Create AD User from User Input - Help Needed

[TomN]

Hi Guys, I'm trying to create a script that does the following;

Promt User for these;

- Last Name

- First Name

- Username

- Department <-- this will determine what OU to place the new User

I've been reading up on this all mroning long and have pieced together a few different code snippets. However, something isn't running correct cause it never creates the object. below is the code

CODE

#include <GuiConstants.au3>

; include array functions (we use _arraysearch in some functions)

#include <Array.au3>

#region ; Define AD Constants

Global Const $ADS_GROUP_TYPE_GLOBAL_GROUP = 0x2

Global Const $ADS_GROUP_TYPE_DOMAIN_LOCAL_GROUP = 0x4

Global Const $ADS_GROUP_TYPE_UNIVERSAL_GROUP = 0x8

Global Const $ADS_GROUP_TYPE_SECURITY_ENABLED = 0x80000000

Global Const $ADS_GROUP_TYPE_GLOBAL_SECURITY = BitOR($ADS_GROUP_TYPE_GLOBAL_GROUP, $ADS_GROUP_TYPE_SECURITY_ENABLED)

Global Const $ADS_GROUP_TYPE_UNIVERSAL_SECURITY = BitOR($ADS_GROUP_TYPE_UNIVERSAL_GROUP, $ADS_GROUP_TYPE_SECURITY_ENABLED)

Global Const $ADS_GROUP_TYPE_DOMAIN_LOCAL_SECURITY = BitOR($ADS_GROUP_TYPE_DOMAIN_LOCAL_GROUP, $ADS_GROUP_TYPE_SECURITY_ENABLED)

Global Const $ADS_UF_PASSWD_NOTREQD = 0x0020

Global Const $ADS_UF_WORKSTATION_TRUST_ACCOUNT = 0x1000

Global Const $ADS_ACETYPE_ACCESS_ALLOWED = 0x0

Global Const $ADS_ACETYPE_ACCESS_ALLOWED_OBJECT = 0x5

Global Const $ADS_FLAG_OBJECT_TYPE_PRESENT = 0x1

Global Const $ADS_RIGHT_GENERIC_READ = 0x80000000

Global Const $ADS_RIGHT_DS_SELF = 0x8

Global Const $ADS_RIGHT_DS_WRITE_PROP = 0x20

Global Const $ADS_RIGHT_DS_CONTROL_ACCESS = 0x100

Global Const $ADS_UF_ACCOUNTDISABLE = 2

Global Const $ADS_OPTION_SECURITY_MASK = 3

Global Const $ADS_SECURITY_INFO_DACL = 4

Global Const $ALLOWED_TO_AUTHENTICATE = "{68B1D179-0D15-4d4f-AB71-46152E79A7BC}"

Global Const $RECEIVE_AS = "{AB721A56-1E2f-11D0-9819-00AA0040529B}"

Global Const $SEND_AS = "{AB721A54-1E2f-11D0-9819-00AA0040529B}"

Global Const $USER_CHANGE_PASSWORD = "{AB721A53-1E2f-11D0-9819-00AA0040529b}"

Global Const $USER_FORCE_CHANGE_PASSWORD = "{00299570-246D-11D0-A768-00AA006E0529}"

Global Const $USER_ACCOUNT_RESTRICTIONS = "{4C164200-20C0-11D0-A768-00AA006E0529}"

Global Const $VALIDATED_DNS_HOST_NAME = "{72E39547-7B18-11D1-ADEF-00C04FD8D5CD}"

Global Const $VALIDATED_SPN = "{F3A64788-5306-11D1-A9C5-0000F80367C1}"

Const $Member_SchemaIDGuid = "{BF9679C0-0DE6-11D0-A285-00AA003049E2}"

Global $objConnection = ObjCreate("ADODB.Connection") ; Create COM object to AD

$objConnection.ConnectionString = "Provider=ADsDSOObject"

$objConnection.Open ("Active Directory Provider") ; Open connection to AD

Global $objRootDSE = ObjGet("LDAP://RootDSE")

Global $strDNSDomain = $objRootDSE.Get ("defaultNamingContext") ; Retrieve the current AD domain name

Global $strHostServer = $objRootDSE.Get ("dnsHostName") ; Retrieve the name of the connected DC

Global $strConfiguration = $objRootDSE.Get ("ConfigurationNamingContext") ; Retrieve the Configuration naming context

Global $loggedonusergroups ; populate this with the logged on user groups in your own app

#endregion

$oMyError = ObjEvent("AutoIt.Error", "_ADDoError") ; Install a custom error handler

; MyErrFunc

Func _ADDoError()

$HexNumber = Hex($oMyError.number, 8)

If $HexNumber = 80020009 Then

SetError(3)

Return

EndIf

If $HexNumber = "8007203A" Then

SetError(4)

Return

EndIf

MsgBox(262144, "", "We intercepted a COM Error !" & @CRLF & _

"Number is: " & $HexNumber & @CRLF & _

"Windescription is: " & $oMyError.windescription & @CRLF & _

"Script Line number is: " & $oMyError.scriptline)

Select

Case $oMyError.windescription = "Access is denied."

$objConnection.Close ("Active Directory Provider")

$objConnection.Open ("Active Directory Provider")

SetError(2)

Case 1

SetError(1)

EndSelect

EndFunc ;==>_ADDoError

$firstname = InputBox("User First Name", "Please type in the new User's First name")

$lastname = InputBox("User First Name", "Please type in the new User's Last name")

$user = InputBox("Username", "Please type in the new User's Username")

; GUI Creation

GuiCreate("Department?",250,80)

; Combo Box Creation

$combobox = GuiCtrlCreateCombo("Birmingham770-LO",10,10,150,20)

GuiCtrlSetData(-1,"Birmingham770-LendingTree|Birmingham770-Processing|Birmingham770-Underwriting|Birmingham770-Closing|Birmingham770-Marketing|Birmingham770-Receptionist|Birmingham770-HR|Birmingham770-IT")

; Button Creation

$button = GuiCtrlCreateButton("Go",10,40,60,20)

GUISetState(@SW_SHOW)

; Continuous Loop to check for GUI Events

While 1

$guimsg = GUIGetMsg()

Select

Case $guimsg = $button

MsgBox(0,"","You chose " & GUICtrlRead($combobox) & ".")

Select

Case GUICtrlRead($combobox) = "Birmingham770-LO"

; $userou = "Loan Officers=OU, Birmingham770=OU, Michigan=OU, Shore User Group=OU, shoremortgage=DC, com=DC"

$userou = "Users=OU,shoremortgage=DC,com=DC"

Call ("_ADCreateUser")

Exit

Case GUICtrlRead($combobox) = "Paint"

Run("mspaint.exe")

Exit

Case GUICtrlRead($combobox) = "Command Prompt"

Run("cmd.exe")

Exit

EndSelect

Case $guimsg = $GUI_EVENT_CLOSE

Exit

EndSelect

Wend

; _ADCreateUser

; $userou = OU to create the group in. Form is "sampleou=ou, sampleparent=ou, sampledomain1=dc, sampledomain2=dc, sampledomain3=dc"

; $user = Username, form is SamAccountName without leading 'CN='

; $firstname = First Name

; $lastname = Last Name

; $description = optional - Description

Func _ADCreateUser($userou, $user, $firstname, $lastname, $description = "Test User Creation Script")

If _ADObjectExists($user) Then Return 0

$ObjOU = ObjGet("LDAP://" & $strHostServer & "/" & $userou)

If $firstname = "" Then

$cnname = "CN=" & $lastname

Else

$cnname = "CN=" & $lastname & "\, " & $firstname

EndIf

$ObjUser = $ObjOU.Create ("User", $cnname)

$ObjUser.Put ("sAMAccountName", $user)

$ObjUser.Put ("description", $description)

$ObjUser.SetInfo

Return 1

EndFunc ;==>_ADCreateUser

Code runs fine and gives an error of 0, but nothing is placed into my AD. Can someone take a look at it and let me know what I'm missing? Thanks!