A basic account creation script (detailed explanation)

A basic account creation script (detailed explanation)

This example uses SamAccount commands and works on all Windows server versions - from NT 3.51 up to 2003. However, for Windows 2000 and 2003 you might want to use AD commands instead, see the
example Basic user and group management with AD commands.

[Settings_Begin]
BatchSettings.Delimiter=TAB
Account.FullName.Col=1
Account.Password.Col=3
BatchSettings.MarkerCol=4
Account.Description.col=6
Account.HomeDir=%servername%\users\%col2%
Account.HomeDirDrive=T
Account.Expires=2005-12-22
Account.ProfilePath=%servername%\PROFILES\STUD
Account.ScriptName=STUD.BAT
Account.Password.MustChange=Yes
Account.Password.NeverExpires=No
Account.Password.CannotChange=No
[Settings_End]

[Machines_Begin]
\\EDU12
[Machines_End]

[Batch_Begin]
Group.Global.Create Students
Data.Loop
Account.Create %col2%
Account.Set.Group.Global %col2%,Students,Domain Users
Data.Endloop
[Batch_End]

[Data_Begin]
Clinton Bill CBill thesame Biology spr 2k
Gates Bill GBill thesame Biology spr 2k
[Data_End]

[Settings] section

·	"BatchSettings.Delimiter=TAB" - selects delimiter, in this case the data in the [Data] section must be tab delimited.

·	"Account.FullName.Col=1" - property of the "Account.Create" command - "Clinton Bill" and "Gates Bill" will be imported from column 1 in the [data] section.

"Account.Password.Col=3" - property of the "Account.Create" command - Passwords will be imported from column 3 in the [data] section. In this example all users gets the same password; "thesame". The default NT "first logon" behavior is that new users will be prompted to change their password at their first logon - after the first logon all users will have their own individual password. The password specified here will therefore only be used once. (It is easy to fill a column with identical passwords and comments by using the Text Generator.)

·	"BatchSettings.MarkerCol=4" - a special column used by SetupBatcher to mark finished data. This column can not be used for other data.

·	"Account.Description.col=6" - property of the "Account.Create" command - descriptions will be imported from column 6.

"Account.HomeDir=%servername%\users\%col2%", "Account.HomeDirDrive=T"- properties of the "Account.Create" command - when the batch job runs "%servername%\users\%col2%" will be substituted with each user name, example: "\\EDU12\users\CBill". When each user logs on, the drive t: will be mapped to a personal home directory.

·	"Account.Expires=2005-12-22" - property of the "Account.Create" command - sets account expiration date - accounts created will expire December 22, 2005 at 24hrs.

·	"Account.ProfilePath=%servername%\PROFILES\STUD", "Account.ScriptName=STUD.BAT", - properties of the "Account.Create" command, sets user profile and logon script. In this example, user profile will be loaded from \\EDU12\PROFILES\STUD.

·	"Account.Password.MustChange=Yes", "Account.Password.NeverExpires=No" and "Account.Password.CannotChange=No" - properties of the "Account.Create" command, sets password related flags.

[Machines] section

·	List of servers on which to create accounts, in this case "\\EDU12".

[Batch] section

·	"Group.Global.Create Students" - creates the global group "students".

·	"Data.Loop" / "Data.Endloop" means that the surrounded commands will be executed once for each row in the [Data] section.

·	"Account.Create %col2%" - create accounts named by data in column 2 of [data] section ("CBill" and "Gbill").

·	"Account.Set.Group.Global %col2%,Students,Domain Users" - sets global group membership for each account, the group specified first in the list of groups will be primary group - in this case "Students"

[Data] section

·	Properties for accounts to create.