I cannot find anything difinitive regarding how to create an NT 4 account
(username and password supplied via ASP page from user) and then set
directory
access permissions for the user. Please help with code examples or point me
to
reliable sites...I have searched MS KB and WSH site with no luck. Thank you
Rick,
This is the code behind an Outlook form that creates a useraccount and
mailbox on an Exchange server.
It also creates a homedirectory, a share for it, and sets permissions to it.
I think it might be useful for you if you get rid of the parts you don't
need. Good luck with it.
Peter
Const ADS_SID_WINNT_PATH = 5
Const ADS_SID_HEXSTRING = 1
dim strfirstname
dim strlastname
dim strfullname
dim strusrname
dim strdescription
dim strcomputername
dim strpassword
dim strhomeserver
dim strhomedirectory
dim strhomedirpath
dim stralias
dim strexserver
dim strexcontainer
dim strexorg
dim strexsite
dim strsmtpmail
dim strbusinessphone
dim stroffice
dim strcustomattribute1
dim strfunction
dim strdepartment
dim sidhex
sub getdata 'getting info from fields in Outlook form:
Set strusrname =
Item.GetInspector.ModifiedFormPages("Message").Controls("txtUsername")
Set strdescription =
Item.GetInspector.ModifiedFormPages("Message").Controls("txtDescription")
Set strComputername =
Item.GetInspector.ModifiedFormPages("Message").Controls("txtComputername")
Set strPassword =
Item.GetInspector.ModifiedFormPages("Message").Controls("txtPassword")
Set strFullname =
Item.GetInspector.ModifiedFormPages("Message").Controls("txtFullname")
Set strHomeserver =
Item.GetInspector.ModifiedFormPages("Message").Controls("cmbServer")
Set strFunction =
Item.GetInspector.ModifiedFormPages("Message").Controls("cmbFunction")
Set strDepartment =
Item.GetInspector.ModifiedFormPages("Message").Controls("cmbDepartment")
end sub
sub cmdCreateAcct_click
getdata
strPath = "WinNT://"&strComputername
Set objContainer = GetObject(strPath)
Set objUser = objContainer.Create("user", strusrname)
objUser.FullName = strFullname
objUser.Description = strDescription
strHomedirectory = "\\"&strHomeserver&"\"&strusrname&"$"
objUser.Homedirectory = strHomedirectory
objUser.HomeDirDrive = "N:"
objUser.Profile = "\\" & strHomeserver & "\profiles$\" & strusrname
objUser.Loginscript = "kix32 coleurop.kix"
objUser.PasswordExpired = 1
objUser.SetPassword(strPassword)
' flush ADSI creation buffer to underlying directory
on error resume next
objUser.SetInfo
If Err.Number = 0 Then
MsgBox "User successfully created!"
ElseIf Err.Number = "-2147022672" Then
MsgBox "User already exists!"
ElseIf Err.Number = "70" Then
MsgBox "Access is Denied."
Else
MsgBox "Unknown Error !!!! :-) (This is a Microsoft Product!)"
End If
' cleanup
Set objContainer = Nothing
Set objUser = Nothing
makehomedir
end sub
sub cmdquit_click
item.close 1
end sub
Sub cmdCreatemailbox_click
getdata
'----------------------------------------------------------
' Create Microsoft Exchange Mailbox
'----------------------------------------------------------
Dim strMTA
Dim strMDB
Dim objExAdmin
Set strExServer =
Item.GetInspector.ModifiedFormPages("Message").Controls("cmbExServer")
Set strExContainer =
Item.GetInspector.ModifiedFormPages("Message").Controls("cmbContainer")
strExContainer = "cn=" & strExContainer & ",cn=recipients"
If strExServer = "Europa" then
strExSite = "COLEUROP"
elseif strExServer = "Uranus" then
strExSite = "GARENMARKT"
elseif strExServer = "Moon" then
strExSite = "RUESTEVIN"
End if
strExOrg = "College of Europe"
Set strFirstname =
Item.GetInspector.ModifiedFormPages("Message").Controls("txtFirstname")
strFirstname = Ucase(left(strFirstname,1)) & Lcase(mid(strFirstname,2))
Set strLastname =
Item.GetInspector.ModifiedFormPages("Message").Controls("txtLastname")
strLastname = Ucase(strLastname)
strAlias = strusrname
strDisplayName = strFullname
Set strSMTPmail =
Item.GetInspector.ModifiedFormPages("Message").Controls("txtSMTPaddr")
Set strBusinessPhone =
Item.GetInspector.ModifiedFormPages("Message").Controls("txtTelephone")
Set strOffice =
Item.GetInspector.ModifiedFormPages("Message").Controls("txtOffice")
set strcustomattribute1 =
Item.GetInspector.ModifiedFormPages("Message").Controls("cmbCustomattribute1
")
