When faced with the need to create 50 new users in a brand, spanking new Windows 2008 R2 Active Directory Domain, our heroine did what most hero(ines) would do ... search for a command line tool to help her out.
So I searched, and first found "ldifde" which was, essentially a giant pain in the petunia, to quote a Disney fairy.
Then I found DSADD! Oh how I love you DSADD! For those script minded folks, you can do cool things with VB scripts and excel imports using dsadd, but I was happy to copy and paste.
Here's a string that worked, btw, with identifying names and domains changed to protect the innocent and private.
dsadd user "cn=Julie Smith,ou=ABUsers,dc=mydomain,dc=local" -fn Julie -ln Smith -display "Julie Smith" -disabled no -pwd Something123 -mustchpwd yes -tel 212.555.1111 -samid ud -email julie@mydomain.com -upn julie@mydomain.local
One gotcha, that got me good. I had users in an Excel table, that I added columns and text around to create the format above, then copy/paste into Word to search out extra tabs, spaces and the like. Word got all smarty-pants on me and switched out the plain-text double quote (") with Smartie-pants quotes that wrapped around. DSAdd complained and whined about these and refused to play nice.
dsadd failed: ... :A referral was returned from the server.
This also happens if you're trying to add a user to a OU or DC that doesn't exist, btw.
p.s. with love from Microsoft
2 comments:
DSAdd is OK, here's a script you can use pulling the users directly from a delimited file (Excel export).
--
sample delimited file:
--
KaitlynZ Zimmer Kaitlyn pw123 OU=Fennimore,DC=company,DC=com \\fs1.company.com\Users\KaitlynZ L: company.com
--
js script:
--
/* AD user import script
*
* Expects a tab delimited file as the first argument with the following format:
* username, firstname, lastname, password, ou, homedir, homedrive, domain
*
* $Id$
*/
/* Format consts */
var username = 0;
var firstname = 1;
var lastname = 2;
var password = 3;
var ou = 4;
var homedir = 5;
var homedrive = 6;
var domain = 7;
if(WScript.Arguments.length != 1)
{
WScript.Echo("Usage: ad_import.js [importfile.txt]");
WScript.Quit(1);
}
var fs = WScript.CreateObject("Scripting.FileSystemObject");
var fp = fs.GetFile(WScript.Arguments(0)).OpenAsTextStream(1, 0);
var count = 0;
while(!fp.AtEndOfStream)
{
try
{
var line = fp.ReadLine().replace("\n", "").split("\t");
var iou = GetObject("LDAP://" + line[ou]);
var u = iou.Create("user", "CN=" + line[firstname] + " " + line[lastname]);
u.Put("sAMAccountName", line[username]);
u.Put("sn", line[lastname]);
u.Put("givenName", line[firstname]);
u.Put("userPrincipalName", line[username] + "@" + line[domain]);
u.Put("homeDirectory", line[homedir]);
u.Put("homeDrive", line[homedrive]);
u.SetInfo();
/* Set password and "normal user" account flags */
u.SetPassword(line[password]);
u.AccountDisabled = false;
u.Put("userAccountControl", 0x0200);
u.SetInfo();
count++;
}
catch(err)
{
WScript.Echo("Error importing user " + line[username] + ": " +
err.description + "(" + err.number + ")");
}
}
fp.Close();
WScript.Echo(count + " users imported.");
--
DSAdd is OK, here's a script you can use pulling the users directly from a delimited file (Excel export).
--
sample delimited file:
--
KaitlynZ Zimmer Kaitlyn pw123 OU=Fennimore,DC=company,DC=com \\fs1.company.com\Users\KaitlynZ L: company.com
--
js script:
--
/* AD user import script
*
* Expects a tab delimited file as the first argument with the following format:
* username, firstname, lastname, password, ou, homedir, homedrive, domain
*
* $Id$
*/
/* Format consts */
var username = 0;
var firstname = 1;
var lastname = 2;
var password = 3;
var ou = 4;
var homedir = 5;
var homedrive = 6;
var domain = 7;
if(WScript.Arguments.length != 1)
{
WScript.Echo("Usage: ad_import.js [importfile.txt]");
WScript.Quit(1);
}
var fs = WScript.CreateObject("Scripting.FileSystemObject");
var fp = fs.GetFile(WScript.Arguments(0)).OpenAsTextStream(1, 0);
var count = 0;
while(!fp.AtEndOfStream)
{
try
{
var line = fp.ReadLine().replace("\n", "").split("\t");
var iou = GetObject("LDAP://" + line[ou]);
var u = iou.Create("user", "CN=" + line[firstname] + " " + line[lastname]);
u.Put("sAMAccountName", line[username]);
u.Put("sn", line[lastname]);
u.Put("givenName", line[firstname]);
u.Put("userPrincipalName", line[username] + "@" + line[domain]);
u.Put("homeDirectory", line[homedir]);
u.Put("homeDrive", line[homedrive]);
u.SetInfo();
/* Set password and "normal user" account flags */
u.SetPassword(line[password]);
u.AccountDisabled = false;
u.Put("userAccountControl", 0x0200);
u.SetInfo();
count++;
}
catch(err)
{
WScript.Echo("Error importing user " + line[username] + ": " +
err.description + "(" + err.number + ")");
}
}
fp.Close();
WScript.Echo(count + " users imported.");
--
Post a Comment