none
Scrip para incluir varios usuários no AD com a opção de "password never expires" setada por um arquivo do excel RRS feed

  • Discussão Geral

  • ' CreateUsers.vbs
    ' VBScript program to create users according to the information in a
    ' Microsoft Excel spreadsheet.
    '
    ' ----------------------------------------------------------------------
    ' Copyright (c) 2003 Richard L. Mueller
    ' Hilltop Lab web site - http://www.rlmueller.net
    ' Version 1.0 - September 8, 2003
    ' Version 1.1 - January 25, 2004 - Modify error trapping.
    ' Version 1.2 - March 18, 2004 - Modify NameTranslate constants.
    '
    ' You have a royalty-free right to use, modify, reproduce, and
    ' distribute this script file in any way you find useful, provided that
    ' you agree that the copyright owner above has no warranty, obligations,
    ' or liability for such use.

    Option Explicit

    Dim objExcel, strExcelPath, objSheet
    Dim strLast, strFirst, strMiddle, strPW, intRow, intCol
    Dim strGroupDN, objUser, objGroup, objContainer, strDisplayName, strDescription
    Dim strCN, strNTName, strContainerDN
    Dim strHomeFolder, strHomeDrive, objFSO, objShell
    Dim intRunError, strNetBIOSDomain, strDNSDomain
    Dim objRootDSE, objTrans, strLogonScript, strUPN
    Dim intUAC

    ' Constants for the NameTranslate object.
    Const ADS_NAME_INITTYPE_GC = 3
    Const ADS_NAME_TYPE_NT4 = 3
    Const ADS_NAME_TYPE_1779 = 1
    Const ADS_UF_DONT_EXPIRE_PASSWD = &H10000

     


    ' Specify spreadsheet.
    strExcelPath = "C:\caminho completo do documento\Excel.xls"

    ' Specify DN of container where users created.
    strContainerDN = "OU=Exemplo,OU=Exemplo,OU=Exemplo,DC=nome do dominio,DC=com,DC=br"


    Set objFSO = CreateObject("Scripting.FileSystemObject")
    Set objShell = CreateObject("Wscript.Shell")

    ' Determine DNS domain name from RootDSE object.
    Set objRootDSE = GetObject("LDAP://nomedmaquinadomain control.nome do dominio.com.br/RootDSE")
    strDNSDomain = objRootDSE.Get("DefaultNamingContext")

    ' Use the NameTranslate object to find the NetBIOS domain name
    ' from the DNS domain name.
    Set objTrans = CreateObject("NameTranslate")
    objTrans.Init ADS_NAME_INITTYPE_GC, ""
    objTrans.Set ADS_NAME_TYPE_1779, strDNSDomain
    strNetBIOSDomain = objTrans.Get(ADS_NAME_TYPE_NT4)
    ' Remove trailing backslash.
    strNetBIOSdomain = Left(strNetBIOSDomain, Len(strNetBIOSDomain) - 1)

    ' Open spreadsheet.
    Set objExcel = CreateObject("Excel.Application")

    On Error Resume Next
    objExcel.Workbooks.Open strExcelPath
    If (Err.Number <> 0) Then
        On Error GoTo 0
        MsgBox "Unable to open spreadsheet " & strExcelPath
        Wscript.Quit
    End If
    On Error GoTo 0
    Set objSheet = objExcel.ActiveWorkbook.Worksheets(1)

    ' Bind to container where users to be created.
    On Error Resume Next
    Set objContainer = GetObject("LDAP://" & strContainerDN)
    If (Err.Number <> 0) Then
        On Error GoTo 0
        MsgBox "Unable to bind to container: " & strContainerDN
        Wscript.Quit
    End If
    On Error GoTo 0

    ' Start with row 2 of spreadsheet.
    ' Assume first row has column headings.
    intRow = 2

    ' Read each row of spreadsheet until a blank value
    ' encountered in column 5 (the column for cn).
    ' For each row, create user and set attribute values.
    Do While objSheet.Cells(intRow, 5).Value <> ""
        ' Read values from spreadsheet for this user.
        strFirst = Trim(objSheet.Cells(intRow, 1).Value)
        strMiddle = Trim(objSheet.Cells(intRow, 2).Value)
        strLast = Trim(objSheet.Cells(intRow, 3).Value)
        strPW = Trim(objSheet.Cells(intRow, 4).Value)
        strCN = Trim(objSheet.Cells(intRow, 5).Value)
        strNTName = Trim(objSheet.Cells(intRow, 6).Value)
        strUPN = Trim(objSheet.Cells(intRow, 7).Value)
        strHomeFolder = Trim(objSheet.Cells(intRow, 8).Value)
        strHomeDrive = Trim(objSheet.Cells(intRow, 9).Value)
        strLogonScript = Trim(objSheet.Cells(intRow, 10).Value)
        strDisplayName = Trim(objSheet.Cells(intRow, 12).Value)
        strDescription = Trim(objSheet.Cells(intRow, 13).Value) 
        ' Create user object.
        On Error Resume Next
        Set objUser = objContainer.Create("user", "cn=" & strCN)
        If (Err.Number <> 0) Then
            On Error GoTo 0
            MsgBox "Unable to create user with cn: " & strCN
        Else
            On Error GoTo 0
            ' Assign mandatory attributes and save user object.
            If (strNTName = "") Then
                strNTName = strCN
            End If
            objUser.sAMAccountName = strNTName
            On Error Resume Next
            objUser.SetInfo
            If (Err.Number <> 0) Then
                On Error GoTo 0
                MsgBox "Unable to create user with NT name: " & strNTName
            Else
                ' Set password for user.
                objUser.SetPassword strPW
                If (Err.Number <> 0) Then
                    On Error GoTo 0
                    MsgBox "Unable to set password for user " & strNTName
                End If
                On Error GoTo 0
      
