This is version 1.1 which includes a couple bug fixes.
This script creates users and OUs in Windows AD for the purpose of using Dynamic NT option in MDaemon. Run the script with no parameters to get the syntax and functions. MDaemon must be running as an account with object creation privileges.
This script is to be used in conjunction with WebAdmin. WebAdmin now allows script execution after account events. To enable this, read the release notes and edit your webadmin.ini file. The entry is located in the [Special] section and might look something like:
There are constants and comments in this script that must be edited prior to use. Please read through it!
کد:
''''''''''''''''''''''''''''''''''''
'
' USER_MANAGEMENT.VBS
'
' Author: Jeff Sani, jeffs@dynaworx.com
' Date: 8/20/04
' Revision History:
' Date Comment
' 8/20/04 Initial version started
' 4/18/05 Added Ou check
''''''''''''''''''''''''''''''''''''
'Option Explicit
'On Error Resume Next
''''''''''''''''''
' Main Script Code
''''''''''''''''''
Dim ArgObj ' Object which contains the command line argument
Dim Result ' Result of the command function call
Dim Args(10) ' Array that contains all of the non-global arguments
Dim ArgCount ' Tracks the size of the Args array
' Set the Constants (Change these for your own Network)
Const USER_CONTAINER = "OU=Messaging,OU=Hosting,DC=bdwsi,DC=net"
Const GROUP_CN = "CN=AllMailClients@bdwsi,OU=Messaging,OU=Hosting,DC=bdwsi,DC=net"
Const NTLM_DOMAIN_FOR_PASSWORD = "\\BDWSI"
' Constants for Error Handling
Const GENERAL_FAILURE = 2
Const GENERAL_WARNING = 1
' Note: The default execution mode may be under WScript.exe.
' That would be very annoying since WScript has popups for Echo.
' So, I want to detect that, and warn the user that it may cause
' problems.
DetectExeType
' Get the Arguments object
Set ArgObj = WScript.Arguments
' Test to make sure there is at least one command line arg - the command
If ArgObj.Count < 1 Then
DisplayHelpMessage
WScript.Quit (GENERAL_FAILURE)
End If
'Debug - Check the Arguements
'Wscript.Echo (ArgObj.Count)
'Dim I
'For I = 0 To ArgObj.Count - 1
' Wscript.Echo (ArgObj.Item(I))
'Next
Dim sEmail 'The mailbox to be examined/modified
sEmail = ArgObj.Item(3)
Dim sAction 'The account action being performed
sAction = ArgObj.Item(1)
' Call the function associated with the given command
Select Case (sAction)
Case "create"
Result = CreateCommand(sEmail)
Case "edit"
Result = SetCommand(sEmail)
Case "delete"
Result = DeleteCommand(sEmail)
Case Else
Result = GENERAL_FAILURE
End Select
WScript.Quit (Result)
''''''''''
' End Main
''''''''''
''''''''''''''''''''''''''
'
' Create Function
'
' Creates a new user in the directory
'
''''''''''''''''''''''''''
Function CreateCommand(sEmail)
'On Error Resume Next
' Set the return code - assume success
CreateCommand = 0
' Create an instance of mduser
Set oMDUser = CreateObject("MDUserCOM.MDUser")
' Load the dll
If oMDUser.LoadUserDll() = True Then
' Get a handle to the user's record
hUser = oMDUser.GetByEmail(sEmail)
' Create an instance of MDUserInfo
Set oMDUserInfo = CreateObject("MDUserCOM.MDUserInfo")
' Get the MDUserInfo object associated with the user handle
oMDUser.GetUserInfo hUser, oMDUserInfo
Else
CreateCommand = 1
Exit Function
End If
' Check for OU
Set oDomain = GetObject("LDAP://DC=bdwsi,DC=net")
oDomain.Filter = Array("organizationalUnit")
For Each oOU In oDomain
If (oOU.Name = oMDUserInfo.Domain) Then
match = 1
End If
Next
If match = 1 Then
' Create Organizational Unit
sOUDescription = Left(oMDUserInfo.Domain, Len(oMDUserInfo.Domain) - 4)
Set ou = GetObject("LDAP://" & USER_CONTAINER)
Set newOU = ou.Create("organizationalUnit", "ou=" & oMDUserInfo.Domain)
newOU.Put "description", sOUDescription
