Basic user and group management with AD commands
Top  Previous  Next


This script shows how to use the AD commands to manage Windows 2000 or 2003 server accounts, groups and OUs.

Script

[Settings_Begin]
BatchSettings.Delimiter=,
SET AccountName=%col2%    // %AccountName% instead of %col2% below = easier to change column
SET Password=%col7%
BatchSettings.MarkerCol=20

SET ADDomainPath=dc=com/dc=acme/dc=D2
SET ADOU=Finance
SET ADOUPath=%ADDomainPath%/ou=%ADOU%

SET Group1=Finance
SET GroupDesc1=Finance department

SET LocalGroup=Special
SET LocalGroupDesc=Special permissions
[Settings_End]

[Machines_Begin]
\\EDU8
[Machines_End]

[Batch_Begin]
AD.OU.Create %ADDomainPath%,%ADOU%   
AD.Group.Create Local,%ADOUPath%,%LocalGroup%,%LocalGroupDesc%   
AD.Group.Create Global,%ADOUPath%,%Group1%,%GroupDesc1%   
AD.Group.AddObject %ADOUPath%/cn=%LocalGroup%,%ADOUPath%/cn=%Group1%   
Data.Loop   
 AD.Account.Create %ADOUPath%,%AccountName%,%AccountName%,%Password%   
 AD.Account.SetProperty %ADOUPath%/cn=%AccountName%,AccountDisabled,No   
 AD.Group.AddObject %ADOUPath%/cn=%Group1%,%ADOUPath%/cn=%AccountName%   
Data.Endloop   
[Batch_End]

[Undo_Batch_Begin]
AD.Group.Delete %ADOUPath%,%LocalGroup%   
AD.Group.Delete %ADOUPath%,%Group1%   
Data.Loop   
 AD.Account.Delete %ADOUPath%,%AccountName%   
Data.Endloop   
AD.OU.Delete %ADDomainPath%,%ADOU%   
[Undo_Batch_End]

[Data_Begin]
,steve,,,,,passw,,,,,,,,,,,,,
,peter,,,,,passw2,,,,,,,,,,,,,
[Data_End]

[Batch] section

·Create OU "Finance"  
·In OU "Finance"  
·Create domain local group "Special"  
·Create global group "Finance"  
·Add "Finance" to "Special"  
·Loop data section  
·Create account  
·Set account disabled to no  
·Add account to "Finance"  

[Undo] section

·In OU "Finance"  
·Delete "Special"  
·Delete "Finance"  
·Loop data section  
·Delete account  
·Delete OU "Finance"  

Result from the [Batch] section