Tim Mintner

One of our consultants found a great utility this week while working with a client.  This tool allows you to add or remove networking services from a Windows 2000 or Windows XP client.  This is perfect if you have a client with an overzealous security administrator that has removed File and Print Sharing and you want to install it on all of your Windows 2000 or XP systems.  This can also be used to remove services such as the Microsoft client for Netware Networks when doing a migration.

Check out the article here:

http://www.jsifaq.com/subj/tip4700/rh4705.htm

You can download the tool from here:

http://www.jsifaq.com/dl/snetcfg_wxp.zip

Centerlogic has created a web site so that you can download all of their SMS related Tools.  The web site is: http://www.centerlogic.com/sms/tools.asp

Here are some of the tools they have available:

Enhanced System Discovery for SMS 2003 or SMS 2.0

Enhanced AD User Discovery for SMS 2003 and SMS 2.0

User Security Login auditng for SMS 2.0 and 2003

Good to see that Steve's tools finally have a home!

I've been using this script for a while to find workstations that have not been active.  It is such an awesome script.  It runs against all of your domain controllers and returns a CSV file with the results of the last logon for every workstation in your domain.  Just change the container in the script and you are good to go.

You can get the script from:

http://minasi.com/forum/topic.asp?topic_id=3724

I was asked a while back if I could modify my script in my earlier post in order to create local user accounts on multiple servers.  Well ask the Lazy Administrator and you shall receive.  Here is the code:

Set objFileSystem= CreateObject("Scripting.FileSystemObject")
Set objErrFile = objFileSystem.CreateTextFile("errors.txt")
objErrFile.Close
Set objErrFileOpen = objFileSystem.OpenTextFile(".\errors.txt",2)

Set objExcel = CreateObject("Excel.Application")
Set objWorkbook = objExcel.Workbooks.Open("users.xls")
intRow = 2
intSize=0
Do Until objExcel.Cells(intRow,1).Value = ""
    ReDim Preserve arrUsers(intSize)
    ReDim Preserve arrPasswords(intsize)
    arrUsers(intsize) = objExcel.Cells(intRow, 1).Value
    arrPasswords(intsize) = objExcel.Cells(intRow, 2).Value
    intSize = intSize + 1
    intRow = intRow + 1
Loop
objExcel.Quit

Set objExcel = CreateObject("Excel.Application")
Set objWorkbook = objExcel.Workbooks.Open("servers.xls")
intRow = 2
intsize=0
Do Until objExcel.Cells(intRow,1).Value = ""
    ReDim Preserve arrServers(intSize)
   
    arrServers(intsize) = objExcel.Cells(intRow, 1).Value
    intRow = intRow + 1
    intSize = intSize + 1
Loop
objExcel.Quit

For i=Lbound(arrservers) to Ubound(arrservers)
  For j=Lbound(arrUsers) to Ubound(arrUsers)
    strUserName = arrUsers(j)
    Set objLocalServer = GetObject("WinNT://" & arrservers(i) & "")
    objDomain.Filter = Array("user")

    For Each User In objLocalServer
      If lcase(User.Name) = lcase(strUserName) Then
        objErrFileOpen.WriteLine(User.Name & " already exists on server " & arrservers(i))
      Else
        Set colAccounts = GetObject("WinNT://" & arrservers(i) & "")
        Set objUser = colAccounts.Create("user", arrUsers(j))
        objUser.SetPassword arrPasswords(j)
        objUser.SetInfo
      End If   
    Next
  Next
Next

So how do you use this little snippet.  Well to start with you will need to create two Excel spreadsheet files in the same directory as this script.  The first file is called users.xls and should have the following format:

Username        Password

bob1               abc123

bob2               abc123

The second file is called servers.xls and should follow the following format:

Server

MyServer1

MyServer2

At this point just copy the script above into a .vbs file and run it!  You will need be an administrator on any server that you include in the servers.xls file.

In a later post I will go over the syntax of this script in more detail

The Lazy Administrator

Well let's jump right into a real world example, creating user accounts.  User account creation has long been a task of the Windows click monkeys.  For some larger companies there are people whose sole job is to click through wizards to create and delete user accounts.  I don't know about you but that would drive me insane!

