Using the Active Directory command-line tools, in a Windows 2000 domain, or Windows Server 2003 domain, you can create, modify, and delete a user, from the command-line.
The syntax for creating a user account is:
dsadd user user_DN -samid Sam_Name
where:
user_DN is the distinguished name (DN) of the user you wish to create, like "CN=Jerold Schulman,CN=Users,DC=JSIINC,DC=COM". Sam_Name is the SAM (Security Account Manager) name of the users, like Jerry. NOTE: To disable / enable a user account, use dsmod user user_DN -disabled yes|no. NOTE: To delete a user account, use dsrm user_DN. NOTE: To modify the properties of a user account, use the dsmod user_DN command.
NOTE: When you type dsadd user /?, you receive:
Description: Adds a user to the directory. Syntax: dsadd user <UserDN> \[-samid <SAMName>\] \[-upn <UPN>\] \[-fn <FirstName>\] \[-mi <Initial>\] \[-ln <LastName>\] \[-display <DisplayName>\] \[-empid <EmployeeID>\] \[-pwd \{<Password> | *\}\] \[-desc <Description>\] \[-memberof <Group ...>\] \[-office <Office>\] \[-tel <Phone#>\] \[-email <Email>\] \[-hometel <HomePhone#>\] \[-pager <Pager#>\] \[-mobile <CellPhone#>\] \[-fax <Fax#>\] \[-iptel <IPPhone#>\] \[-webpg <WebPage>\] \[-title <Title>\] \[-dept <Department>\] \[-company <Company>\] \[-mgr <Manager>\] \[-hmdir <HomeDir>\] \[-hmdrv <DriveLtr:>\] \[-profile <ProfilePath>\] \[-loscr <ScriptPath>\] \[-mustchpwd \{yes | no\}\] \[-canchpwd \{yes | no\}\] \[-reversiblepwd \{yes | no\}\] \[-pwdneverexpires \{yes | no\}\] \[-acctexpires <NumDays>\] \[-disabled \{yes | no\}\] \[\{-s <Server> | -d <Domain>\}\] \[-u <UserName>\] \[-p \{<Password> | *\}\] \[-q\] \[\{-uc | -uco | -uci\}\] Parameters: Value Description <UserDN> Required. Distinguished name (DN) of user to add. If the target object is omitted, it will be taken from standard input (stdin). -samid <SAMName> Set the SAM account name of user to <SAMName>. If not specified, dsadd will attempt to create SAM account name using up to the first 20 characters from the common name (CN) value of <UserDN>. -upn <UPN> Set the upn value to <UPN>. -fn <FirstName> Set user first name to <FirstName>. -mi <Initial> Set user middle initial to <Initial>. -ln <LastName> Set user last name to <LastName>. -display <DisplayName> Set user display name to <DisplayName>. -empid <EmployeeID> Set user employee ID to <EmployeeID>. -pwd \{<Password> | *\} Set user password to <Password>. If *, then you are prompted for a password. -desc <Description> Set user description to <Description>. -memberof <Group ...> Make user a member of one or more groups <Group ...> -office <Office> Set user office location to <Office>. -tel <Phone#> Set user telephone# to <Phone#>. -email <Email> Set user e-mail address to <Email>. -hometel <HomePhone#> Set user home phone# to <HomePhone#>. -pager <Pager#> Set user pager# to <Pager#>. -mobile <CellPhone#> Set user mobile# to <CellPhone#>. -fax <Fax#> Set user fax# to <Fax#>. -iptel <IPPhone#> Set user IP phone# to <IPPhone#>. -webpg <WebPage> Set user web page URL to <WebPage>. -title <Title> Set user title to <Title>. -dept <Department> Set user department to <Department>. -company <Company> Set user company info to <Company>. -mgr <Manager> Set user's manager to <Manager> (format is DN). -hmdir <HomeDir> Set user home directory to <HomeDir>. If this is UNC path, then a drive letter that will be mapped to this path must also be specified through -hmdrv. -hmdrv <DriveLtr:> Set user home drive letter to <DriveLtr:> -profile <ProfilePath> Set user's profile path to <ProfilePath>. -loscr <ScriptPath> Set user's logon script path to <ScriptPath>. -mustchpwd \{yes | no\} User must change password at next logon or not. Default: no. -canchpwd \{yes | no\} User can change password or not. This should be "yes" if the -mustchpwd is "yes". Default: yes. -reversiblepwd \{yes | no\} Store user password using reversible encryption or not. Default: no. -pwdneverexpires \{yes | no\} User password never expires or not. Default: no. -acctexpires <NumDays> Set user account to expire in <NumDays> days from today. A value of 0 implies account expires at the end of today; a positive value implies the account expires in the future; a negative value implies the account already expired and sets an expiration date in the past; the string value "never" implies that the account never expires. -disabled \{yes | no\} User account is disabled or not. Default: no. \{-s <Server> | -d <Domain>\} -s <Server> connects to the domain controller (DC) with name <Server>. -d <Domain> connects to a DC in domain <Domain>. Default: a DC in the logon domain. -u <UserName> Connect as <UserName>. Default: the logged in user. User name can be: user name, domain\user name, or user principal name (UPN). -p \{<Password> | *\} Password for the user <UserName>. If * is entered, then you are prompted for a password. -q Quiet mode: suppress all output to standard output. \{-uc | -uco | -uci\} -uc Specifies that input from or output to pipe is formatted in Unicode. -uco Specifies that output to pipe or file is formatted in Unicode. -uci Specifies that input from pipe or file is formatted in Unicode. Remarks: If you do not supply a target object at the command prompt, the target object is obtained from standard input (stdin). Stdin data can be accepted from the keyboard, a redirected file, or as piped output from another command. To mark the end of stdin data from the keyboard or in a redirected file, use Control+Z, for End of File (EOF). If a value that you supply contains spaces, use quotation marks around the text (for example, "CN=John Smith,CN=Users,DC=microsoft,DC=com"). If you enter multiple values, the values must be separated by spaces (for example, a list of distinguished names). The special token $username$ (case insensitive) may be used to place the SAM account name in the value of a parameter. For example, if the target user DN is CN=Jane Doe,CN=users,CN=microsoft,CN=com and the SAM account name attribute is "janed," the -hmdir parameter can have the following substitution: -hmdir \users\$username$\home The value of the -hmdir parameter is modified to the following value: - hmdir \users\janed\home
0 comments
Hide comments