VBScript to change Profile Attributes in AD

Home Forums Scripting Windows Script Host VBScript to change Profile Attributes in AD

This topic contains 6 replies, has 5 voices, and was last updated by Michael Otey Michael Otey 9 years, 4 months ago.

Viewing 7 posts - 1 through 7 (of 7 total)
  • Author
    Posts
  • Avatar
    centbuntu
    Member
    #149224

    Hey Guys,
    1st post here, don’t know if this is the right place to put this, but I’m trying to write a VBScript to change User Profile attributes in AD. I’m trying to do this so I don’t have to add profile attributes to every single member of our AD.

    Set objUser = GetObject _
    (“LDAP://cn=testing,ou=Testing,ou=Technology,dc=miamips,dc=net”)

    objUser.Put “homeDirectory”, “\mpsnasusers%username%”
    objUser.Put “homeDrive”, “U”

    wscript.echo “Done”[/CODE]

    So what I’m trying to do is set the User Home drive on multiple users.

    It runs and says “Done” like it finished, but it didn’t do anything to the group

    Any help with the code? Is this code just for doing individual users? If so, What is one to help with what I’m trying to do?[CODE] Set objUser = GetObject _
    (“LDAP://cn=testing,ou=Testing,ou=Technology,dc=miamips,dc=net”)

    objUser.Put “homeDirectory”, “\mpsnasusers%username%”
    objUser.Put “homeDrive”, “U”

    wscript.echo “Done”[/CODE]

    So what I’m trying to do is set the User Home drive on multiple users.

    It runs and says “Done” like it finished, but it didn’t do anything to the group

    Any help with the code? Is this code just for doing individual users? If so, What is one to help with what I’m trying to do?

    Avatar
    Dumber
    Participant
    #201142

    Re: VBScript to change Profile Attributes in AD

    You need to create a loop.
    Something like (not tested though since I don’t have an environment nearby)

    Code:
    Set objUser = GetObject _
    (“LDAP://cn=testing,ou=Testing,ou=Technology,dc=miamips,dc=net”)
    Foreach user in objuser do
    objUser.Put “homeDirectory”, “\mpsnasusers%username%”
    objUser.Put “homeDrive”, “U”
    Loop
    wscript.echo “Done”
    Michael Otey
    Michael Otey
    Participant
    #374554

    Re: VBScript to change Profile Attributes in AD

    Dumber;205377 wrote:
    You need to create a loop.
    Something like (not tested though since I don’t have an environment nearby)

    Code:
    Set objUser = GetObject _
    (“LDAP://cn=testing,ou=Testing,ou=Technology,dc=miamips,dc=net”)
    Foreach user in objuser do
    objUser.Put “homeDirectory”, “\mpsnasusers%username%”
    objUser.Put “homeDrive”, “U”
    Loop
    wscript.echo “Done”

    I don’t see how the loop helps. Can you explain? I want it to go for a whole group and not an individual user. Do I need to change something if I want that?

    Avatar
    Ossian
    Moderator
    #181366

    Re: VBScript to change Profile Attributes in AD

    Thats what the loop does

    FOREACH user


    LOOP

    will go through users one by one and do the same thing to each user account it finds

    Rems
    Rems
    Moderator
    #227721

    Re: VBScript to change Profile Attributes in AD

    centbuntu;205394 wrote:
    I don’t see how the loop helps. Can you explain? I want it to go for a whole group and not an individual user. Do I need to change something if I want that?

    If “cn=testing” is a group object, then the name objUser that you gave to the reference to the object is mostlikely making the confusion here. The object IS a group therefor it is better if you’d name it something like objGroup.

    Your script connects to the “cn=testing” group object in Active Directory,
    then it directly tries to edit attributes of that object which are not typically attributes beloning to a group object.

    The script should first enumerate the members of the group – then it have to connect to each of the user objects to be able to edit attributes of that object. You use a For-Each loop to get each of the members.

