none
Issue with Batch scripting - dsadd user and commas RRS feed

  • Question

  • Hello,

    I am trying to create an user and put it in a OU that has a comma in its name. Like so:

    @echo off
    
    for /f "tokens=1-5 delims=;" %%A in (users.txt) do (dsadd user "CN=%%A,OU=%%C,DC=%%D,DC=%%E" -pwd %%B)
    
    pause

    The "users.txt" file:

    J.Martinez;Qwerty$123;"House, Flats, Condos";TEST;lan
    
    

    So when i launch the script i get the following error message:

    DSADD fails with: Value for 'Target object for this command' has incorrect format

    And if i don't put quotes around the %%C, i get this one:

    "Flats, " is an unknown parameter.

    All the items in the txt file are from a csv file. There can be several dozen lines at a time and commas everywhere that we need to keep...

    Plz halp...


    Saturday, December 29, 2018 9:22 PM

Answers

  • Here is how to do this in the current versions of Windows.

    Import-Csv users.txt -Delimiter ';' -Header A, B, C, D, E |
        ForEach-Object{
            $path = 'OU={0},DC={1},DC={2}' -f $_.C, $_.D, $_.E
            $password = COnvertTo-SecureString 'test12me34' -AsPlainText -Force
            $sam = $_.A -replace ','
            New-AdUser -Name $_.A -SamAccountName $sam -Path $path $password = ConvertTo-SecureString 'test12me34' -AsPlainText -Force-PassThru
        }
    

    You cannot have commas in the account id so dsadd will not work as written.  For help with using dsadd from a batch file try posting in the DirectoryServices forum.



    \_(ツ)_/

    • Marked as answer by DLKNT57 Saturday, December 29, 2018 10:47 PM
    Saturday, December 29, 2018 9:54 PM

All replies

  • Commas in the OU name, or any component of a distinguished name, need to be escaped with the backslash escape character, "\". For example:

    ou=House\, Flats\, Condos

    The only way I can think for you to do this is to modify the CSV file. Since it is semicolon delimited, you can just replace all commas, ",", with the escaped sequence, "\,".

    Edit: Reference:

    https://social.technet.microsoft.com/wiki/contents/articles/5312.active-directory-characters-to-escape.aspx


    Richard Mueller - MVP Enterprise Mobility (Identity and Access)


    Saturday, December 29, 2018 9:42 PM
    Moderator
  • Here is how to do this in the current versions of Windows.

    Import-Csv users.txt -Delimiter ';' -Header A, B, C, D, E |
        ForEach-Object{
            $path = 'OU={0},DC={1},DC={2}' -f $_.C, $_.D, $_.E
            $password = COnvertTo-SecureString 'test12me34' -AsPlainText -Force
            $sam = $_.A -replace ','
            New-AdUser -Name $_.A -SamAccountName $sam -Path $path $password = ConvertTo-SecureString 'test12me34' -AsPlainText -Force-PassThru
        }
    

    You cannot have commas in the account id so dsadd will not work as written.  For help with using dsadd from a batch file try posting in the DirectoryServices forum.



    \_(ツ)_/

    • Marked as answer by DLKNT57 Saturday, December 29, 2018 10:47 PM
    Saturday, December 29, 2018 9:54 PM
  • Yes thank you, looks like it's time to learn PowerShell.
    Saturday, December 29, 2018 10:47 PM
  • Yes, jrv is correct. If you don't provide -samid, the dsadd command will attempt to assign up to the first 20 characters of the common name, @@A in this case, as the sAMAccountName. And commas are not allowed in sAMAccountNames.

    Richard Mueller - MVP Enterprise Mobility (Identity and Access)

    Saturday, December 29, 2018 10:56 PM
    Moderator