I have been given this script to modify and use in my environment, however I don’t know to make it work
I have 2 OUs in Active Directory called Finance and HR.
The purpose is to have a form that HR can use to create new users when they are hired and place them in the department for which they were hired for
I was told I need to do the following to make it work but I am unsuccessfully.
To make the create-user script work in your environment, you must make a few minor adjustments to it. Unless your OU names are OrgUnit01 and OrgUnit02, you need to modify the Form procedure (at callout C) so that it uses your OU names.
In the code at callout F, change the container names, telephone prefixes, domain suffixes, and locations as necessary. Note that the sDomainSuffix variable is the unique domain suffix that you define in the Microsoft Management Console (MMC) Active Directory Domains and Trusts snap-in. To find any unique domain suffixes, open the snap-in. In the console tree, right-click Active Directory Domains and Trusts, then select Properties. You'll see all unique domain suffixes listed in the Alternative UPN suffixes box. If nothing is listed there, use the domain suffix as defined for your domain.
' LISTING 1: Commented UserCreate.asp
<%@ Language=VBScript %>
<%
Option Explicit
On Error Resume Next
%>
<HTML>
<HEAD>
<META NAME="GENERATOR" Content="by Ethan Wilansky">
</HEAD>
<%
'---declare global variables
Dim sContainer, sContainerPath
Dim sAdsPath, oOrgUnit
Dim sFirstName, sLastName, sUserAccountName
Dim sTelPrefix, sJobTitle, sLocation, sDomainSuffix
'---end declare global variables
'---define server side functions
' BEGIN CALLOUT A
'Bind to the root directory.
Function BindContainer(sContainer)
'Declare local variables.
Dim oRootDSE
'Initialize local variables.
Set oRootDSE = GetObject("LDAP://rootDSE")
sADsPath = oRootDSE.Get("defaultNamingContext")
Set oRootDSE = Nothing
sContainerPath = "LDAP://OU=" & sContainer & "," & sAdsPath
End Function
' END CALLOUT A
'Check for the user account in the AD store.
' BEGIN CALLOUT B
Function CheckForUser()
'Declare local variables.
Dim oConnection, oCommand, oRecordSet
'Create a connection object.
Set oConnection = CreateObject("ADODB.Connection")
'Specify the ADSI OLE DB provider and then open a connection.
oConnection.Provider = "ADsDSOObject"
oConnection.Open "Active Directory Provider"
'Create a command object.
Set oCommand = CreateObject("ADODB.Command")
'Set the command object for this connection.
Set oCommand.ActiveConnection = oConnection
'--Compose a search string to see whether the user account exists.
oCommand.CommandText="SELECT samAccountName, name FROM 'LDAP://" & _
sADsPath & "'" & _
"WHERE samAccountName ='" & sUserAccountName & _
"' OR name='" & sFirstName & Space(1) & sLastName & _
"' AND objectCategory='Person'"
'Execute the query.
Set oRecordSet = oCommand.Execute
'If there is a record in the record set, return the results.
If not oRecordSet.EOF Then
With Response
.Write "<p>A user account name of:" & _
"<b>" & oRecordSet.Fields("samAccountName")
.Write "</b> with a name of:" & _
"<b>" & oRecordSet.Fields("Name") & "</b><br>"
.Write "was found in the directory."
.Write "<br><br> Press the browser's Back button" & _
"to return to the form<br>"
.Write "and specify a different name.</p>"
End With
'Exit the function to avoid further script processing.
Response.End
End If
'Close the connection and release the objects from memory.