Unix administrators have known for years how to be Lazy Administrators.  Unix admins have scripts that can do just about everything but hit the power button to turn on the server, and I've known some Unix admins that probably have found a solution to do that as well.  As Windows Administrators, we've gotten used to flexing our right-click muscles.  Maybe that's why Windows Admins are in such better shape than Unix Admins.  We burn up 100 times the calories per day by right-clicking on an item and then clicking Next through the countless wizards. 

Well save some of those twinkies Unix guys we're going to learn how to give that mouse hand some much needed rest!  Over the next few days I am going to cover several different ways to automate user account creation.  I will start with a really basic example that just creates a simple account and work up to full blown automation including creation of home drives/My Documents folders, adding the user to groups, and many more items that if done manually day in and day out would drive even the most skilled click monkey mad.

So let's start with a basic example.  In true Lazy Administrator fashion, I am going to start with an example that I copied from someone else.  This script is pulled line by line from the Scripting Guys script repository on technet (http://www.microsoft.com/technet/community/scriptcenter/user/scrug10.mspx).

So let's delve into the depths of this script:

Well that's it!  Case closed.  Our user account creation process is solved!  The 4 lines of code that could be heard around the world.  Well don't send your right-click finger on vacation quite yet.  These 4 lines will create a user account named myerken but that's about it.

Let's look to see what all this stuff means.  For some of you it is probably just a bunch of gobbly gook with really bad punctuation.

The first two lines contain a very import key word, Set.  Set in Vbscript means that we want to create an object reference and assign it to a variable.  I know, I know that doesn't mean anything to some of you so I will clarify:  Imagine you have been working really hard on your resume in Word because now that you know these 4 lines of code you can demand a much larger salary.  Anyway you decide to apply for a management role and decide that your current resume is WAY too technical.  So instead of overwriting your current resume, you create a copy of your resume and make changes to that copy all the while preserving your precious technical skills resume.  This is basically how an object reference works in VBscript.  There are many, many objects in Vbscript and some of them have extremely long names.  So instead of modifying those objects directly, you create a copy of those objects and rename that copy to something that's easy to remember.

For example:

Set objOU = GetObject(LDAP://OU=management,dc=fabrikam,dc=com)

Creates an object reference to the Active Directory domain fabrikam.com in the Management OU; it then names that object reference objOU for easy access later in the script.  Now that you have that reference you can access properties and methods of that object.  A property is just some bit of information about that object.  For example objOU could have a property of Description.  A method is some action that can be performed.  For example the next line of code uses a method to create a user account and then create an object reference to that account as objUser.

Set objUser = objOU.Create("User", "cn=MyerKen")

So now objUser is a reference to a User  named MyerKen who is part of the Management OU inside of the fabrikam.com domain.

Now we can use methods and properties to assign information about MyerKen:
objUser.Put "sAMAccountName", "myerken"
objUser.SetInfo

These two lines of code use methods of objUser.  The first assigns myerken to the SamAccountName.  The second line objUser.Setinfo saves the information to the database.

As with everything in Windows, there are multiple ways of doing things.  Check out the following lines of code:

objUser.sAMAccountName = "myerken"
objUser.GivenName = "Ken"
objUser.SN = "Myer"
objUser.AccountDisabled = FALSE
objUser.SetInfo

This also sets the SamAccountName to myerken as well as the GivenName(First Name), SN (Last Name), and Enables the account by accessing the Properties of the objUser.

Now you might notice that both Properties and Methods are accessed using “.”  I'm not entirely sure why Microsoft chose that nomenclature but there is one easy way to tell if something is a Property versus a Method.  A property is almost always a noun.  For example a User has first name, and a User has a Phone Number.  A method is almost always represented by a verb.  For example, an OU can create a User.

Well you are probably saying, “That's really neat Lazy Administrator but unless I want to manually type a new script for every user, I'm not sure I'm not better off just clicking through the wizards.“

My next post will show you how you place all of your user information into a spreadsheet and create 1000's of users in a matter of seconds.

Thanks everyone for reading.  Feel free to make comments or ask questions.

