problems creating users in Active directory
in [Active Directory]
|
Prev: The NTP server didn't respond
Next: concurrent logins
From: Carlettus on 12 Jun 2007 03:58 Dear All, sorry but I'm not sure if this is the right place to post my problem. I was using the following asp code to create users in Active Directory. Suddenly, and I don't know the reason, users are created but the account is disabled (see the flag User.AccountDisabled = False ). There is also another problem even if the user does not exist , the application returns to me with the message that the user already exist. Thank you for your support Carlo --------------------------------------------------- <% On Error Resume Next '/// Variable Declarations Dim User, Container, TargetContainer, sObjectCommonName, FirstName, LastName Dim ObjectSAMName, InitialPassword, sUserPrincipalName, sUserPath, sFullName Dim szUsername, szPassword, sOU, intUAC Const ADS_SECURE_AUTHENTICATION = 1 Const ADS_UF_ACCOUNTDISABLE = 2 Const ADS_UF_DONT_EXPIRE_PASSWD = &h10000 sOU = Request.Form("name_ou") '/// Assign variable values from the form TargetContainer = "LDAP://OU=" & sOU & ",OU=wss_ou,OU=NAME1,DC=NAME2,DC=NAME3,DC=ORG" szUsername = (Request.ServerVariables("AUTH_USER")) szPassword = Request.Form("password") ObjectSAMName = Request.Form("acc_logname") InitialPassword = Request.Form("acc_passwd") FirstName = Request.Form("acc_firstname") LastName = Request.Form("acc_lastname") sObjectCommonName = LastName & "\, " & FirstName sFullName = FirstName & " " & LastName sUserPath = "LDAP://CN=" & sObjectCommonName & ",OU=" & sOU & ",OU=wss_ou,OU=NAME1,DC=NAME2,DC=NAME3,DC=ORG" Set obj1 = GetObject(TargetContainer) '/// check if a user already exists Dim strUserName CheckForUser(ObjectSAMName) Sub CheckForUser(samAccountName) strUserName = samAccountName '/// Create, configure, and open ADO Connection object Set objConnection = CreateObject("ADODB.Connection") objConnection.Open "Provider=ADsDSOObject;" Set objCommand = CreateObject("ADODB.Command") objCommand.ActiveConnection = objConnection objCommand.CommandText = _ "<LDAP://OU=" & sOU & ",OU=wss_ou,OU=NAME1,DC=NAME2,DC=NAME3,DC=ORG>;(&(objectCategory=User)" & _ "(samAccountName=" & strUserName & "));samAccountName;subtree" Set objRecordSet = objCommand.Execute If objRecordset.RecordCount = 0 Then '/// If the user does not exist, then create the account and '/// populates the object's properties Set User = obj1.Create("user", "CN=" & sObjectCommonName) User.Put "sAMAccountName", ObjectSAMName User.Put "givenName", FirstName User.Put "sn", LastName User.Put "userPrincipalName", ObjectSAMName User.Put "DisplayName", LastName & " " & FirstName User.Put "Description", "Sharepoint use only: created by " & szUsername User.SetInfo '/// Sets the password and enables the account intUAC = User.Get("userAccountControl") User.Put "userAccountControl", ADS_UF_DONT_EXPIRE_PASSWD User.SetInfo User.SetPassword InitialPassword User.AccountDisabled = False User.SetInfo If Err.Number = 0 Then '/// If no errors occur, it displays a success screen Response.redirect "result.asp" Else '/// If an error occurs, it displays an error message Response.redirect "result_no.asp" End If Else End If '/// Clean up objConnection.Close End Sub %>