oConnection.Close
Set oConnection=Nothing
Set oCommand=Nothing
Set oRecordSet=Nothing
'end clean up
End Function
' END CALLOUT B
'---end define functions
'---define procedures
' BEGIN CALLOUT C
Sub Form%>
<h2>Create User Accounts</h2>
<p>Use this form to generate user accounts in<br>
the Active Directory store.</p>
<FORM ACTION="usercreate.asp"
METHOD=POST id=FeedBackForm name=FeedBackForm>
<table>
<tr>
<td>User account name:</td>
<td><INPUT type="text" id=UserName
name=UserAccountName value=></td>
<td> </td>
</tr>
<tr>
<td>First name:</td>
<td><INPUT type="text" id=FirstName
name=FirstName value=></td>
<td> </td>
</tr>
<tr>
<td>Last name:</td>
<td><INPUT type="text" id=LastName
name=LastName value=></td>
<td> </td>
</tr>
<tr>
<td>4 digit extension #:</td>
<td><INPUT type="text" id=Extension
name=Extension size=4 maxlength=4></td>
<td> </td>
</tr>
<tr>
<td>User's job title:</td>
<td><INPUT type="text" id=JobTitle
name=JobTitle></td>
<td>optional</td>
</tr>
</table>
<INPUT type="checkbox"
name="acctenable" checked ID=Checkbox1>Account Enabled
<table>
<tr>
<td>
<br><u>Select the location where
this account should reside</u>:<br>
<INPUT type="radio" id="OU1"
name=Container value="OrgUnit01" CHECKED>
Organizational Unit 1 (OrgUnit1)<br>
<INPUT type="radio" id="OU2"
name=Container value="OrgUnit02">
Organizational Unit 2 (OrgUnit2)<br><br>
</td>
</tr>
</table>
<INPUT type="submit" value="Submit" id=submit name=submit>
<INPUT type="reset" value="Reset" id=reset name=reset>
<%End Sub
' END CALLOUT C
'Procedure for adding a user to the AD store.
' BEGIN CALLOUT D
Sub AddUser
'Declare local variables.
Dim sAddUser, sUserPrincipalName
Dim sPassword, oAddUser, sExtension
'Initialize local variables.
sAddUser="CN=" & sFirstName & Space(1) & sLastName
'Assign a password that users enter to log on for the first time.
sPassword="initial!pass"
'Assign a value to the user's job title.
If Request.Form("JobTitle") = "" Then
sJobTitle = "No job title specified"
Else
sJobTitle=Request.Form("JobTitle")
End If
sExtension = Request.Form("Extension")
'Use the Create method to generate the new user object.
set oAddUser=oOrgUnit.Create ("user", sAddUser)
'Assign properties to the account.
With oAddUser
.Put "samAccountName", sUserAccountName
.Put "givenName", sFirstName
.Put "sn", sLastName
.Put "DisplayName", sFirstName & " " & sLastName
.Put "Description", sJobTitle
.Put "mail", LCASE(sUserAccountName) & _
"@domain_name.com" 'change domain_name to your email domain
.Put "userPrincipalName", sUserAccountName & "@" & sDomainSuffix
.Put "TelephoneNumber", sTelPrefix & sExtension
.Put "title", sJobTitle
'This can be a domain dfs link instead of a server name.
.Put "homedirectory", "\\filesrv01\users\" & sUserAccountName
.Put "homedrive", "H:"
'Commit the user account to the AD store.
.Setinfo
End With
If Request.Form("acctenable") = "on" Then
'Enable the user account.
oAddUser.AccountDisabled=False
End If
'Set the default user password.
oAddUser.SetPassword sPassword
'Commit the user account modifications the AD store.
oAddUser.Setinfo
With Response
.Write "The <b>" & sUserAccountName & _
"</b> user account was created in the <b>" & _
sContainer & "</b> organizational unit.<br>"
.Write "This user may logon as: <b>" & _
sUserAccountName & "@" & sDomainSuffix & "</b><br>"
.Write "<A HREF=usercreate.asp>Create another user account</a>"
End With
'Release the object from memory.
Set oAddUser = Nothing
End Sub
' END CALLOUT D
'---end define procedures
%>
' BEGIN CALLOUT E
<!--define client side functions-->
<SCRIPT LANGUAGE="VBScript">
<!--
Function FeedbackForm_OnSubmit()
Dim iNumeric, sType
'Disallow submit until the form fields have been validated.
FeedbackForm_OnSubmit = False
'Get a reference to the form.
Set theForm = Document.FeedbackForm
'First, check for the user account name.
If Trim(theForm.UserAccountName.Value) = "" Then
MsgBox "Enter the user account name.", vbCritical, "Input Required"
theForm.UserAccountName.Focus
Else
'Next, check for the first name.
If Trim(theForm.FirstName.Value) = "" Then
MsgBox "Enter the user's first name.", vbCritical, "Input Required"
theForm.FirstName.Focus
Else
'Next, check for the last name.
