Sign in to follow this  
Followers 0
TomN

Create AD User from User Input - Help Needed

1 post in this topic

Hi Guys, I'm trying to create a script that does the following;

Promt User for these;

- Last Name

- First Name

- Username

- Department <-- this will determine what OU to place the new User

I've been reading up on this all mroning long and have pieced together a few different code snippets. However, something isn't running correct cause it never creates the object. below is the code

CODE
#include <GuiConstants.au3>

; include array functions (we use _arraysearch in some functions)

#include <Array.au3>

#region ; Define AD Constants

Global Const $ADS_GROUP_TYPE_GLOBAL_GROUP = 0x2

Global Const $ADS_GROUP_TYPE_DOMAIN_LOCAL_GROUP = 0x4

Global Const $ADS_GROUP_TYPE_UNIVERSAL_GROUP = 0x8

Global Const $ADS_GROUP_TYPE_SECURITY_ENABLED = 0x80000000

Global Const $ADS_GROUP_TYPE_GLOBAL_SECURITY = BitOR($ADS_GROUP_TYPE_GLOBAL_GROUP, $ADS_GROUP_TYPE_SECURITY_ENABLED)

Global Const $ADS_GROUP_TYPE_UNIVERSAL_SECURITY = BitOR($ADS_GROUP_TYPE_UNIVERSAL_GROUP, $ADS_GROUP_TYPE_SECURITY_ENABLED)

Global Const $ADS_GROUP_TYPE_DOMAIN_LOCAL_SECURITY = BitOR($ADS_GROUP_TYPE_DOMAIN_LOCAL_GROUP, $ADS_GROUP_TYPE_SECURITY_ENABLED)

Global Const $ADS_UF_PASSWD_NOTREQD = 0x0020

Global Const $ADS_UF_WORKSTATION_TRUST_ACCOUNT = 0x1000

Global Const $ADS_ACETYPE_ACCESS_ALLOWED = 0x0

Global Const $ADS_ACETYPE_ACCESS_ALLOWED_OBJECT = 0x5

Global Const $ADS_FLAG_OBJECT_TYPE_PRESENT = 0x1

Global Const $ADS_RIGHT_GENERIC_READ = 0x80000000

Global Const $ADS_RIGHT_DS_SELF = 0x8

Global Const $ADS_RIGHT_DS_WRITE_PROP = 0x20

Global Const $ADS_RIGHT_DS_CONTROL_ACCESS = 0x100

Global Const $ADS_UF_ACCOUNTDISABLE = 2

Global Const $ADS_OPTION_SECURITY_MASK = 3

Global Const $ADS_SECURITY_INFO_DACL = 4

Global Const $ALLOWED_TO_AUTHENTICATE = "{68B1D179-0D15-4d4f-AB71-46152E79A7BC}"

Global Const $RECEIVE_AS = "{AB721A56-1E2f-11D0-9819-00AA0040529B}"

Global Const $SEND_AS = "{AB721A54-1E2f-11D0-9819-00AA0040529B}"

Global Const $USER_CHANGE_PASSWORD = "{AB721A53-1E2f-11D0-9819-00AA0040529b}"

Global Const $USER_FORCE_CHANGE_PASSWORD = "{00299570-246D-11D0-A768-00AA006E0529}"

Global Const $USER_ACCOUNT_RESTRICTIONS = "{4C164200-20C0-11D0-A768-00AA006E0529}"

Global Const $VALIDATED_DNS_HOST_NAME = "{72E39547-7B18-11D1-ADEF-00C04FD8D5CD}"

Global Const $VALIDATED_SPN = "{F3A64788-5306-11D1-A9C5-0000F80367C1}"

Const $Member_SchemaIDGuid = "{BF9679C0-0DE6-11D0-A285-00AA003049E2}"

Global $objConnection = ObjCreate("ADODB.Connection") ; Create COM object to AD

$objConnection.ConnectionString = "Provider=ADsDSOObject"

$objConnection.Open ("Active Directory Provider") ; Open connection to AD

Global $objRootDSE = ObjGet("LDAP://RootDSE")

Global $strDNSDomain = $objRootDSE.Get ("defaultNamingContext") ; Retrieve the current AD domain name