From: Jorge Silva on 12 Jun 2007 05:20 Hi Carlettus check f helps http://msdn2.microsoft.com/en-us/library/ms675773.aspx http://support.microsoft.com/kb/305144/en-us remember the sAMAccountName must be unique among all security principal objects within the domain. Use userAccountControl define if the user is enabled or disabled -- I hope that the information above helps you. Have a Nice day. Jorge Silva MCSE, MVP Directory Services "Carlettus" <carlettus(a)news.postalias> wrote in message news:O%23cErdMrHHA.4100(a)TK2MSFTNGP06.phx.gbl... > Dear All, > sorry but I'm not sure if this is the right place to post my problem. > I was using the following asp code to create users in Active Directory. > Suddenly, and I don't know the reason, users are created but the account > is disabled (see the flag User.AccountDisabled = False ). > There is also another problem even if the user does not exist , the > application returns to me with the message that the user already exist. > > Thank you for your support > Carlo > > > > > --------------------------------------------------- > > <% > > On Error Resume Next > '/// Variable Declarations > > Dim User, Container, TargetContainer, sObjectCommonName, FirstName, > LastName > Dim ObjectSAMName, InitialPassword, sUserPrincipalName, sUserPath, > sFullName > Dim szUsername, szPassword, sOU, intUAC > > Const ADS_SECURE_AUTHENTICATION = 1 > Const ADS_UF_ACCOUNTDISABLE = 2 > > Const ADS_UF_DONT_EXPIRE_PASSWD = &h10000 > > sOU = Request.Form("name_ou") > > '/// Assign variable values from the form > > TargetContainer = "LDAP://OU=" & sOU & > ",OU=wss_ou,OU=NAME1,DC=NAME2,DC=NAME3,DC=ORG" > szUsername = (Request.ServerVariables("AUTH_USER")) > szPassword = Request.Form("password") > ObjectSAMName = Request.Form("acc_logname") > InitialPassword = Request.Form("acc_passwd") > FirstName = Request.Form("acc_firstname") > LastName = Request.Form("acc_lastname") > sObjectCommonName = LastName & "\, " & FirstName > sFullName = FirstName & " " & LastName > sUserPath = "LDAP://CN=" & sObjectCommonName & ",OU=" & sOU & > ",OU=wss_ou,OU=NAME1,DC=NAME2,DC=NAME3,DC=ORG" > > Set obj1 = GetObject(TargetContainer) > > '/// check if a user already exists > > Dim strUserName > CheckForUser(ObjectSAMName) > Sub CheckForUser(samAccountName) > strUserName = samAccountName > > '/// Create, configure, and open ADO Connection object > > Set objConnection = CreateObject("ADODB.Connection") > objConnection.Open "Provider=ADsDSOObject;" > > Set objCommand = CreateObject("ADODB.Command") > objCommand.ActiveConnection = objConnection > > objCommand.CommandText = _ > "<LDAP://OU=" & sOU & > ",OU=wss_ou,OU=NAME1,DC=NAME2,DC=NAME3,DC=ORG>;(&(objectCategory=User)" & > _ > "(samAccountName=" & strUserName & "));samAccountName;subtree" > > > Set objRecordSet = objCommand.Execute > > If objRecordset.RecordCount = 0 Then > > > '/// If the user does not exist, then create the account and > '/// populates the object's properties > > Set User = obj1.Create("user", "CN=" & sObjectCommonName) > User.Put "sAMAccountName", ObjectSAMName > User.Put "givenName", FirstName > User.Put "sn", LastName > User.Put "userPrincipalName", ObjectSAMName > User.Put "DisplayName", LastName & " " & FirstName > User.Put "Description", "Sharepoint use only: created by " & szUsername > User.SetInfo > > '/// Sets the password and enables the account > > intUAC = User.Get("userAccountControl") > User.Put "userAccountControl", ADS_UF_DONT_EXPIRE_PASSWD > User.SetInfo > > User.SetPassword InitialPassword > User.AccountDisabled = False > User.SetInfo > > If Err.Number = 0 Then > > '/// If no errors occur, it displays a success screen > > Response.redirect "result.asp" > Else > > '/// If an error occurs, it displays an error message > > Response.redirect "result_no.asp" > End If > > Else > End If > > '/// Clean up > > objConnection.Close > > End Sub > %> >