If Trim(theForm.LastName.Value) = "" Then
MsgBox "Enter the user's last name.", vbCritical, "Input Required"
theForm.LastName.Focus
Else
'Next, check for a phone extension.
If Trim(theForm.Extension.Value) = "" Then
MsgBox "Enter a 4 digit extension.", vbCritical, "Input Required"
theForm.Extension.Focus
Else
'Next, check that the phone extension is numeric.
GetValue = theForm.Extension.Value
If IsNumeric(GetValue) = False Then
MsgBox "Numbers only, please.", vbCritical, "Invalid Value"
theForm.Extension.Focus
Else
'Continue with submission.
FeedbackForm_OnSubmit = True
End If
End If
End If
End If
End If
End Function
-->
</SCRIPT>
<!--end define client side functions-->
' END CALLOUT E
<%
'----Determine whether to load the blank form
'or validate the form and add the object to AD.
Response.Write "<BODY>"
' BEGIN CALLOUT F
If Request.Form("UserAccountName") = "" _
or Request.Form("FirstName") = "" _
or Request.Form("LastName") = "" Then
Call Form
Else
sUserAccountName = Request.Form("UserAccountName")
sFirstName = Request.Form("FirstName")
sLastName = Request.Form("LastName")
'---variable values that are based on the location
'---where the account will be created
Select Case Request.Form("Container")
Case "OrgUnit01"
sContainer = "OrgUnit01"
sTelPrefix="(423) 555 "
sDomainSuffix="asapius.com"
sLocation="Snohomish"
Case Else
sContainer = "OrgUnit02"
sTelPrefix="(425) 555 "
sDomainSuffix="microsoft.com"
sLocation="Redmond"
End Select
' END CALLOUT F
'Use this function to bind to the AD
'container where the user account will be created.
BindContainer(sContainer)
'Call the function that checks for an existing user.
CheckForUser()
'Get the OU.
Set oOrgUnit = GetObject(sContainerPath)
'Call the function that adds the user.
Call AddUser
'Release the object from memory.
Set oOrgUnit = Nothing
End If
'---end script processing
%>
</BODY>
</HTML>
I have 2 OUs in Active Directory called Finance and HR.
The purpose is to have a form that HR can use to create new users when they are hired and place them in the department for which they were hired for
I was told I need to do the following to make it work but I am unsuccessfully.
To make the create-user script work in your environment, you must make a few minor adjustments to it. Unless your OU names are OrgUnit01 and OrgUnit02, you need to modify the Form procedure (at callout C) so that it uses your OU names.
In the code at callout F, change the container names, telephone prefixes, domain suffixes, and locations as necessary. Note that the sDomainSuffix variable is the unique domain suffix that you define in the Microsoft Management Console (MMC) Active Directory Domains and Trusts snap-in. To find any unique domain suffixes, open the snap-in. In the console tree, right-click Active Directory Domains and Trusts, then select Properties. You'll see all unique domain suffixes listed in the Alternative UPN suffixes box. If nothing is listed there, use the domain suffix as defined for your domain.
' LISTING 1: Commented UserCreate.asp
<%@ Language=VBScript %>
<%
Option Explicit
On Error Resume Next
%>
<HTML>
<HEAD>
<META NAME="GENERATOR" Content="by Ethan Wilansky">
</HEAD>
<%
'---declare global variables
Dim sContainer, sContainerPath
Dim sAdsPath, oOrgUnit
Dim sFirstName, sLastName, sUserAccountName
Dim sTelPrefix, sJobTitle, sLocation, sDomainSuffix
'---end declare global variables
'---define server side functions
' BEGIN CALLOUT A
'Bind to the root directory.
Function BindContainer(sContainer)
'Declare local variables.
Dim oRootDSE
'Initialize local variables.
Set oRootDSE = GetObject("LDAP://rootDSE")
sADsPath = oRootDSE.Get("defaultNamingContext")
Set oRootDSE = Nothing
sContainerPath = "LDAP://OU=" & sContainer & "," & sAdsPath
End Function
' END CALLOUT A
'Check for the user account in the AD store.
' BEGIN CALLOUT B
Function CheckForUser()
'Declare local variables.
Dim oConnection, oCommand, oRecordSet
'Create a connection object.
