1. This site uses cookies. By continuing to use this site, you are agreeing to our use of cookies. Learn More.

Changing AD

Discussion in 'Scripting & Programming' started by AJ, Dec 2, 2003.

  1. AJ

    AJ Administrator Administrator

    6,771
    102
    221
    I hope someone can help with this one. :)

    I am trying to change an item in a group of users properties so that I can try them on a madatory profile rather than a roaming one as present. I suppose that this thread carries on from the Group Policy thread in another forum, however. The kids at the school are split into OU's by year groups (the year they leave). What I want to do it change the entry in the Profile Path window for the whole school year, so that it points to the new mandatory profile. I guess that you would have to run a script and that's were I get lost. Any help would be appreciated and an explination on how it works if thats' not too much trouble.

    Thanks a lot

    Andrew
     
    Certifications: MCSE, MCSA (messaging), ITIL Foundation v3
    WIP: Looking at doing ..................
  2. Phil
    Honorary Member

    Phil Gigabyte Poster

    1,680
    7
    87
    Andrew if you could bear with us, this is close to something I need to set up at work only with computer accounts. I'm looking at a couple of ways of doing it, first method you export the list of users in the OU into a text file then itterate throught the text file configuring each user. Second method (preferred) enumerates all the accounts in the OU and then works its way through them configuring each one. When I've come up with something I'll come back to you.
     
    Certifications: MCSE:M & S MCSA:M CCNA CNA
    WIP: 2003 Upgrade, CCNA Upgrade
  3. SimonV

    SimonV Petabyte Poster Administrator

    6,616
    149
    228
    Sounds interesting guys, I'll be watching closley.

    SimonV
    :D
     
    Last edited: Jan 2, 2015
    Certifications: MOS Master 2003, CompTIA A+, MCSA:M, MCSE
    WIP: Keeping CF Alive...
  4. Phil
    Honorary Member

    Phil Gigabyte Poster

    1,680
    7
    87
    Hi Andrew, nowhere near as complicated as I thought it was going to be

    [code:1:45aad64594]
    'This line attaches to the OU
    Set colAccounts = GetObject("LDAP://ou=YEAR1,dc=DOM,dc=CO,dc=UK")

    'This Line gets the users in the OU
    colAccounts.Filter = Array("user")

    'This For Next Loop itterates through each user
    For Each objUser In colAccounts
    'These lines set the profilepath for each user and saves
    objUser.Put "profilePath", "\\SERVER\Profiles\MandatoryProfile"
    objUser.SetInfo
    Next
    [/code:1:45aad64594]

    Simple as that, Configure the LDAP info with your domain / OU details so that if you want to do the users in the FORM OU below YEAR1 it would read something like this

    ou=FORM,ou=YEAR1,dc=DOM,dc=CO,dc=UK

    Make sure you enter the correct path to the Profile for your network. Copy the script into a text file, save it as a vbs file then run it on a computer with access to AD and an account with the right priviliges.
     
    Certifications: MCSE:M & S MCSA:M CCNA CNA
    WIP: 2003 Upgrade, CCNA Upgrade
  5. AJ

    AJ Administrator Administrator

    6,771
    102
    221
    :D :respct

    Your the man Phil

    I'll give it a go an let you know what happens

    Cheers m8

    Andrew
     
    Certifications: MCSE, MCSA (messaging), ITIL Foundation v3
    WIP: Looking at doing ..................
  6. Phil
    Honorary Member

    Phil Gigabyte Poster

    1,680
    7
    87
    :D No probs Andrew, give us a shout if it gives you any gyp.
     
    Certifications: MCSE:M & S MCSA:M CCNA CNA
    WIP: 2003 Upgrade, CCNA Upgrade
  7. Phil
    Honorary Member

    Phil Gigabyte Poster

    1,680
    7
    87
    I've adapted it so that it can shut down every machine on site, now if only *evil* worked in the forum :twisted:
     
    Certifications: MCSE:M & S MCSA:M CCNA CNA
    WIP: 2003 Upgrade, CCNA Upgrade
  8. AJ

    AJ Administrator Administrator

    6,771
    102
    221
    :D Ran this script today in my test lab. Didn't work first time, then realised that I had got the LDAP UPN wrong, so corrected this and all of the little darlings in the 1st year had their profile changed. Now time to bit the bullet and try it out on the network proper.

    Many thanks Phil

    Andrew :D
     
    Certifications: MCSE, MCSA (messaging), ITIL Foundation v3
    WIP: Looking at doing ..................
  9. Nelix
    Honorary Member

    Nelix Gigabyte Poster

    1,412
    3
    82
    @Phil, Is this not the same as the scriprt you knocked up for me except i left the profile path blank? :?:
     
    Certifications: A+, 70-210, 70-290, 70-291
    WIP: 70-294
  10. Phil
    Honorary Member

    Phil Gigabyte Poster

    1,680
    7
    87
    It's similar to the method I gave you for changing a single users derek, except the method for making the profile blank is different.

    to write a new profilepath to the profile you use
    [code:1:fe8a4818d6]
    objUser.Put "profilePath", "\\SERVER\Profiles\MandatoryProfile"
    [/code:1:fe8a4818d6]

    to empty the profile path you use
    [code:1:fe8a4818d6]
    objUser.PutEx 1, "profilePath",0
    [/code:1:fe8a4818d6]

    The main difference between the scripts which search for users is that you use ADO to search the entire domain for users in your script including ou's and sub-ou's. Andrew's script will only search a single OU.
     
    Certifications: MCSE:M & S MCSA:M CCNA CNA
    WIP: 2003 Upgrade, CCNA Upgrade

Share This Page

Loading...