Thursday, June 11, 2009

User creation script

A consultant recently asked me for a copy of a script I created for our school to automate user creation. I thought it would be more useful for myself and the world if I just archived it here where I can always find it, and where other folks can use it (I find it much harder generally to find usable sample window code &c. than I do with linux).

These are my first (and hopefully last) scripts in virtual basic scripting. I'm putting them here to make it easier to share them, but these haven't really been prepared properly for sharing (I was simply working from examples until these worked). Obviously it would be worth setting these up with tweakable parameters up top at some future point.

Script for creating students

Create Users

This script creates student user accounts based on a CSV file with the following structure:

username, first, last, group, password

' Script to create student accounts
' Created by Tom Hinkle
' (or, if he's moved on,
' Requires file named students.csv in same directory with requisite information.
' File format is plain csv (no escaping) as follows:
' username, first, last, year-of-grad, password
' Note that year-of-grad is used for group names. We expect there to be an OU
' with the name of e.g. YOG2012 for each year-of-grad. Also, student folders
' are named by YOG, so we expect the students folder to contain a folder titled
' e.g. YOG2012

Set objFSO = CreateObject("Scripting.FileSystemObject")
Set objShell = CreateObject("Wscript.Shell")
upnSuffix = ""
Set objRootDSE = GetObject("LDAP://rootDSE")

dim fs,objTextFile
set fs=CreateObject("Scripting.FileSystemObject")
dim arrStr
set objTextFile = fs.OpenTextFile("students.csv")

Do while NOT objTextFile.AtEndOfStream
arrStr = split(objTextFile.ReadLine,",")
givenName = arrStr(1)
lastName = arrStr(2)
sn = lastName
cn = givenName & " " & lastName
OU = "YOG" & arrStr(3)
samAccountName = arrStr(0)
' Specify the NetBIOS name of the domain.
strNetBIOSDomain = "cpcs"
userPrincipalName = samAccountName & "@" & upnSuffix
homedir = "\\\students\" & OU & "\" & samAccountName
groupname = "LDAP://ou=" & OU & ",ou=Student,DC=CPCS,DC=com"

Set objContainer = GetObject(groupname)
Set objUser = objContainer.Create("User", "cn=" & cn)
objUser.Put "sAMAccountName", samAccountName
objUser.Put "userPrincipalName", userPrincipalName
objUser.Put "sn", sn
objUser.Put "givenName", givenName
objUser.Put "displayName", givenName & " " & sn
objUser.Put "userAccountControl", 512
objUser.Put "homeDirectory", homedir
objUser.Put "homeDrive", "H"
objUser.Put "scriptPath", "SLogon.bat"

On Error Resume Next
If (Err.Number <> 0) Then
Wscript.Echo "Unable to create " & samAccountName
End If
'On Error GoTo 0

objUser.SetPassword arrStr(4)

' Create folder, based on:

If (objFSO.FolderExists(homedir) = False) Then
' Create folder.
On Error Resume Next
objFSO.CreateFolder homedir
If (Err.Number <> 0) Then
Wscript.Echo "Unable to create home directory for " & strSAM
End If
On Error GoTo 0
End If
If (objFSO.FolderExists(homedir) = True) Then
' Assign permissions to home directory.
intRunError = objShell.Run("%COMSPEC% /c echo Y| cacls " _
& homedir & " /T /E /C /G " & strNetBIOSDomain _
& "\" & samAccountName& ":F", 2, True)
If (intRunError <> 0) Then
Wscript.Echo "Unable to assign permissions for " & samAccountName
End If
End If
set objTextFile = Nothing
set fs = Nothing
wscript.Echo("When you are done, you will want to go into active directory, highlight the new users manually, and add them to the group Students. You'll also need to disallow changing the password. Sorry I didn't get this done programmatically, but it's relatively simple to do manually")

No comments: