Copying a User in a Domain

Posted: January 10, 2010 in Active Directory, Networking, Server, System Information
Tags: , ,
0

Problem

You want to copy an existing user account, which may be serving as a template, to create a new account.

Solution

Using a graphical user interface
  1. Open the ADUC snap-in.
  2. In the left pane, browse to the parent container of the template user object.
  3. In the right pane, right-click on the user and select Copy.
  4. Enter the name information for the new user and click Next.
  5. Enter a password, check any options you want enabled, and click Next.
  6. Click Finish.
Using VBScript
        ' This code copies the attributes in the Attrs array from an
        ' existing object to a new one.
        ' ------ SCRIPT CONFIGURATION ------
        arrAttrs = Array("department","co","title","l", "c", "st")
        strParentDN = "<ParentContainer>" ' e.g. cn=Users,dc=rallencorp,dc=com
        strTemplateUser = "<TemplateUserName>" ' e.g. template-user-sales
        strNewUser = "<NewUserName>" ' e.g. jdoe
        strPassword = "<Password>"
        ' ------ END CONFIGURATION ---------

        Const ADS_UF_NORMAL_ACCOUNT = 512 ' from ADS_USER_FLAG_ENUM

        Set objTemplate = GetObject("LDAP://cn=" & strTemplateUser & _
                                    "," & strParentDN)
        Set objParent = GetObject("LDAP://" & strParentDN)
        Set objUser = objParent.Create("user", "cn=" & strNewUser)

        objUser.Put "sAMAccountName", strNewUser

        for each strAttr in arrAttrs
           objUser.Put strAttr, objTemplate.Get(strAttr)
        next

        objUser.SetInfo
        objUser.SetPassword(strPassword)
        objUser.SetInfo

        objUser.Put "userAccountControl", ADS_UF_NORMAL_ACCOUNT
        objUser.AccountDisabled = FALSE
        objUser.SetInfo

        WScript.Echo "Successfully created user"

Discussion

Copying a user consists of copying the attributes that are common among a certain user base, which can include department, address, and perhaps even organizational information. ADUC actually uses attributes that are marked in the schema as “Copied when duplicating a user” to determine which attributes to copy. The VBScript solution just used a hard-coded set of attributes.

Using a graphical user interface

To copy a user in ADUC, you have to browse to the user object. If you locate the user by using Find instead, the Copy option is not available when right-clicking a user in the search results window.

Using VBScript

ADSI has a CopyHere method, but it is available only for the NDS provider. It was not implemented for the LDAP provider and so copying a user via a single method is not supported.

Advertisement

Leave a Reply

Fill in your details below or click an icon to log in:

Gravatar
WordPress.com Logo

You are commenting using your WordPress.com account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )

Cancel

Connecting to %s