intIndex=Int((3 - 1 + 1) * Rnd + 1) '[1-3]
select case intIndex
case 1
strPass = chr(Int((122 - 97 + 1) * Rnd + 97)) '[A-Z]
case 2
strPass=chr(Int((90 - 65 + 1) * Rnd + 65)) '[a-z]
case 3
strPass=chr(Int((57 - 48 + 1) * Rnd + 48)) '[0-9]
case Else
strPass=chr(Int((57 - 48 + 1) * Rnd + 48)) '[0-9]
end select
RndPassword = RndPassword & strPass
Next
RndPassword = RndPassword &strPass3
End Function
function getMaxUid
strquery="LDAP://CN=" & strUnixDomain & ",CN=ypservers,CN=YPSERV30,CN=RpcServices,CN=System," &strDomain
set ypdomain=getobject(StrQuery)
ypdomain.getinfo
uidmax=ypdomain.msSFU30MaxUidNumber
' wscript.echo "The current free Max UID=" &uidmax
getMaxUid=uidmax
'Increase Maxuid by 1
ypdomain.msSFU30MaxUidNumber=uidmax+1
ypdomain.setinfo
End function
Posts
No comments:
Post a Comment
Note: Only a member of this blog may post a comment.