Monday, October 27, 2008

Add/delete a list of users from Active Directory

I got tired of entering user names by hand in ADUC. Seeing that I have close to 50 users to enter, I decided to write a script. Here's the business portion of it. I use a logfile to record the results.

Add users from a list

for /f "tokens=1-3 delims=| skip=1" %%i in (%datfile%) do (
echo Adding : >> .\logs\%logfile% 2>&1
dsadd user "cn=%%i,%ou_string%" -pwd %%j -desc %%k -canchpwd no -pwdneverexpires yes -d %domain% -u %user% -p %pass% >> .\logs\%logfile% 2>&1
echo To : cn=%%i,%ou_string% >> .\logs\%logfile% 2>&1
echo **************************** >> .\logs\%logfile% 2>&1
)

Delete users from a list (use dsrm not dsadd)

for /f "tokens=1 delims=| skip=1" %%i in (%datfile%) do (
echo Adding : >> .\logs\%logfile% 2>&1
dsrm "cn=%%i,%ou_string%" -d %domain% -noprompt -u %user% -p %pass% >> .\logs\%logfile% 2>&1
echo To : cn=%%i,%ou_string% >> .\logs\%logfile% 2>&1
echo **************************** >> .\logs\%logfile% 2>&1
)

I love recycling code!