From: Alessandro Ghizzardi on 12 Jun 2007 06:04 > Dear All, > sorry but I'm not sure if this is the right place to post my problem. Reminder for the future: This is an italian-language newsgroup ("IT" stays for "Italian") so please post question in italian, otherwise you're off topic! Have a nice day -- Alessandro UGIdotNET - http://www.ugidotnet.org Blog - http://blogs.ugidotnet.org/box Site - http://www.unboxing.net (Under Construction)
From: Richard Mueller [MVP] on 12 Jun 2007 06:53 Most likely an error was raised before the line that enables the account, but you do not get an error message because error handling is turned off. Remove the line "On Error Resume Next". If there is a problem, you always want to know about it. -- Richard Mueller Microsoft MVP Scripting and ADSI Hilltop Lab - http://www.rlmueller.net -- "Carlettus" <carlettus(a)news.postalias> wrote in message news:O%23cErdMrHHA.4100(a)TK2MSFTNGP06.phx.gbl... > Dear All, > sorry but I'm not sure if this is the right place to post my problem. > I was using the following asp code to create users in Active Directory. > Suddenly, and I don't know the reason, users are created but the account > is disabled (see the flag User.AccountDisabled = False ). > There is also another problem even if the user does not exist , the > application returns to me with the message that the user already exist. > > Thank you for your support > Carlo > > > > > --------------------------------------------------- > > <% > > On Error Resume Next > '/// Variable Declarations > > Dim User, Container, TargetContainer, sObjectCommonName, FirstName, > LastName > Dim ObjectSAMName, InitialPassword, sUserPrincipalName, sUserPath, > sFullName > Dim szUsername, szPassword, sOU, intUAC > > Const ADS_SECURE_AUTHENTICATION = 1 > Const ADS_UF_ACCOUNTDISABLE = 2 > > Const ADS_UF_DONT_EXPIRE_PASSWD = &h10000 > > sOU = Request.Form("name_ou") > > '/// Assign variable values from the form > > TargetContainer = "LDAP://OU=" & sOU & > ",OU=wss_ou,OU=NAME1,DC=NAME2,DC=NAME3,DC=ORG" > szUsername = (Request.ServerVariables("AUTH_USER")) > szPassword = Request.Form("password") > ObjectSAMName = Request.Form("acc_logname") > InitialPassword = Request.Form("acc_passwd") > FirstName = Request.Form("acc_firstname") > LastName = Request.Form("acc_lastname") > sObjectCommonName = LastName & "\, " & FirstName > sFullName = FirstName & " " & LastName > sUserPath = "LDAP://CN=" & sObjectCommonName & ",OU=" & sOU & > ",OU=wss_ou,OU=NAME1,DC=NAME2,DC=NAME3,DC=ORG" > > Set obj1 = GetObject(TargetContainer) > > '/// check if a user already exists > > Dim strUserName > CheckForUser(ObjectSAMName) > Sub CheckForUser(samAccountName) > strUserName = samAccountName > > '/// Create, configure, and open ADO Connection object > > Set objConnection = CreateObject("ADODB.Connection") > objConnection.Open "Provider=ADsDSOObject;" > > Set objCommand = CreateObject("ADODB.Command") > objCommand.ActiveConnection = objConnection > > objCommand.CommandText = _ > "<LDAP://OU=" & sOU & > ",OU=wss_ou,OU=NAME1,DC=NAME2,DC=NAME3,DC=ORG>;(&(objectCategory=User)" & > _ > "(samAccountName=" & strUserName & "));samAccountName;subtree" > > > Set objRecordSet = objCommand.Execute > > If objRecordset.RecordCount = 0 Then > > > '/// If the user does not exist, then create the account and > '/// populates the object's properties > > Set User = obj1.Create("user", "CN=" & sObjectCommonName) > User.Put "sAMAccountName", ObjectSAMName > User.Put "givenName", FirstName > User.Put "sn", LastName > User.Put "userPrincipalName", ObjectSAMName > User.Put "DisplayName", LastName & " " & FirstName > User.Put "Description", "Sharepoint use only: created by " & szUsername > User.SetInfo > > '/// Sets the password and enables the account > > intUAC = User.Get("userAccountControl") > User.Put "userAccountControl", ADS_UF_DONT_EXPIRE_PASSWD > User.SetInfo > > User.SetPassword InitialPassword > User.AccountDisabled = False > User.SetInfo > > If Err.Number = 0 Then > > '/// If no errors occur, it displays a success screen > > Response.redirect "result.asp" > Else > > '/// If an error occurs, it displays an error message > > Response.redirect "result_no.asp" > End If > > Else > End If > > '/// Clean up > > objConnection.Close > > End Sub > %> >
From: "Ken Zhao [MSFT]" on 12 Jun 2007 22:38
I'm sorry that we are unable to assist with this request in the newsgroups as the Partner Support newsgroups are geared towards break-fix scenarios. It appears that this is a development-related request that would be best addressed in the developer newsgroups. The developer newsgroups are located at: http://msdn.microsoft.com/newsgroups/default.asp. The support professionals there will be able to provide you with more efficient and suitable suggestions for your development-related needs. (I believe that they can provide you with better assistance for this kind of development-related issue.) For further assistance on this issue, you may also want to contact our Develop Support Services by telephone so that a dedicated Support Professional can assist you further with your request. To obtain the phone numbers for specific technology request please take a look at the web site listed below: http://support.microsoft.com/default.aspx?scid=fh;EN-US;PHONENUMBERS. Your understanding on this will be greatly appreciated. -------------------- | From: "Richard Mueller [MVP]" <rlmueller-nospam(a)ameritech.nospam.net> | References: <O#cErdMrHHA.4100(a)TK2MSFTNGP06.phx.gbl> | In-Reply-To: <O#cErdMrHHA.4100(a)TK2MSFTNGP06.phx.gbl> | Subject: Re: problems creating users in Active directory | Date: Tue, 12 Jun 2007 05:53:02 -0500 | Lines: 137 | Organization: Hilltop Lab | X-Priority: 3 | X-MSMail-Priority: Normal | X-Newsreader: Microsoft Windows Mail 6.0.6000.16386 | X-MimeOLE: Produced By Microsoft MimeOLE V6.0.6000.16386 | X-RFC2646: Format=Flowed; Response | Message-ID: <uHQ3b$NrHHA.3636(a)TK2MSFTNGP06.phx.gbl> | Newsgroups: microsoft.public.it.dotnet.asp,microsoft.public.win2000.active_directory,mic rosoft.public.windows.server.active_directory | NNTP-Posting-Host: adsl-68-77-11-66.dsl.emhril.ameritech.net 68.77.11.66 | Path: TK2MSFTNGHUB02.phx.gbl!TK2MSFTNGP01.phx.gbl!TK2MSFTNGP06.phx.gbl | Xref: TK2MSFTNGHUB02.phx.gbl microsoft.public.win2000.active_directory:2133 microsoft.public.windows.server.active_directory:18441 microsoft.public.it.dotnet.asp:4589 | X-Tomcat-NG: microsoft.public.win2000.active_directory | | Most likely an error was raised before the line that enables the account, | but you do not get an error message because error handling is turned off. | Remove the line "On Error Resume Next". If there is a problem, you always | want to know about it. | | -- | Richard Mueller | Microsoft MVP Scripting and ADSI | Hilltop Lab - http://www.rlmueller.net | -- | | "Carlettus" <carlettus(a)news.postalias> wrote in message | news:O%23cErdMrHHA.4100(a)TK2MSFTNGP06.phx.gbl... | > Dear All, | > sorry but I'm not sure if this is the