newOU.Put "uPNSuffixes", oMDUserInfo.Domain
newOU.SetInfo
End If
'Create user account
Set usrOU = GetObject("LDAP://OU=" & oMDUserInfo.Domain & "," & USER_CONTAINER)
WScript.Echo usrOU.distinguishedName
Set usr = usrOU.Create("user", "cn=" & sEmail)
usr.Put "userPrincipalName", sEmail
'usr.Put "sAMAccountName", oMDUserInfo.FullName 'Note that account names in the AD must be unique
usr.Put "displayName", sEmail
usr.Put "mail", sEmail
usr.Put "description", oMDUserInfo.FullName & " - "& oMDUserInfo.Domain
usr.SetInfo
usr.SetPassword(oMDUserInfo.Password)
usr.AccountDisabled = False
usr.SetInfo
Set Group = GetObject("LDAP://" & GROUP_CN)
Group.Add ("LDAP://CN="& sEmail & "," & "OU=" & oMDUserInfo.Domain & "," & USER_CONTAINER)
'
'
'Set the Mailbox Password to the Domain Here (Can not do this yet as uPN names are not supported yet for logon)
'oMDUserInfo.Password = NTLM_DOMAIN_FOR_PASSWORD
' Set the user's info
'oMDUser.SetUserInfo hUser, oMDUserInfo
'
'
'Free the Directory objects
Set ou = Nothing
'Free the User/Group/OU Objects
Set usrOU = Nothing
Set newOU = Nothing
Set usr = Nothing
Set Group = NOthing
' Free the instance
Set oMDUserInfo = Nothing
' Free the user handle
oMDUser.GetFree hUser
' Free the dll
oMDUser.FreeUserDll
Set oMDUser = Nothing
If Err.Number <> 0 Then
WScript.Echo
ReportError ()
WScript.Echo "Error creating the object: " & sEmail
WScript.Echo Err.Description
WScript.Quit (1)
End If
Exit Function
End Function
''''''''''''''''''''''''''
'
' Modify Function
'
' Modifies a user from the directory
'
''''''''''''''''''''''''''
Function SetCommand(sEmail)
On Error Resume Next
' Set the return code - assume success
SetCommand = 0
' Create an instance of mduser
Set oMDUser = CreateObject("MDUserCOM.MDUser")
' Load the dll
If oMDUser.LoadUserDll() = True Then
' Get a handle to the user's record
hUser = oMDUser.GetByEmail(sEmail)
' Create an instance of MDUserInfo
Set oMDUserInfo = CreateObject("MDUserCOM.MDUserInfo")
' Get the MDUserInfo object associated with the user handle
oMDUser.GetUserInfo hUser, oMDUserInfo
Else
SetCommand = 1
Exit Function
End If
'Connect to Directory Object and modify user account
Set usr = GetObject("LDAP://CN=" & sEmail & ",OU=" & oMDUserInfo.Domain & "," & USER_CONTAINER)
usr.Put "userPrincipalName", sEmail
'usr.Put "sAMAccountName", oMDUserInfo.FullName 'Note that account names in the AD must be unique
usr.Put "displayName", sEmail
usr.Put "description", oMDUserInfo.FullName & " - "& oMDUserInfo.Domain
usr.SetInfo
usr.SetPassword(oMDUserInfo.Passw0rd)
usr.SetInfo
If Err.Number <> 0 Then
WScript.Echo
ReportError ()
WScript.Echo "Error modifying the object: " & sEmail
WScript.Echo Err.Description
WScript.Quit (1)
End If
Exit Function
End Function
''''''''''''''''''''''''''
'
' Delete Function
'
' Deletes a user from the directory
'
''''''''''''''''''''''''''
Function DeleteCommand(sEmail)
On Error Resume Next
' Set the return code - assume success
DeleteCommand = 0
sOUName = "OU=" & Right(sEmail, (Len(sEmail) - InStr(sEmail,"@")))
Set ou = GetObject("LDAP://" & sOUName & "," & USER_CONTAINER)
ou.Delete "user", "cn=" & sEmail
'Delete OU if now empty
' apply a filter to retrieve only objects of class User
ou.Filter = Array("User")
count = 0
For Each objuser in ou
count = count + 1
Next
If (count=0) Then
Set objDomain = GetObject("LDAP://" & USER_CONTAINER)
objDomain.Delete "organizationalUnit", sOUName
End If
If Err.Number <> 0 Then
WScript.Echo
ReportError ()
WScript.Echo "Error deleting the object: " & sEmail
WScript.Echo Err.Description
WScript.Quit (1)
End If
Exit Function
End Function
'''''''''''''''''''''''''''
'
' DetectExeType
'
' This can detect the type of exe the
' script is running under and warns the
' user of the popups.