                ' Enable the user account.
                objUser.AccountDisabled = False
                If (strFirst <> "") Then
                    objUser.givenName = strFirst
                End If
                ' Assign values to remaining attributes.
                If (strMiddle <> "") Then
                    objUser.initials = strMiddle
                End If
                If (strLast <> "") Then
                    objUser.sn = strLast
                End If
                If (strUPN <> "") Then
                    objUser.userPrincipalName = strUPN
                End If
                If (strHomeDrive <> "") Then
                    objUser.homeDrive = strHomeDrive
                End If
                If (strHomeFolder <> "") Then
                    objUser.homeDirectory = strHomeFolder
                End If
                If (strLogonScript <> "") Then
                    objUser.scriptPath = strLogonScript
                End If
                If (strDisplayName <> "") Then
                    objUser.displayName = strDisplayName
                End If
                If (strDescription <> "") Then
                    objUser.description = strDescription
                End If
                On Error Resume Next
                objUser.SetInfo
                If (Err.Number <> 0) Then
                    On Error GoTo 0
                    MsgBox "Unable to set attributes for user with NT name: " _
                        & strNTName
                End If
                On Error GoTo 0
          
     ' Define que a senha deve ser alterada no próximo logon.
          objUser.pwdLastSet = 0
          On Error Resume Next
          Err.Clear
          objUser.SetInfo
          If Err.Number <> 0 Then
            Err.Clear
            On Error GoTo 0
            Wscript.Echo "Falha ao definir atributos para o usuário: " _
              & strNTName
          End If
          On Error GoTo 0

    'Seta a opção "password never expires"

    'Para a opção de expirar a senha no proximo logon, retire esse bloco
    intUAC = objUser.Get("userAccountControl")
     
    If ADS_UF_DONT_EXPIRE_PASSWD AND intUAC Then
        Else
        objUser.Put "userAccountControl", intUAC XOR _
            ADS_UF_DONT_EXPIRE_PASSWD
        objUser.SetInfo
        End If

     


     ' Create home folder.
                If (strHomeFolder <> "") Then
                    If (objFSO.FolderExists(strHomeFolder) = False) Then
                        On Error Resume Next
                        objFSO.CreateFolder strHomeFolder
                        If (Err.Number <> 0) Then
                            On Error GoTo 0
                            MsgBox "Unable to create home folder: " & strHomeFolder
                        End If
                        On Error GoTo 0
                    End If
                    If (objFSO.FolderExists(strHomeFolder) = True) Then
                        ' Assign user permission to home folder.
                        intRunError = objShell.Run("%COMSPEC% /c Echo Y| cacls " _
                            & strHomeFolder & " /T /E /C /G " & strNetBIOSDomain _
                            & "\" & strNTName & ":F", 2, True)
                        If (intRunError <> 0) Then
                            MsgBox "Error assigning permissions for user " _
                                & strNTName & " to home folder " & strHomeFolder
                        End If
                    End If
                End If
                ' Group DN's start in column 11.
                intCol = 11
                Do While objSheet.Cells(intRow, intCol).Value <> ""
                    strGroupDN = Trim(objSheet.Cells(intRow, intCol).Value)
                    On Error Resume Next
                    Set objGroup = GetObject("LDAP://" & strGroupDN)
                    If (Err.Number <> 0) Then
                        On Error GoTo 0
                        MsgBox "Unable to bind to group " & strGroupDN
                    Else
                        objGroup.Add objUser.AdsPath
                        If (Err.Number <> 0) Then
                            On Error GoTo 0
                            MsgBox "Unable to add user " & strNTName _
                                & " to group " & strGroupDN
                        End If
                    End If
                    On Error GoTo 0
                    ' Increment to next group DN.
                    intCol = intCol + 1
                Loop
            End If
        End If
        ' Increment to next user.
        intRow = intRow + 1

    Loop


    MsgBox "Done"

    ' Clean up.
    objExcel.ActiveWorkbook.Close
    objExcel.Application.Quit
    Set objUser = Nothing
    Set objGroup = Nothing
    Set objContainer = Nothing
    Set objSheet = Nothing
    Set objExcel = Nothing
    Set objFSO = Nothing
    Set objShell = Nothing
    Set objTrans = Nothing
    Set objRootDSE = Nothing



    primeira linha de como vai ficar o Excel

    givenName initials sn Password cn sAMAccountName userPrincipalName strLogonScript displayName description


    • Editado ckumark sexta-feira, 26 de junho de 2009 18:44 Fixing thread title bug
    terça-feira, 23 de junho de 2009 20:29

Todas as Respostas

  • Olá, estou utilizando este script, mas gostaria também que se possível ao criar o usuário ele também criar a conta de e-mail e acrescentar o usuário ao membro de determinados grupos.

    Por exemplo:  acresentar ele no "member of" do grupo teste

    E ter uma coluna no excel assim:

    primeira linha de como vai ficar o Excel
    givenName initials sn Password cn sAMAccountName userPrincipalName strLogonScript displayName description              member of
                                    teste


    desde já agradeço.
    quarta-feira, 24 de junho de 2009 22:01
  • Boa tarde, Aproveitando a ocasião, em um dos tópicos, tem um script para criar a Assinatura, baseada no AD. Alguém poderia passar as colunas do excel para poder futuramente criar a assinatura? Obrigado!
    terça-feira, 28 de julho de 2009 17:59