Set oConnection = CreateObject("ADODB.Connection")
'Specify the ADSI OLE DB provider and then open a connection.
oConnection.Provider = "ADsDSOObject"
oConnection.Open "Active Directory Provider"
'Create a command object.
Set oCommand = CreateObject("ADODB.Command")
'Set the command object for this connection.
Set oCommand.ActiveConnection = oConnection
'--Compose a search string to see whether the user account exists.
oCommand.CommandText="SELECT samAccountName, name FROM 'LDAP://" & _
sADsPath & "'" & _
"WHERE samAccountName ='" & sUserAccountName & _
"' OR name='" & sFirstName & Space(1) & sLastName & _
"' AND objectCategory='Person'"
'Execute the query.
Set oRecordSet = oCommand.Execute
'If there is a record in the record set, return the results.
If not oRecordSet.EOF Then
With Response
.Write "<p>A user account name of:" & _
"<b>" & oRecordSet.Fields("samAccountName")
.Write "</b> with a name of:" & _
"<b>" & oRecordSet.Fields("Name") & "</b><br>"
.Write "was found in the directory."
.Write "<br><br> Press the browser's Back button" & _
"to return to the form<br>"
.Write "and specify a different name.</p>"
End With
'Exit the function to avoid further script processing.
Response.End
End If
'Close the connection and release the objects from memory.
oConnection.Close
Set oConnection=Nothing
Set oCommand=Nothing
Set oRecordSet=Nothing
'end clean up
End Function
' END CALLOUT B
'---end define functions
'---define procedures
' BEGIN CALLOUT C
Sub Form%>
<h2>Create User Accounts</h2>
<p>Use this form to generate user accounts in<br>
the Active Directory store.</p>
<FORM ACTION="usercreate.asp"
METHOD=POST id=FeedBackForm name=FeedBackForm>
<table>
<tr>
<td>User account name:</td>
<td><INPUT type="text" id=UserName
name=UserAccountName value=></td>
<td> </td>
</tr>
<tr>
<td>First name:</td>
<td><INPUT type="text" id=FirstName
name=FirstName value=></td>
<td> </td>
</tr>
<tr>
<td>Last name:</td>
<td><INPUT type="text" id=LastName
name=LastName value=></td>
<td> </td>
</tr>
<tr>
<td>4 digit extension #:</td>
<td><INPUT type="text" id=Extension
name=Extension size=4 maxlength=4></td>
<td> </td>
</tr>
<tr>
<td>User's job title:</td>
<td><INPUT type="text" id=JobTitle
name=JobTitle></td>
<td>optional</td>
</tr>
</table>
<INPUT type="checkbox"
name="acctenable" checked ID=Checkbox1>Account Enabled
<table>
<tr>
<td>
<br><u>Select the location where
this account should reside</u>:<br>
<INPUT type="radio" id="OU1"
name=Container value="OrgUnit01" CHECKED>
Organizational Unit 1 (OrgUnit1)<br>
<INPUT type="radio" id="OU2"
name=Container value="OrgUnit02">
Organizational Unit 2 (OrgUnit2)<br><br>
</td>
</tr>
</table>
<INPUT type="submit" value="Submit" id=submit name=submit>
<INPUT type="reset" value="Reset" id=reset name=reset>
<%End Sub
' END CALLOUT C
'Procedure for adding a user to the AD store.
' BEGIN CALLOUT D
Sub AddUser
'Declare local variables.
Dim sAddUser, sUserPrincipalName
Dim sPassword, oAddUser, sExtension
'Initialize local variables.
sAddUser="CN=" & sFirstName & Space(1) & sLastName
'Assign a password that users enter to log on for the first time.
sPassword="initial!pass"
'Assign a value to the user's job title.
If Request.Form("JobTitle") = "" Then
sJobTitle = "No job title specified"
Else
sJobTitle=Request.Form("JobTitle")
End If
sExtension = Request.Form("Extension")
'Use the Create method to generate the new user object.
set oAddUser=oOrgUnit.Create ("user", sAddUser)
'Assign properties to the account.