The Lazy Adminsitrator

Greetings everyone!  In my last article I showed you how to give your wizard-clicking hand some rest by using the magical 4 lines of code to create user accounts.  While it may be awful neat to be able to create a user account named myerken in the management OU of the fictitious Fabrikam.com domain, it's not terribly practical and truly not the Lazy Administrator way of creating accounts.

In this article, I am going to expand on those magical 4 lines and give you 10 additional lines of code that will allow you to create 1000's of accounts in just a few seconds.  In this script we are going to learn how to read a list of users  from an Excel file and create user accounts from that list. 

Like in my previous articles, I am going be a true Lazy Administrator and copy a script that again came straight from Microsoft.

Set objExcel = CreateObject("Excel.Application")
Set objWorkbook = objExcel.Workbooks.Open("C:\Scripts\New_users.xls")
intRow = 2
Do Until objExcel.Cells(intRow,1).Value = ""
    Set objOU = GetObject("ou=Finance, dc=fabrikam, dc=com")
    Set objUser = objOU.Create("User", "cn=" & objExcel.Cells(intRow, 1).Value)
    objUser.sAMAccountName = objExcel.Cells(intRow, 2).Value
    objUser.GivenName = objExcel.Cells(intRow, 3).Value
    objUser.SN = objExcel.Cells(intRow, 4).Value
    objUser.AccountDisabled = FALSE
    objUser.SetInfo
    intRow = intRow + 1
Loop
objExcel.Quit

WOW!  Isn't that just a thing of beauty.  My right-click finger is already thanking me. 

If you take away the first four lines and the last three lines, this script looks awfully familiar.  In fact it is practically the same script as my previous article!  I know there are some slight differences, we have all of these references to Excel instead of all of myerken's precious information in the script.  So let's see how these 10 additional lines of code will change our user account creation process.

Let's take a look at the first three lines of this script:

Set objExcel = CreateObject("Excel.Application")
Set objWorkbook = objExcel.Workbooks.Open("C:\Scripts\New_users.xls")
intRow = 2

There's that magical keyword Set again.  From our last article we know that Set means we are going to create an object reference.  In this case we are creating an object reference to an object called “Excel.Application“ and calling that reference objExcel.  Well that's simple enough, now that we have an Excel object it would be nice to be able to open an existing Excel workbook that contains my user account information.  And whammo, the next line of code does just that, here we create an object reference called objWorkbook that opens the file c:\scripts\new_users.xls!  That's it!  That's all it takes to open up an Excel file using VBscript.

Now the next line looks a little goofy:

intRow = 2

Why in the world do we need this line?  Well ideally you would want your Excel file to look a little something like this:

User                   SamAccountName       FirstName       LastName

Ken Myer           myerKen                      Ken                  Myer

Tim Mintner        mintnerTim                     Tim                 Mintner

I know.  It's a lame example of an Excel spreadsheet.  I'm still trying to figure out how to do tables in this editor. (I'm lazy what do you expect?)

Anyway, if your Excel file looks something close to the example above,  you will notice that the first row contains nothing but header information.  While it is neat to look at, you really don't want to create a user account called User with a SamAccountName of SamAccountName, etc.  The data you really want is on the second row.  Therefore this line intRow = 2, is setting our Row to the second row in our spreadsheet.

The next line of our script is the beginning of a Do Until loop.  Ideally we would like to loop through this spreadsheet row by row until all of the user accounts in the spreadsheet have been created, magically stopping when there is no more user information.  That's where the Do Until loop comes into play:

Do Until objExcel.Cells(intRow,1).Value = ""

  intRow = intRow + 1

Loop

This code tells our script to start at row 2 (because of the earlier line of code) cell 1.  The script then checks the value of that field.  If it is blank, then the script exits, otherwise it continues to run our code gladly creating account after account.  Each pass through, the script increments the row by 1 and then checks to see if that row is blank.  Therefore all you have to do to stop this script is to not have anymore user accounts to create.

The rest of the code looks just like the script in my last article with one exception.  Instead of hard coding the values for those properties, we are pulling the values from the Excel fields.