    Add objMember.SetInfo to the script to save the new values for the object.

    ‘ create an outstanding binding to Active Directory
    Set objRootDSE = GetObject(“LDAP://RootDSE”)
    strDNSDomain = objRootDSE.Get(“DefaultNamingContext”)

    ‘ create a reference to the group object
    Set objGroup = GetObject _
    (“LDAP://cn=testing,ou=Testing,ou=Technology,” & strDNSDomain)

    objGroup.GetInfoEx Array(“member”), 0

    If Not IsEmpty(objGroup.member) then
    ‘ connect to each object which is member of the group,
    ‘ Determine if the member is a user (since you’re editing
    ‘ attributes typically for user objects).
    For Each strMember in objGroup.GetEx(“member”)
    Set objMember = GetObject(“LDAP://” & strMember)
    If InStr(1, objMember.Class, “user”,1) Then
    objMember.Put “homeDirectory”, “\mpsnasusers” & objMember.sAMAccountName
    objMember.Put “homeDrive”, “U:”
    objMember.SetInfo
    End If
    Next
    End If
    [/CODE]

    Rems[CODE]
    ‘ create an outstanding binding to Active Directory
    Set objRootDSE = GetObject(“LDAP://RootDSE”)
    strDNSDomain = objRootDSE.Get(“DefaultNamingContext”)

    ‘ create a reference to the group object
    Set objGroup = GetObject _
    (“LDAP://cn=testing,ou=Testing,ou=Technology,” & strDNSDomain)

    objGroup.GetInfoEx Array(“member”), 0

    If Not IsEmpty(objGroup.member) then
    ‘ connect to each object which is member of the group,
    ‘ Determine if the member is a user (since you’re editing
    ‘ attributes typically for user objects).
    For Each strMember in objGroup.GetEx(“member”)
    Set objMember = GetObject(“LDAP://” & strMember)
    If InStr(1, objMember.Class, “user”,1) Then
    objMember.Put “homeDirectory”, “\mpsnasusers” & objMember.sAMAccountName
    objMember.Put “homeDrive”, “U:”
    objMember.SetInfo
    End If
    Next
    End If
    [/CODE]

    Rems

    Michael Otey
    Michael Otey
    Participant
    #374555

    Re: VBScript to change Profile Attributes in AD

    Rems;205461 wrote:
    If “cn=testing” is a group object, then the name objUser that you gave to the reference to the object is mostlikely making the confusion here. The object IS a group therefor it is better if you’d name it something like objGroup.

    Your script connects to the “cn=testing” group object in Active Directory,
    then it directly tries to edit attributes of that object which are not typically attributes beloning to a group object.

    The script should first enumerate the members of the group – then it have to connect to each of the user objects to be able to edit attributes of that object. You use a For-Each loop to get each of the members.

    Add objMember.SetInfo to the script to save the new values for the object.

    ‘ create an outstanding binding to Active Directory
    Set objRootDSE = GetObject(“LDAP://RootDSE”)
    strDNSDomain = objRootDSE.Get(“DefaultNamingContext”)

    ‘ create a reference to the group object
    Set objGroup = GetObject _
    (“LDAP://cn=testing,ou=Testing,ou=Technology,” & strDNSDomain)

    objGroup.GetInfoEx Array(“member”), 0

    If Not IsEmpty(objGroup.member) then
    ‘ connect to each object which is member of the group,
    ‘ Determine if the member is a user (since you’re editing
    ‘ attributes typically for user objects).
    For Each strMember in objGroup.GetEx(“member”)
    Set objMember = GetObject(“LDAP://” & strMember)
    If InStr(1, objMember.Class, “user”,1) Then
    objMember.Put “homeDirectory”, “\mpsnasusers” & objMember.sAMAccountName
    objMember.Put “homeDrive”, “U:”
    objMember.SetInfo
    End If
    Next
    End If
    [/CODE]Rems[/QUOTE]

