Apostate Café


By joshua

Pubished:

Posted in: programming

WSH ADSI Recipes

<span class="caps">WSH</span> <span class="caps">ADSI</span> Recipes
Working with the domain ———————————- - [Dumping User Info][] - [Creating a User][] - [Changing passwords][] - [Changing a User’s Description][] - [Confirming a Password Change][] - [Deleting a User from a Domain][] - [Disabling an Account][] - [Displaying Groups of a User][] - [Setting a Required Password][] - [Setting a User’s Account Expiration][] - [Setting a User’s Home Directory][] - [Setting a User’s Login Script][] - [Setting a User’s Profile][] - [Setting a User’s Full Name][] - [Setting Password Expiration][] - [Adding a User to a Group][] - [Adding a Domain User to a Group][] - [Deleting a Group from a Domain][] - [Displaying Domains][] - [Displaying Groups][] - [Getting the Users of a Group][] Working with servers —————————— - [Creating a Share][] - [Delete a Share][] Working with IIS ———————— - [Set default logon domain for Basic authentication][] - [Create a new virtual root][] Working with LDAP ————————- - [Programmatically Create Members in Site Server 3.0][] * * * * * Dumping User Info ================= Syntax: `cscript userinfo.vbs B-id` ~~~~ {.codesamp} ‘ ——[ UserInfo.vbs ]——— Option Explicit Dim oMember, oGroup, strOutput If WScript.arguments.length < 1 Then WScript.echo "Must supply B-id" WScript.quit End If Set oMember = GetObject("WinNT://YourDomain/" + WScript.arguments(0)) strOutput = oMember.Name strOutput = strOutput + " [" + oMember.Description + "]" If oMember.AccountDisabled Then strOutput = strOutput + " (Disabled)" If oMember.IsAccountLocked Then strOutput = strOutput + " (Locked Out)" WScript.Echo strOutput For Each oGroup in oMember.Groups WScript.Echo oGroup.Name + " [" + oGroup.Description + "]" Next ~~~~ Creating a User =============== ~~~~ {.codesamp} Set DomainObj = GetObject("WinNT://YourDomain") Set UserObj = DomainObj.Create("user", "UserID") UserObj.SetInfo Set UserObj = Nothing ~~~~ Changing passwords ================== ~~~~ {.codesamp} Set UserObj = GetObject("WinNT://YourDomain/UserID") UserObj.ChangePassword "oldpassword", "newpassword" Set UserObj = Nothing ~~~~ Changing a User's Description ============================= ~~~~ {.codesamp} Set UserObj = GetObject("WinNT://YourDomain/UserID") UserObj.Description = "New Description" UserObj.SetInfo Set UserObj = Nothing ~~~~ Confirming a Password Change ============================ ~~~~ {.codesamp} On Error Resume Next Set UserObj = GetObject("WinNT://YourDomain/UserID") UserObj.ChangePassword "oldpassword", "newpassword" Set UserObj = Nothing If err.number = 0 Then WScript.Echo "Password Change Failed" Else WScript.Echo "Password Change Was Successful" End if ~~~~ Deleting a User from a Domain ============================= ~~~~ {.codesamp} Set DomainObj = GetObject("WinNT://YourDomain") DomainObj.Delete("user", "UserID") Set DomainObj = Nothing ~~~~ Disabling an Account ==================== ~~~~ {.codesamp} Set UserObj = GetObject("WinNT://YourDomain/UserID") UserObj.AccountDisabled = True UserObj.SetInfo Set UserObj = Nothing ~~~~ Displaying Groups of a User =========================== ~~~~ {.codesamp} Set UserObj = GetObject("WinNT://YourDomain/UserID") For Each GroupObj In UserObj.Groups WScript.Echo GroupObj.Name Next Set UserObj = Nothing Set GroupObj = Nothing ~~~~ Setting a Required Password =========================== ~~~~ {.codesamp} Set UserObj = GetObject("WinNT://YourDomain/UserID") UserObj.PasswordRequired = True UserObj.SetInfo Set UserObj = Nothing ~~~~ Setting a User's Account Expiration =================================== ~~~~ {.codesamp} Set UserObj = GetObject("WinNT://YourDomain/UserID") UserObj.AccountExpirationDate = Now() UserObj.SetInfo Set UserObj = Nothing ~~~~ Setting a User's Home Directory =============================== ~~~~ {.codesamp} Set UserObj = GetObject("WinNT://YourDomain/UserID") UserObj.HomeDirectory = "Directory Path" UserObj.SetInfo Set UserObj = Nothing ~~~~ Setting a User's Login Script ============================= ~~~~ {.codesamp} Set