Back to User management: Create
DESCRIPTION
No description
Note This code may use functions from the ARS Script Policy Best Practices. Please, follow the link to obtain instructions and code for those functions.
SCRIPT
'*********************************************************************************
' THIS CODE AND INFORMATION IS PROVIDED "AS IS" WITHOUT WARRANTY OF ANY KIND,
' EITHER EXPRESSED OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE IMPLIED
' WARRANTIES OF MERCHANTBILITY AND/OR FITNESS FOR A PARTICULAR PURPOSE.
'
' IF YOU WANT THIS FUNCTIONALITY TO BE CONDITIONALLY SUPPORTED,
' PLEASE CONTACT QUEST PROFESSIONAL SERVICES.
'*********************************************************************************
'
' This code is published on the ActiveRoles Script Center:
' http://communities.quest.com/docs/DOC-9991
'
' This code may use functions from the ARS Script Policy Best Practices:
' http://communities.quest.com/docs/DOC-10016
'
' Please, follow the link to obtain instructions and code for those functions.
'*********************************************************************************
'===========================================================================
' GetProperty
'===========================================================================
Function GetProperty (ByRef objObject, ByVal sAttributeName)
Dim Value
On Error Resume Next
Value = objObject.Get(sAttributeName)
On Error GoTo 0
GetProperty = Value
End Function ' GetProperty
'===========================================================================
' so, let's create/modify the user account on a designated machine
' Therefore we need to VA's in ARS, which are called:
' "edsvaCreateLocalUserAccount" - boolean (mapped to objectclass "user")
' it indicates, if this AD user needs an additional account on a local computer
' "edsvaLocalUserAccountServer" - directory string (mapped to objectclass "user")
' it names the Computer, where the User Object will be created
Sub Execute(Request)
'1
'--- consider that Request.Class can be "user", "User", or "USER"
If (LCase(Request.Class) <> "user") Then Exit Sub
'2
'--- the DirObj is an AD object that is being processed
DirObj.GetInfoEx Array("sAMAccountName", "displayName", "edsvaLocalUserAccountServer"), 0
'3
'--- Check if User Account shall be created on a Computer/Server locally
'strCreateLocalUserAccount = CStr(Request.Get("edsvaCreateLocalUserAccount"))
strCreateLocalUserAccount = CStr(GetProperty(Request, "edsvaCreateLocalUserAccount"))
If (strCreateLocalUserAccount = "False") Then Exit Sub
'4
'--- get a useful info from DirObj
'--- add additional attributes to that list, which are needed,
'--- e.g. general address information, smtp or whatever
strUserName = GetProperty(DirObj, "sAMAccountName")
strFullName = GetProperty(DirObj, "displayName")
strComputer = GetProperty(DirObj, "edsvaLocalUserAccountServer")
strPassword = CStr(GetProperty(Request, "edsaPassword"))
'5
' ------ Create User ---------
Set objSystem = GetObject("WinNT://" & strComputer)
Set objUser = objSystem.Create("user", strUserName)
objUser.FullName = strFullName
objUser.SetPassword strPassword
objUser.SetInfo
End Sub
Sub onPostModify(Request)
Execute(Request)
End Sub
Sub onPostCreate(Request)
Execute(Request)
End Sub
' Now it is time to delete the local user, when deleted in AD
Sub onPreDelete(Request)
'1
'--- consider that Request.Class can be "user", "User", or "USER"
If (LCase(Request.Class) <> "user") Then Exit Sub
'2
'--- the DirObj is an AD object that is being processed
DirObj.GetInfoEx Array("sAMAccountName", "displayName", "edsvaLocalUserAccountServer", "edsvaCreateLocalUserAccount"), 0
'3
'--- get a useful info from DirObj
'--- add additional attributes to that list, which are needed,
'--- e.g. general address information, smtp or whatever
strUserName = GetProperty(DirObj, "sAMAccountName")
strComputer = GetProperty(DirObj, "edsvaLocalUserAccountServer")
On Error Resume Next
Set objComputer = GetObject("WinNT://" & strComputer & "")
objComputer.Delete "user", strUserName
On Error GoTo 0
End Sub
'***** END OF CODE ***************************************************************
COMPATIBILITY
Script compatible with the following version(s): <Not specified>