    Set objOU = GetObject("ou=Finance, dc=fabrikam, dc=com")
    Set objUser = objOU.Create("User", "cn=" & objExcel.Cells(intRow, 1).Value)
    objUser.sAMAccountName = objExcel.Cells(intRow, 2).Value
    objUser.GivenName = objExcel.Cells(intRow, 3).Value
    objUser.SN = objExcel.Cells(intRow, 4).Value
    objUser.AccountDisabled = FALSE
    objUser.SetInfo

Here we are in the Finance OU of the Fabrikam.com OU.  Again we are creating an object reference called objUser that references the Create method of objOU.  Notice this bit of code:

"cn=" & objExcel.Cells(intRow, 1).Value

Here the cn is being set to the Value of the current Row and the first cell.  Now that the user account is created, we can set the SAMAccountName to the value in the second cell of the Row, GivenName(First Name) to the 3rd cell, and SN (last name) to the 4th cell.  We then set the Account to be enabled and use SetInfo to commit the user account to the database.

Well hopefully you have seen how easy it is to use Excel to create a mass list of email accounts.  Again while this is very useful, it is still not a complete solution.  Now we have a solution that creates a lot of user accounts in the Finance OU.  My next article will show you how to include additional information such as OU, Phone Number, Profile Path, Home Drive, plus many other properties all inside of that single spreadsheet.

We are getting closer to being Lazy Administrators!

As always feel free to post any questions or comments.

Welcome to my Blog! I am of course the Lazy Administrator (aka Tim Mintner). My goal in life is to automate everything! I hate doing the mundane things in life like creating users, monitoring servers, checking logs. I mean why should you do those things. The whole goal of computers was to make our lives easier and rid us of mundane tasks such as adding and subtracting. I mean who today doesn't use a calculator or a computer program to balance their checkbook. Some of you are probably saying, “Who balances their checkbook when there are so many programs that do that for you automatically?“

It really seems that in IT, we have gotten so caught up in keeping our servers running and performing our day to day mundane tasks that we've really misssed the point of computers. It seems we've swapped one mundane task for another. I mean accountants don't hand write out the numbers in books anymore. There are countless accounting applications that do all of that for you. So instead the mundane tasks have switched over to the IT world. Why should we as IT administrators do all of the mundane tasks while we have computer systems that will do it for us?!?

 I realize that there are a lot of misconceptions out there about automation. Some people actually fear it! They think automation will put them out of a job. While I am sure many horse and buggy operators feared the automobile, I'm confident they weren't complaining all that much when they realized they didn't have to pick up horse crap any longer.

Microsoft has released so many great tools and script examples so that these mundane tasks could be eliminated yet I am just amazed when I walk into companies that haven't even looked at them. For example on the Microsoft scripting site (http://www.microsoft.com/technet/scriptcenter/repository.mspx), there is a simple example script on how to create a user account. Now you would think that once that was released, administrators would rejoice all over the wordl because they no longer have to create user accounts manually. However, only about 15% of companies today have automated their account creation process.

Now you may be thinking, "Lazy Administrator, I don't know how to script!" Well that's the beauty of the Internet and sample scripts. You don't have to know right away. There is no penalty for taking someone else's work and tweaking it to work in your environment. Remember horse and buggy drivers had no idea how to drive a car when they first came out, but they could learn from others who already knew.

Lest I peeve off my target audience, I will admit that sometimes it is a bit hard to take something that exists, understand what it is doing, and then make it work for your company. For example, the same scripting web site has an example on how to create 1000 user accounts. While that is neat, who needs 1000 user accounts called user1 to user1000.

That leads me to this blog. My goal is to present actual examples of how you can use Microsoft technlogies to make your lives and your jobs much easier. I will be presenting actual real world examples on how to automate several mundane tasks. My goal is to make you a Lazy Administrator!

Here is a little background about myself. My name is Tim Mintner and I am President of MMH Services, LLC (http://www.mmhservices.com), a consulting firm which specializes in IT process automation and training. I am a Microsoft MVP in Admin Frameworks (not too sure what that means). I am also president of an Infrastructure user group in the St. Louis area (http://www.mipug.org).

I hope you all will come to enjoy the long strange trip to automating everything!

The Lazy Administrator