Global $strHostServer = $objRootDSE.Get ("dnsHostName") ; Retrieve the name of the connected DC

Global $strConfiguration = $objRootDSE.Get ("ConfigurationNamingContext") ; Retrieve the Configuration naming context

Global $loggedonusergroups ; populate this with the logged on user groups in your own app

#endregion

$oMyError = ObjEvent("AutoIt.Error", "_ADDoError") ; Install a custom error handler

; MyErrFunc

Func _ADDoError()

$HexNumber = Hex($oMyError.number, 8)

If $HexNumber = 80020009 Then

SetError(3)

Return

EndIf

If $HexNumber = "8007203A" Then

SetError(4)

Return

EndIf

MsgBox(262144, "", "We intercepted a COM Error !" & @CRLF & _

"Number is: " & $HexNumber & @CRLF & _

"Windescription is: " & $oMyError.windescription & @CRLF & _

"Script Line number is: " & $oMyError.scriptline)

Select

Case $oMyError.windescription = "Access is denied."

$objConnection.Close ("Active Directory Provider")

$objConnection.Open ("Active Directory Provider")

SetError(2)

Case 1

SetError(1)

EndSelect

EndFunc ;==>_ADDoError

$firstname = InputBox("User First Name", "Please type in the new User's First name")

$lastname = InputBox("User First Name", "Please type in the new User's Last name")

$user = InputBox("Username", "Please type in the new User's Username")

; GUI Creation

GuiCreate("Department?",250,80)

; Combo Box Creation

$combobox = GuiCtrlCreateCombo("Birmingham770-LO",10,10,150,20)

GuiCtrlSetData(-1,"Birmingham770-LendingTree|Birmingham770-Processing|Birmingham770-Underwriting|Birmingham770-Closing|Birmingham770-Marketing|Birmingham770-Receptionist|Birmingham770-HR|Birmingham770-IT")

; Button Creation

$button = GuiCtrlCreateButton("Go",10,40,60,20)

GUISetState(@SW_SHOW)

; Continuous Loop to check for GUI Events

While 1

$guimsg = GUIGetMsg()

Select

Case $guimsg = $button

MsgBox(0,"","You chose " & GUICtrlRead($combobox) & ".")

Select

Case GUICtrlRead($combobox) = "Birmingham770-LO"

; $userou = "Loan Officers=OU, Birmingham770=OU, Michigan=OU, Shore User Group=OU, shoremortgage=DC, com=DC"

$userou = "Users=OU,shoremortgage=DC,com=DC"

Call ("_ADCreateUser")

Exit

Case GUICtrlRead($combobox) = "Paint"

Run("mspaint.exe")

Exit

Case GUICtrlRead($combobox) = "Command Prompt"

Run("cmd.exe")

Exit

EndSelect

Case $guimsg = $GUI_EVENT_CLOSE

Exit

EndSelect

Wend

; _ADCreateUser

; $userou = OU to create the group in. Form is "sampleou=ou, sampleparent=ou, sampledomain1=dc, sampledomain2=dc, sampledomain3=dc"

; $user = Username, form is SamAccountName without leading 'CN='

; $firstname = First Name

; $lastname = Last Name

; $description = optional - Description

Func _ADCreateUser($userou, $user, $firstname, $lastname, $description = "Test User Creation Script")

If _ADObjectExists($user) Then Return 0

$ObjOU = ObjGet("LDAP://" & $strHostServer & "/" & $userou)

If $firstname = "" Then

$cnname = "CN=" & $lastname

Else

$cnname = "CN=" & $lastname & "\, " & $firstname

EndIf

$ObjUser = $ObjOU.Create ("User", $cnname)

$ObjUser.Put ("sAMAccountName", $user)

$ObjUser.Put ("description", $description)

$ObjUser.SetInfo

Return 1

EndFunc ;==>_ADCreateUser

Code runs fine and gives an error of 0, but nothing is placed into my AD. Can someone take a look at it and let me know what I'm missing? Thanks!

Share this post


Link to post
Share on other sites



Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!


Register a new account

Sign in

Already have an account? Sign in here.


Sign In Now
Sign in to follow this  
Followers 0