NOTE: The unix attribute is msSFU30UidNumber ... in my Server, you can doublecheck your value by browsing ldap path:LDAP://CN=" & strUnixDomain & ",CN=ypservers,CN=YPSERV30,CN=RpcServices,CN=System," &strDomain
#==Usage Example
D:\>cscript add-user.vbs John Smith Created: John Smith Username=John.Smith Password=3a5RurD4
#==Script Content
'UPN format: firstname.lastname@yourdomain.com.au 'Create new user in ou=Developers,dc=yourdomain,dc=com,dc=au 'Generate a random password and set it for the new user 'Set a free UnixUID based on msSFU30MaxUidNumber 'Set the pre-defined strUnixGid 'But no new Windows group membership assigned, it still belongs to domain users by default 'Author: http://honglus.blogspot.com ' ------ SCRIPT CONFIGURATION ------ strUnixShell ="/bin/bash" strUnixDomain="yourdomain" strUnixGid="300" strDomain = "dc=yourdomain,dc=com,dc=au" strDomainUPN="@yourdomain.com.au" strParentDN = "ou=Developers," & strDomain ' Taken from ADS_USER_FLAG_ENUM Const ADS_UF_NORMAL_ACCOUNT = 512 Const ADS_UF_DONT_EXPIRE_PASSWD = &h10000 ' ------ END CONFIGURATION --------- if (WScript.Arguments.Count <> 2 ) then wscript.echo "*ERROR* Expected minimum input: 2, Given:"& WScript.Arguments.Count wscript.echo "- USAGE: PROGRAM Firstname LastName" wscript.echo "- EXAMPLE: PROGRAM John " &"""Enclose Space""" wscript.quit End if strFirstName=WScript.Arguments.item(1) strLastName=WScript.Arguments.item(2) strLogin=WScript.Arguments.item(1) &"." & Script.Arguments.item(2) strUnixuid=getMaxUid strFullname = strFirstName & " " & strLastName strUnixHome ="/home/"&strLogin strUserpn = strLogin & strDomainUPN set objParent = GetObject("LDAP://" & strParentDN) Set objUser = objParent.Create("user", "cn=" & strFullname) objUser.Put "sAMAccountName", strLogin objUser.Put "UserPrincipalName", struserpn objUser.Put "givenName", strFirstName objUser.Put "sn", strLastName objUser.Put "displayName", strFullName objUser.Put "msSFU30NisDomain", strUnixDomain objUser.Put "msSFU30UidNumber", strUnixUid objUser.Put "msSFU30LoginShell", strUnixShell objUser.Put "msSFU30HomeDirectory", strUnixHome objUser.Put "msSFU30GidNumber", strUnixGid objUser.SetInfo strRndPass=RndPassword(8) objUser.SetPassword(strRndPass) objUser.AccountDisabled=FALSE objUser.Put "userAccountControl", ADS_UF_DONT_EXPIRE_PASSWD ' objUser.Put "userAccountControl", ADS_UF_NORMAL_ACCOUNT objUser.SetInfo WScript.Echo "Created: " & strFirstName& " " strLastName &" Username=" &strlogin & " Password=" & strrndPass 'objParent.close ' ' Generate random password ' Function RndPassword(vLength) Randomize ' Always include a-z,A-Z,0-9 strPass3=strPass3& chr(Int((122 - 97 + 1) * Rnd + 97)) strPass3=strPass3& chr(Int((90 - 65 + 1) * Rnd + 65)) strPass3=strPass3& chr(Int((57 - 48 + 1) * Rnd + 48)) 'Skip the 3 char already created For x=4 To vLength Randomize intIndex=Int((3 - 1 + 1) * Rnd + 1) '[1-3] select case intIndex case 1 strPass = chr(Int((122 - 97 + 1) * Rnd + 97)) '[A-Z] case 2 strPass=chr(Int((90 - 65 + 1) * Rnd + 65)) '[a-z] case 3 strPass=chr(Int((57 - 48 + 1) * Rnd + 48)) '[0-9] case Else strPass=chr(Int((57 - 48 + 1) * Rnd + 48)) '[0-9] end select RndPassword = RndPassword & strPass Next RndPassword = RndPassword &strPass3 End Function function getMaxUid strquery="LDAP://CN=" & strUnixDomain & ",CN=ypservers,CN=YPSERV30,CN=RpcServices,CN=System," &strDomain set ypdomain=getobject(StrQuery) ypdomain.getinfo uidmax=ypdomain.msSFU30MaxUidNumber ' wscript.echo "The current free Max UID=" &uidmax getMaxUid=uidmax 'Increase Maxuid by 1 ypdomain.msSFU30MaxUidNumber=uidmax+1 ypdomain.setinfo End function
No comments:
Post a Comment
Note: Only a member of this blog may post a comment.