Q. How can I use a script to mail-enable a user--that is, give the user email address attributes in Active Directory (AD)?

A. To mail-enable a user through a script, you can use Microsoft Active Directory Service Interfaces (ADSI) to set the relevant attributes:

  • mail: the user's primary email address
  • mailnickname: the user's nickname
  • DisplayName: the user's display name
  • proxyAddresses: all addresses that relate to the user
  • targetAddress: the user's primary SMTP address

The following script, mailenable.vbs, enables user "no mail2" in domain demo.local. (Some lines in the script below are wrapped because of space constraints.) You can download the script at Code.

strUser = "LDAP://cn=no mail2,cn=users,dc=demo,dc=local"

Set oUser = GetObject(strUser)

oUser.put "mail", "[email protected]"
oUser.put "mailnickname", "No mail"
oUser.put "DisplayName", "No mail"
oUser.put "proxyAddresses", _
  Array("SMTP:[email protected]", _
  "smtp:[email protected]")
oUser.put "targetAddress", _
  "SMTP:[email protected]"

The first line of code simply sets a string to point to the user's distinguished name (DN). The next line creates an object that points to the specified user. The next five lines set attribute values. Notice that the user has multiple SMTP addresses, so the proxyAddresses attribute uses an array structure. Also notice that uppercase SMTP: precedes the primary email address, whereas lowercase smtp: precedes the secondary/proxy address; this is the syntax that Microsoft uses to denote primary and secondary addresses, respectively. Finally, the last two lines set the attribute information into the oUser object and reset the pointer to the object to empty. You could easily change the script to accept values from a command line, if required.

Hide comments


  • Allowed HTML tags: <em> <strong> <blockquote> <br> <p>

Plain text

  • No HTML tags allowed.
  • Web page addresses and e-mail addresses turn into links automatically.
  • Lines and paragraphs break automatically.