'
'''''''''''''''''''''''''''
Sub DetectExeType()
Dim ScriptHost
Dim ShellObject
Dim CurrentPathExt
Dim EnvObject
Dim RegCScript
Dim RegPopupType ' This is used to set the pop-up box flags.
' I couldn't find the pre-defined names
RegPopupType = 32 + 4
On Error Resume Next
ScriptHost = WScript.FullName
ScriptHost = Right(ScriptHost, Len(ScriptHost) - InStrRev(ScriptHost, "\"))
If (UCase(ScriptHost) = "WSCRIPT.EXE") Then
WScript.Echo ("This script does not work with WScript.")
' Create a pop-up box and ask if they want to register cscript as the default host.
Set ShellObject = WScript.CreateObject("WScript.Shell")
' -1 is the time to wait. 0 means wait forever.
RegCScript = ShellObject.PopUp("Would you like to register CScript as your default host for VBscript?", 0, "Register CScript", RegPopupType)
If (Err.Number <> 0) Then
ReportError ()
WScript.Echo "To run this script using CScript, type: ""CScript.exe " & WScript.ScriptName & """"
WScript.Quit (GENERAL_FAILURE)
WScript.Quit (1)
End If
' Check to see if the user pressed yes or no. Yes is 6, no is 7
If (RegCScript = 6) Then
ShellObject.RegWrite "HKEY_CLASSES_ROOT\VBSFile\Shell\Open\Command\", "%WINDIR%\System32\CScript.exe //nologo ""%1"" %*", "REG_EXPAND_SZ"
ShellObject.RegWrite "HKEY_LOCAL_MACHINE\SOFTWARE\Classes\VBSFile\Shell\Open\Command\", "%WINDIR%\System32\CScript.exe //nologo ""%1"" %*", "REG_EXPAND_SZ"
' Check if PathExt already existed
CurrentPathExt = ShellObject.RegRead("HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Session Manager\Environment\PATHEXT")
If Err.Number = &H80070002 Then
Err.Clear
Set EnvObject = ShellObject.Environment("PROCESS")
CurrentPathExt = EnvObject.Item("PATHEXT")
End If
ShellObject.RegWrite "HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Session Manager\Environment\PATHEXT", CurrentPathExt & ";.VBS", "REG_SZ"
If (Err.Number <> 0) Then
ReportError ()
WScript.Echo "Error Trying to write the registry settings!"
WScript.Quit (1)
Else
WScript.Echo "Successfully registered CScript"
End If
Else
WScript.Echo "To run this script type: ""CScript.Exe user_management.vbs <params>"""
End If
Dim ProcString
Dim ArgIndex
Dim ArgObj
Dim Result
ProcString = "Cscript //nologo " & WScript.ScriptFullName
Set ArgObj = WScript.Arguments
For ArgIndex = 0 To ArgCount - 1
ProcString = ProcString & " " & Args(ArgIndex)
Next
'Now, run the original executable under CScript.exe
Result = ShellObject.Run(ProcString, 0, True)
WScript.Quit (Result)
End If
End Sub
''''''''''''''''''''''''''''
'
' Display Help Message
'
''''''''''''''''''''''''''''
Sub DisplayHelpMessage()
WScript.Echo
WScript.Echo "Usage:"
WScript.Echo " user_management.vbs [<path> [<value>]]"
WScript.Echo
WScript.Echo "Description:"
WScript.Echo "This script will synchronize the MDaemon user Database with a Windows Directory"
WScript.Echo
WScript.Echo "Supported Account Commands:"
WScript.Echo " create, edit, delete"
WScript.Echo
WScript.Echo "Samples:"
WScript.Echo " user_management.vbs /action create /email test@domain.com"
WScript.Echo " user_management.vbs /action edit /email test@domain.com /previous oldtest@domain.com"
WScript.Echo " user_management.vbs /action delete /email test@domain.com"
End Sub