Rename Users within AD by script
Originally posted on myITforum.com as an article - http://www.myitforum.com/articles/32/view.asp?id=9176
I used the tool ADMT from Microsoft that allows you to move users from NT 4.0 Domain to an Active Directory Domain.
Once I got the users migrated over, I noticed the User's Name was the same as the login username.
I like having my AD Users Name by their full name, so I searched for a script that would do such a think.
I found the following script and added a few tweaks to it...
Const ADS_SCOPE_SUBTREE = 2
Const ForAppending = 8
Dim oWshShell 'Windows shell script
Dim objFSO 'Scripting File System
Dim objFile 'Open text file
Dim objConnection 'ADO conection
Dim objCommand 'ADO command
Dim objRecordSet 'Object to hold attributes from AD
Dim objUser 'AD User Account
Dim strUser 'AD User Account distinguished name
Dim strDN 'AD User account Display name attribute
Dim strON 'AD User account Name attribute
Dim sPath
Dim strNewPath
Dim newobj
Dim Cont
Set oWshShell = CreateObject("WScript.Shell")
Set objConnection = CreateObject("ADODB.Connection")
Set objCommand = CreateObject("ADODB.Command")
objConnection.Provider = "ADsDSOObject"
objConnection.Open "Active Directory Provider"
Set objCommand.ActiveConnection = objConnection
Set objFSO = CreateObject("Scripting.FileSystemObject")
Set objFile = objFSO.OpenTextFile _
("C:\Accounts.log",ForAppending,True)
objFile.WriteBlankLines(1)
objFile.WriteLine "=========================================================="
objFile.WriteLine "Log opened at " & Now
objFile.WriteBlankLines(1)
sPath = "OU=xxxx,OU=xxxxxx,DC=xxxxx,DC=xxx"
objFile.WriteLine "Processing " & sPath
objFile.WriteBlankLines(1)
objCommand.CommandText = _
"Select Name, DisplayName, distinguishedName from 'LDAP://" & sPath & "'" _
& " where objectClass='user'"
objCommand.Properties("Page Size") = 1000
objCommand.Properties("Timeout") = 30
objCommand.Properties("Searchscope") = ADS_SCOPE_SUBTREE
objCommand.Properties("Cache Results") = False
Set objRecordSet = objCommand.Execute
If objRecordSet.EOF = False Then
objRecordSet.MoveFirst
Do While objRecordSet.EOF = False
strDN = objRecordSet.Fields("DisplayName").Value
strON = objRecordSet.Fields("Name").Value
strUser = objRecordSet.Fields("distinguishedName").Value
If strDN = strON then
objFile.WriteLine "Current and target name are the same for " & strON
ObjFile.WriteBlankLines (1)
Else
If strDN <> "" Then
objFile.WriteLine "New Name for " & strON & " will be " & strDN
strNewPath = "CN="& strDN
Set cont = GetObject("LDAP://" & sPath)
Set newobj = cont.MoveHere("LDAP://" & strUser, strNewPath)
If Err.Number <> 0 Then WScript.Echo Err.Number & Err.Description
Set objUser = nothing
Set cont = nothing
Set newobj = nothing
ObjFile.WriteBlankLines (1)
Else
objFile.WriteLine "Display name value has not been set for " & strON & ". Name cannot be changed."
ObjFile.WriteBlankLines (1)
End If
End If
objRecordSet.MoveNext
Loop
Else
End If
objFile.WriteLine "=========================================================="
objFile.WriteLine "End of user processing."
objFile.WriteLine "=========================================================="
objFile.WriteLine "Log file closed at " & Now
objFile.WriteBlankLines(2)
objFile.Close
wscript.echo "Done."
oWshShell.run "notepad.exe C:\Accounts.log", 7, True
'***************************************************************************************
Feel free to contact me at rcrumbaker@myitforum.com with any questions relating to this article.
A list of all my articles can be found here.
Trackbacks
No Trackbacks
Comments
No Comments