right place to post my problem. | > I was using the following asp code to create users in Active Directory. | > Suddenly, and I don't know the reason, users are created but the account | > is disabled (see the flag User.AccountDisabled = False ). | > There is also another problem even if the user does not exist , the | > application returns to me with the message that the user already exist. | > | > Thank you for your support | > Carlo | > | > | > | > | > --------------------------------------------------- | > | > <% | > | > On Error Resume Next | > '/// Variable Declarations | > | > Dim User, Container, TargetContainer, sObjectCommonName, FirstName, | > LastName | > Dim ObjectSAMName, InitialPassword, sUserPrincipalName, sUserPath, | > sFullName | > Dim szUsername, szPassword, sOU, intUAC | > | > Const ADS_SECURE_AUTHENTICATION = 1 | > Const ADS_UF_ACCOUNTDISABLE = 2 | > | > Const ADS_UF_DONT_EXPIRE_PASSWD = &h10000 | > | > sOU = Request.Form("name_ou") | > | > '/// Assign variable values from the form | > | > TargetContainer = "LDAP://OU=" & sOU & | > ",OU=wss_ou,OU=NAME1,DC=NAME2,DC=NAME3,DC=ORG" | > szUsername = (Request.ServerVariables("AUTH_USER")) | > szPassword = Request.Form("password") | > ObjectSAMName = Request.Form("acc_logname") | > InitialPassword = Request.Form("acc_passwd") | > FirstName = Request.Form("acc_firstname") | > LastName = Request.Form("acc_lastname") | > sObjectCommonName = LastName & "\, " & FirstName | > sFullName = FirstName & " " & LastName | > sUserPath = "LDAP://CN=" & sObjectCommonName & ",OU=" & sOU & | > ",OU=wss_ou,OU=NAME1,DC=NAME2,DC=NAME3,DC=ORG" | > | > Set obj1 = GetObject(TargetContainer) | > | > '/// check if a user already exists | > | > Dim strUserName | > CheckForUser(ObjectSAMName) | > Sub CheckForUser(samAccountName) | > strUserName = samAccountName | > | > '/// Create, configure, and open ADO Connection object | > | > Set objConnection = CreateObject("ADODB.Connection") | > objConnection.Open "Provider=ADsDSOObject;" | > | > Set objCommand = CreateObject("ADODB.Command") | > objCommand.ActiveConnection = objConnection | > | > objCommand.CommandText = _ | > "<LDAP://OU=" & sOU & | > ",OU=wss_ou,OU=NAME1,DC=NAME2,DC=NAME3,DC=ORG>;(&(objectCategory=User)" & | > _ | > "(samAccountName=" & strUserName & "));samAccountName;subtree" | > | > | > Set objRecordSet = objCommand.Execute | > | > If objRecordset.RecordCount = 0 Then | > | > | > '/// If the user does not exist, then create the account and | > '/// populates the object's properties | > | > Set User = obj1.Create("user", "CN=" & sObjectCommonName) | > User.Put "sAMAccountName", ObjectSAMName | > User.Put "givenName", FirstName | > User.Put "sn", LastName | > User.Put "userPrincipalName", ObjectSAMName | > User.Put "DisplayName", LastName & " " & FirstName | > User.Put "Description", "Sharepoint use only: created by " & szUsername | > User.SetInfo | > | > '/// Sets the password and enables the account | > | > intUAC = User.Get("userAccountControl") | > User.Put "userAccountControl", ADS_UF_DONT_EXPIRE_PASSWD | > User.SetInfo | > | > User.SetPassword InitialPassword | > User.AccountDisabled = False | > User.SetInfo | > | > If Err.Number = 0 Then | > | > '/// If no errors occur, it displays a success screen | > | > Response.redirect "result.asp" | > Else | > | > '/// If an error occurs, it displays an error message | > | > Response.redirect "result_no.asp" | > End If | > | > Else | > End If | > | > '/// Clean up | > | > objConnection.Close | > | > End Sub | > %> | > | | | |