Author: NetworkAdminKB.com

Created: 2010-02-21

Modified: 2011-06-11

 

Version: 1.3.12

The ADSCreateObject utility can be used to create a user or group in an Active Directory domain.

 

Requirements and Limitations

1)      Permissions required

a.       To run ADSCreateObject the user account must be have the appropriate permissions in the target Active Directory domain.

b.      Account Operator or Domain Admin permissions are generally recommended for use against a domain.

2)      This utility only creates these object types, with limited properties.

a.       Users

b.      Groups

3)      Creating a group does not include adding members to the group.  To add members to a group, use the AddMembers2Group utility.

4)      Tested and developed against Windows 2003/2008 domain controllers.

5)      VB6 Runtime may be required on Windows 2000 or earlier OS.

 

Syntax:

Author: NetworkAdminKB.com

Version: 1.3.12

Copyright (c) 2008-2011 NetworkAdminKB.com, All rights reserved.

Bug Report: bugs@networkadminkb.com

Purpose: Create a user or group in an Active Directory domain.

 

Syntax:

ADSCreateObject

  /ocn=objectCommonName

  {/gt=groupType [/gd=groupDescription] | /uid=userID [/up=userPassword]

    [/uf=userFirstName] [ul=userLastName]}

  [/d=DomainName] [/ou=RDN]

 

Purpose: Create a user or group in an Active Directory domain.

 

Specify the Common Name of the object to create

/ocn=objectCommonName  The CN of the object to create in AD.

 

Create a user or group by specifying the appropriate switches below.

/gt=grouptype  Create a group of this type.  Valid types are

                 SU  = Security Universal

                 SG  = Security Global

                 SDL = Security Domain Local

                 DU  = Distribution Universal

                 DG  = Distribution Global

                 DDL = Distribution Domain Local

/gd=groupDescription  Optional, provide a description of the group.

 

/uid=userID           Create a user with this UserId/samAccountName.

/up=userPassword      Optional, specify the user password.

/uf=userFirstName     Optional, specify the user first name.

/ul=userLastName      Optional, specify the user last name.

 

/ou=RDN               Optional, the RDN of the OU to create the object in.

                        Drop the DC= portion of the RDN

                        If omitted CN=Users is assumed.

/d=domain             Optional, specify the Domain to create the object in.

                        If omitted the Current (RootDSE) domain is used.

 

Examples:

  ADSCreateObject /ocn=Group1 /gt=SDL /d=my.domain.net /ou="OU=Groups"

  ADSCreateObject /ocn="John Smith" /uid=jsmith /up=jsm1th /uf=John /ul=Smith

 

Common Uses

1)      Creating users from a script or batch file.

a.       To create users with more properties use CSVDE or LDIFDE from Microsoft.

2)      Creating groups from a script or batch file.

3)      Use in conjunction with AddMembers2Group to duplicate group easily

 

Download ADSCreateObject 

Article ID: 272, Created On: 9/18/2011, Modified: 9/18/2011