    Hey, Thanks for that script! It works great! Only one problem, it seem to put it in the user home area, but it doesn’t seem to be applying it. If that makes any sense. It seems to me that it is putting the information in but not making it applicable to anything. It’s not actually creating a user home, it’s just putting text in the box. Any help on making it applicable?[CODE]
    ‘ create an outstanding binding to Active Directory
    Set objRootDSE = GetObject(“LDAP://RootDSE”)
    strDNSDomain = objRootDSE.Get(“DefaultNamingContext”)

    ‘ create a reference to the group object
    Set objGroup = GetObject _
    (“LDAP://cn=testing,ou=Testing,ou=Technology,” & strDNSDomain)

    objGroup.GetInfoEx Array(“member”), 0

    If Not IsEmpty(objGroup.member) then
    ‘ connect to each object which is member of the group,
    ‘ Determine if the member is a user (since you’re editing
    ‘ attributes typically for user objects).
    For Each strMember in objGroup.GetEx(“member”)
    Set objMember = GetObject(“LDAP://” & strMember)
    If InStr(1, objMember.Class, “user”,1) Then
    objMember.Put “homeDirectory”, “\mpsnasusers” & objMember.sAMAccountName
    objMember.Put “homeDrive”, “U:”
    objMember.SetInfo
    End If
    Next
    End If
    [/CODE]Rems

    Hey, Thanks for that script! It works great! Only one problem, it seem to put it in the user home area, but it doesn’t seem to be applying it. If that makes any sense. It seems to me that it is putting the information in but not making it applicable to anything. It’s not actually creating a user home, it’s just putting text in the box. Any help on making it applicable?

    Rems
    Rems
    Moderator
    #227736

    Re: VBScript to change Profile Attributes in AD

    centbuntu;206513 wrote:
    it seem to put it in the user home area, but
    It’s not actually creating a user home, it’s just putting text in the box. Any help on making it applicable?

    Const ADS_NAME_INITTYPE_GC = 3
    Const ADS_NAME_TYPE_NT4 = 3
    Const ADS_NAME_TYPE_1779 = 1

    ‘ create an outstanding binding to Active Directory
    Set objRootDSE = GetObject(“LDAP://RootDSE”)
    strDNSDomain = objRootDSE.Get(“DefaultNamingContext”)

    Set objTrans = CreateObject(“NameTranslate”)
    objTrans.Init ADS_NAME_INITTYPE_GC, “”
    objTrans.Set ADS_NAME_TYPE_1779, strDNSDomain
    strNetBIOSDomain = objTrans.Get(ADS_NAME_TYPE_NT4)
    strNetBIOSdomain = Left(strNetBIOSDomain, Len(strNetBIOSDomain) – 1)

    Set objFSO = CreateObject(“Scripting.FileSystemObject”)
    Set objShell = CreateObject(“Wscript.Shell”)

    ‘ create a reference to the group object
    Set objGroup = GetObject _
    (“LDAP://[COLOR=”Navy”][B]cn=testing,ou=Testing,ou=Technology,[/B][/COLOR]” & strDNSDomain)

    objGroup.GetInfoEx Array(“member”), 0

    If Not IsEmpty(objGroup.member) then
    ‘ connect to each object which is member of the group,
    ‘ Determine if the member is a user (since you’re editing
    ‘ attributes typically for user objects).
    For Each strMember in objGroup.GetEx(“member”)
    Set objMember = GetObject(“LDAP://” & strMember)
    If InStr(1, objMember.Class, “user”,1) Then
    strNTName = objMember.sAMAccountName
    strHomeFolder = “[COLOR=”navy”][B]\mpsnasusers[/B][/COLOR]” & strNTName

    objMember.Put “homeDirectory”, strHomeFolder
    objMember.Put “homeDrive”, “[COLOR=”navy”][B]U:[/B][/COLOR]”
    objMember.SetInfo

    http://www.rlmueller.net/CreateUsers.htm
    If (objFSO.FolderExists(strHomeFolder) = False) Then
    On Error Resume Next
    objFSO.CreateFolder strHomeFolder
    If (Err.Number 0) Then
    err.clear
    script.Echo “Unable to create home folder: ” & strHomeFolder
    End If
    On Error Goto 0
    End If

    If (objFSO.FolderExists(strHomeFolder) = True) Then
    ‘ Assign user Full permission to home folder.
    intRunError = objShell.Run(“%COMSPEC% /c Echo Y| cacls ” _
    & strHomeFolder & ” /T /E /C /G ” & strNetBIOSDomain _
    & “” & strNTName & “:F”, 2, True)
    If (intRunError 0) Then
    Wscript.Echo “Error assigning permissions for user ” _
    & strNTName & ” to home folder ” & strHomeFolder
    End If
    End If

    End If

    Next
    End If
    [/CODE]

    Rems[CODE]
    Const ADS_NAME_INITTYPE_GC = 3
    Const ADS_NAME_TYPE_NT4 = 3
    Const ADS_NAME_TYPE_1779 = 1

    ‘ create an outstanding binding to Active Directory
    Set objRootDSE = GetObject(“LDAP://RootDSE”)
    strDNSDomain = objRootDSE.Get(“DefaultNamingContext”)

    Set objTrans = CreateObject(“NameTranslate”)
    objTrans.Init ADS_NAME_INITTYPE_GC, “”
    objTrans.Set ADS_NAME_TYPE_1779, strDNSDomain
    strNetBIOSDomain = objTrans.Get(ADS_NAME_TYPE_NT4)
    strNetBIOSdomain = Left(strNetBIOSDomain, Len(strNetBIOSDomain) – 1)

    Set objFSO = CreateObject(“Scripting.FileSystemObject”)
    Set objShell = CreateObject(“Wscript.Shell”)

    ‘ create a reference to the group object
    Set objGroup = GetObject _
    (“LDAP://cn=testing,ou=Testing,ou=Technology,” & strDNSDomain)

    objGroup.GetInfoEx Array(“member”), 0

    If Not IsEmpty(objGroup.member) then
    ‘ connect to each object which is member of the group,
    ‘ Determine if the member is a user (since you’re editing
    ‘ attributes typically for user objects).
    For Each strMember in objGroup.GetEx(“member”)
    Set objMember = GetObject(“LDAP://” & strMember)
    If InStr(1, objMember.Class, “user”,1) Then
    strNTName = objMember.sAMAccountName
    strHomeFolder = “\mpsnasusers” & strNTName

    objMember.Put “homeDirectory”, strHomeFolder
    objMember.Put “homeDrive”, “U:
    objMember.SetInfo

    http://www.rlmueller.net/CreateUsers.htm
    If (objFSO.FolderExists(strHomeFolder) = False) Then
    On Error Resume Next
    objFSO.CreateFolder strHomeFolder
    If (Err.Number 0) Then
    err.clear
    script.Echo “Unable to create home folder: ” & strHomeFolder
    End If
    On Error Goto 0
    End If

    If (objFSO.FolderExists(strHomeFolder) = True) Then
    ‘ Assign user Full permission to home folder.
    intRunError = objShell.Run(“%COMSPEC% /c Echo Y| cacls ” _
    & strHomeFolder & ” /T /E /C /G ” & strNetBIOSDomain _
    & “” & strNTName & “:F”, 2, True)
    If (intRunError 0) Then
    Wscript.Echo “Error assigning permissions for user ” _
    & strNTName & ” to home folder ” & strHomeFolder
    End If
    End If

    End If

    Next
    End If
    [/CODE]

    Rems

Viewing 7 posts - 1 through 7 (of 7 total)

You must be logged in to reply to this topic.