UserObj = GetObject("WinNT://YourDomain/UserID") UserObj.LoginScript = "Login script file name" UserObj.SetInfo Set UserObj = Nothing ~~~~ Setting a User's Profile ======================== ~~~~ {.codesamp} Set UserObj = GetObject("WinNT://YourDomain/UserID") UserObj.Profile = "New Profile Path" UserObj.SetInfo Set UserObj = Nothing ~~~~ Setting a User's Full Name ========================== ~~~~ {.codesamp} Set UserObj = GetObject("WinNT://YourDomain/UserID") UserObj.FullName = "Users Name" UserObj.SetInfo Set UserObj = Nothing ~~~~ Setting Password Expiration =========================== ~~~~ {.codesamp} Set UserObj = GetObject("WinNT://YourDomain/UserID") UserObj.Put "PasswordExpired", CLng(1) UserObj.SetInfo Set UserObj = Nothing ~~~~ Adding a User to a Group ======================== ~~~~ {.codesamp} DomainString = "DomainName" UserString = "jdoe" GroupString = "GroupName" Set GroupObj = GetObject("WinNT://YourDomain/GroupName") GroupObj.Add ("WinNT://YourDomain/UserID") Set DomainObj = Nothing Set GroupObj = Nothing ~~~~ Adding a Domain User to a Group =============================== ~~~~ {.codesamp} Set GroupObj = GetObject("WinNT://MachineName/SomeGroup") GroupObj.Add ("WinNT://YourDomain/UserID") Set DomainObj = Nothing Set GroupObj = Nothing ~~~~ Deleting a Group from a Domain ============================== ~~~~ {.codesamp} Set DomainObj = GetObject("WinNT://YourDomain") DomainObj.Delete("group", "SomeGroup") Set DomainObj = Nothing ~~~~ Displaying Domains ================== ~~~~ {.codesamp} Dim NameSpaceObj Dim DomObj Set NameSpaceObj = GetObject("WinNT:") NameSpaceObj.Filter = Array("domain") For Each DomObj in NameSpaceObj WScript.Echo DomObj.Name & “,” & DomObj.Class Next ~~~~ Displaying Groups ================= ~~~~ {.codesamp} Set DomainObj = GetObject(“WinNT://YourDomain”) DomainObj.Filter = Array(“group”) For Each GroupObj In DomainObj If GroupObj.Class = “Group” Then WScript.echo GroupObj.Name Next Set DomainObj = Nothing Set GroupObj = Nothing ~~~~ Getting the Users of a Group ============================ ~~~~ {.codesamp} Set GroupObj = GetObject(“WinNT://YourDomain/SomeGroup”) For Each UserObj in GroupObj.Members WScript.Echo UserObj.Name Next ~~~~ Creating a Share ================ ~~~~ {.codesamp} Set FservObj = GetObject(“WinNT://ComputerName/lanmanserver”) Set newshare = FservObj.create(“fileshare”,”test”) newshare.path = “C:\temp” newshare.Setinfo Set newshare = nothing ~~~~ Delete a Share ============== ~~~~ {.codesamp} Set fserv = GetObject(“WinNT://ComputerName/lanmanserver”) fserv.delete “fileshare”,”test” ~~~~ Set default logon domain for IIS ================================ ~~~~ {.codesamp} Dim oAdmin Set oAdmin = GetObject(“IIS://LocalHost/W3Svc”) oAdmin.DefaultLogonDomain = “YourDomain” Call oAdmin.SetInfo Set oAdmin = Nothing ~~~~ Create a new virtual root ========================= ~~~~ {.codesamp} Dim vRoot, vDir Set vRoot = GetObject(“IIS://LocalHost/W3Svc/1/root”) Set vDir = vRoot.Create(“IIsWebVirtualDir”, “v-root-name”) vDir.Path = “c:\inetpub\foobar” vDir.SetInfo Set vDir = Nothing Set vRoot = Nothing ~~~~ Programmatically Create Members in Site Server 3.0 ================================================== ~~~~ {.codesamp} Dim oADsContainer Dim oADsNewUser Dim oGuidGen Dim strGuid Dim strLdapPath ‘The path to the ou=Members container strLdapPath=”LDAP://localhost:5292/o=Microsoft/ou=Members” ‘Instantiate the GUID Generator that comes with Site Server ‘and store the GUID for use later on. Set oGuidGen = CreateObject(“Membership.GuidGen.1”) strGuid = oGuidGen.GenerateGuid ‘Bind to the container in which the Member will be created Set oADsContainer = GetObject(strLdapPath) ‘Create the new user object, note that the Create() method returns ‘an interface pointer Set oADsNewUser = oADsContainer.Create(“member”, “cn=JohnDoe”) oADsNewUser.Put “givenName”, “John” oADsNewUser.Put “sn”, “Doe” oADsNewUser.Put “userPassword”, “password” oADsNewUser.Put “GUID”, CStr(strGuid) oADsNewUser.SetInfo ‘Destroy the objects Set oGuidGen = Nothing Set oADsNewUser = Nothing Set oADsContainer = Nothing ~~~~