With oAddUser
.Put "samAccountName", sUserAccountName
.Put "givenName", sFirstName
.Put "sn", sLastName
.Put "DisplayName", sFirstName & " " & sLastName
.Put "Description", sJobTitle
.Put "mail", LCASE(sUserAccountName) & _
"@domain_name.com" 'change domain_name to your email domain
.Put "userPrincipalName", sUserAccountName & "@" & sDomainSuffix
.Put "TelephoneNumber", sTelPrefix & sExtension
.Put "title", sJobTitle
'This can be a domain dfs link instead of a server name.
.Put "homedirectory", "\\filesrv01\users\" & sUserAccountName
.Put "homedrive", "H:"
'Commit the user account to the AD store.
.Setinfo
End With
If Request.Form("acctenable") = "on" Then
'Enable the user account.
oAddUser.AccountDisabled=False
End If
'Set the default user password.
oAddUser.SetPassword sPassword
'Commit the user account modifications the AD store.
oAddUser.Setinfo
With Response
.Write "The <b>" & sUserAccountName & _
"</b> user account was created in the <b>" & _
sContainer & "</b> organizational unit.<br>"
.Write "This user may logon as: <b>" & _
sUserAccountName & "@" & sDomainSuffix & "</b><br>"
.Write "<A HREF=usercreate.asp>Create another user account</a>"
End With
'Release the object from memory.
Set oAddUser = Nothing
End Sub
' END CALLOUT D
'---end define procedures
%>
' BEGIN CALLOUT E
<!--define client side functions-->
<SCRIPT LANGUAGE="VBScript">
<!--
Function FeedbackForm_OnSubmit()
Dim iNumeric, sType
'Disallow submit until the form fields have been validated.
FeedbackForm_OnSubmit = False
'Get a reference to the form.
Set theForm = Document.FeedbackForm
'First, check for the user account name.
If Trim(theForm.UserAccountName.Value) = "" Then
MsgBox "Enter the user account name.", vbCritical, "Input Required"
theForm.UserAccountName.Focus
Else
'Next, check for the first name.
If Trim(theForm.FirstName.Value) = "" Then
MsgBox "Enter the user's first name.", vbCritical, "Input Required"
theForm.FirstName.Focus
Else
'Next, check for the last name.
If Trim(theForm.LastName.Value) = "" Then
MsgBox "Enter the user's last name.", vbCritical, "Input Required"
theForm.LastName.Focus
Else
'Next, check for a phone extension.
If Trim(theForm.Extension.Value) = "" Then
MsgBox "Enter a 4 digit extension.", vbCritical, "Input Required"
theForm.Extension.Focus
Else
'Next, check that the phone extension is numeric.
GetValue = theForm.Extension.Value
If IsNumeric(GetValue) = False Then
MsgBox "Numbers only, please.", vbCritical, "Invalid Value"
theForm.Extension.Focus
Else
'Continue with submission.
FeedbackForm_OnSubmit = True
End If
End If
End If
End If
End If
End Function
-->
</SCRIPT>
<!--end define client side functions-->
' END CALLOUT E
<%
'----Determine whether to load the blank form
'or validate the form and add the object to AD.
Response.Write "<BODY>"
' BEGIN CALLOUT F
If Request.Form("UserAccountName") = "" _
or Request.Form("FirstName") = "" _
or Request.Form("LastName") = "" Then
Call Form
Else
sUserAccountName = Request.Form("UserAccountName")
sFirstName = Request.Form("FirstName")
sLastName = Request.Form("LastName")
'---variable values that are based on the location
'---where the account will be created
Select Case Request.Form("Container")
Case "OrgUnit01"
sContainer = "OrgUnit01"
sTelPrefix="(423) 555 "
sDomainSuffix="asapius.com"
sLocation="Snohomish"
Case Else
sContainer = "OrgUnit02"
sTelPrefix="(425) 555 "
sDomainSuffix="microsoft.com"
sLocation="Redmond"
End Select
' END CALLOUT F
'Use this function to bind to the AD
'container where the user account will be created.
BindContainer(sContainer)
'Call the function that checks for an existing user.
CheckForUser()
'Get the OU.
Set oOrgUnit = GetObject(sContainerPath)
'Call the function that adds the user.
Call AddUser
'Release the object from memory.
Set oOrgUnit = Nothing
End If
'---end script processing
%>
</BODY>
</HTML>