strNTDomain = "COLEUROP"
strPath = "LDAP://" + strExServer + "/" + strExContainer + ",ou=" +
strExSite + ",o=" + strExOrg
strMTA = "cn=Microsoft MTA,cn=" + strExServer +
",cn=Servers,cn=Configuration,ou=" + strExSite + ",o=" + strExOrg
strMDB = "cn=Microsoft Private MDB,cn=" + strExServer +
",cn=Servers,cn=Configuration,ou=" + strExSite + ",o=" + strExOrg
msgbox("Getobject(" & strPath & ")")
Set objContainer = GetObject(strPath)
Set objUser = objContainer.Create("organizationalPerson", "cn=" + strAlias)
objUser.Put "cn", CStr(strDisplayName)
objUser.Put "uid", CStr(strAlias)
objUser.Put "Home-MTA", CStr(strMTA)
objUser.Put "Home-MDB", CStr(strMDB)
objUser.Put "mailPreferenceOption", 0
objUser.Put "givenName", CStr(strFirstName)
objUser.Put "sn", CStr(strLastName)
objUser.Put "mail", CStr(strSMTPmail)
objUser.Put "title",Cstr(strFunction)
objUser.Put "department",CStr(strDepartment)
if strcustomattribute1 <> "" then
objUser.Put "extension-attribute-1", Cstr(strcustomattribute1)
end if
if strBusinessPhone <> "" then
objUser.Put "telephoneNumber", CStr(strBusinessPhone)
end if
if strOffice <> "" then
objUser.Put "physicaldeliveryofficename", CStr(strOffice)
end if
Set sid = CreateObject("ADsSID")
sid.SetAs ADS_SID_WINNT_PATH, "WinNT://" & strComputername & "/" & strAlias
& ",user"
sidHex = sid.GetAs(ADS_SID_HEXSTRING)
objUser.Put "Assoc-NT-Account", sidHex
msgbox("setinfo:")
on error resume next
objUser.SetInfo
if err.number = 0 then
msgbox("setinfo done")
else
msgbox("error at setinfo " & err.number)
end if
msgbox("end setinfo")
' Set objExAdmin = CreateObject("ExAdmin.Lookup")
' objExAdmin.SetSecurity CStr(strNTDomain), CStr(strAlias),
CStr(strExServer), CStr(strExOrg), CStr(strExSite), CStr(strExContainer)
'msgbox(CStr(strNTDomain) & " " & CStr(strAlias)&" "& CStr(strExServer)&" "&
CStr(strExOrg)&" "& CStr(strExSite)&" "& CStr(strExContainer))
msgbox("WinNT useracct associated with mailbox")
' Set objExAdmin = Nothing
Set objContainer = Nothing
Set objUser = Nothing
if err.number = 0 then
msgbox("mailbox successfully created")
else
msgbox("error " & err.number)
end if
End Sub
sub makehomedir
strhomedirpath = "\\" & strhomeserver & "\d$\staff\" & strusrname
msgbox("sub makehomedir")
set fso = createobject("scripting.filesystemobject")
set wshshell = createobject("wscript.shell")
'testing if subinacle.exe exists
on error resume next
wshshell.run "subinacl",7
if err <> 0 then
wscript.echo "subinacl.exe not found (you can find this in the NT4 or W2K
Resource Kit)"
wscript.quit
end if
'creating homedirectory
err.clear
msgbox("fso.createfolder(" & strhomedirpath & ")")
fso.createfolder(strhomedirpath)
if err = 58 then
wscript.echo strhomedirpath & " already exists"
elseif err <> 0 then
wscript.echo "Error creating folder " & strhomedirpath
else
wscript.echo "homedirfolder created"
end if
'creating share for homedirectory
msgbox("creating share for homedirectory")
err.clear
set fserv = getobject("WinNT://" & strHomeServer & "/lanmanserver")
if err <> 0 then
wscript.echo "Error getting Winnt://" & strHomeServer & "/lanmanserver"
end if
err.clear
set share = fserv.create("fileshare",strUsrname&"$")
if err = -2147467259 then
wscript.echo "Share " & strUsrname & "$ already exists"
elseif err <> 0 then
wscript.echo "Error in this line: fserv.create(""fileshare""," & strUsrname
& "$)"
end if
share.path = "D:\staff\" & strusrname
msgbox("Share \\" & strhomeserver & "\" & strusrname & "$ if pointing to
D:\Staff\" & strusrname)
share.description = "HOME " & strFullname
err.clear
share.Setinfo
if err <> 0 then
wscript.Echo "Error creating homedirshare " & err & err.description
end if
'setting permissions on share
msgbox("setting permissions on share")
err.clear
wshshell.run "subinacl /share \\" & strHomeServer & "\" & strUsrname & "$
/grant=""" & strComputername & "\domain admins""=F /grant=""" &
strComputername & "\" & strUsrname & """=C /revoke=everyone",5,FALSE
'setting permissions on homedir
msgbox("setting permissions on homedir")
wshshell.run "xcacls " & strHomedirpath & " /P """ & strComputername &
"\domain admins"":OP;OP " & strUsrname & ":C;C /Y",5,FALSE
end sub
Need to create Nt 4 Account, Password and set directory access permissions