Advertisement
If you have a new account but are having problems posting or verifying your account, please email us on hello@boards.ie for help. Thanks :)
Hello all! Please ensure that you are posting a new thread or question in the appropriate forum. The Feedback forum is overwhelmed with questions that are having to be moved elsewhere. If you need help to verify your account contact hello@boards.ie
Hi there,
There is an issue with role permissions that is being worked on at the moment.
If you are having trouble with access or permissions on regional forums please post here to get access: https://www.boards.ie/discussion/2058365403/you-do-not-have-permission-for-that#latest

AD Configuration

  • 05-04-2012 10:02am
    #1
    Registered Users, Registered Users 2 Posts: 706 ✭✭✭


    Hi All,

    so basically, i want to set up AD in a way that it will auto fill in the username field with the information i provide in the first name / last name field, add in a particular sets of groups, creates a home folder in a certain location, adds in a script for that user, location of the users office, the users manager, when creating new accounts in particular OUs for example:

    Accounts dept. will have to be added to certain folder groups, DLs, and permission sets, same as the IT dept. etc. - each OU will have a different list of groups to be added to, aswel as different scripts, manager, office location and so on.

    i would like the username field to be populated the same way across the domain.

    so basically, when i click on " create new user " and select the Accounts Dept. i want it to auto add the accounts staff manager, the groups that the accounts dept. needs access to, a home folder setup in the " accounting file share " etc. and then when i type the users first name and sir name in, i want it to populate the username filed as per the below naming convention:

    Example of my naming convention:

    Firstname: John

    Sirname: Smith

    Displayname: Smith, John

    username: JSmith

    when i start to type in the firstname and lastname field, i want it to take the first letter of the firstname and the entire lastname and fill that in the "Username"field.

    is what im asking, doable?

    i know i might be able to user ADSI, but ive never used it before really, only for small things, like i changed the way it saves the display name to sirname, firstname

    Thanks in advance,

    Robert Hopkins


Comments

  • Registered Users, Registered Users 2 Posts: 1,726 ✭✭✭qwertz


    You probably would need to either us a scipt (preferrably Powershell) or use one of many 3rd party utilities that provide this function.


  • Registered Users, Registered Users 2 Posts: 706 ✭✭✭oB1


    qwertz wrote: »
    You probably would need to either us a scipt (preferrably Powershell) or use one of many 3rd party utilities that provide this function.

    Thanks for the reply - Yeah have looked into doing some powershell, i know the general idea of what has to be done, and i can script no problem, just wondering if anyone here has done something like this before.

    R


  • Registered Users, Registered Users 2 Posts: 2,426 ✭✭✭ressem


    What windows server version are you using?

    You can use "dsadd user" to script this, when you've loads of users.

    An old batch file createusers.bat
    for /F "eol=; tokens=1,2,3,4,5,6,* delims=," %%i in (users.txt) do dsadd user "cn=%%m,ou=ADOrgGroup,dc=ADDomainname,dc=local" -samid %%m -upn %%m@domainname.local -fn "%%k" -ln "%%j" -desc "%%n" -display "%%i" -pwd "%%l" -disabled no -memberof "CN=myUser Group,OU=User Groups,OU= Org Groups,DC=AdDomainname,DC=local"
    

    where users.txt (in the same directory looks like)
    Full Displayname, FirstName, Lastname, Password, Username, DescriptionText
    


    Each user is added on it's own line. Fields map to...
    %%i , %%j , %%k ,%%l , %%m, %%n
    in that order.

    But watch out for duplicate usernames that will silently drop the second add occurance.

    You'll probably need
    -hmdir <HomeDir> Set user home directory to <HomeDir>. If this is
    UNC path, then a drive letter that will be mapped to
    this path must also be specified through -hmdrv.
    -hmdrv <DriveLtr:> Set user home drive letter to <DriveLtr:>


  • Registered Users, Registered Users 2 Posts: 26 TheMasterPrawn


    Is there a master system with HR data or another authorative data source ?
    How many users do you have ?

    There are automated rules based solutions as well if there are a lot of users moving on and out of the organisation.


  • Registered Users, Registered Users 2 Posts: 1,530 ✭✭✭CptSternn


    Microsoft makes a product that does this and more.

    http://www.microsoft.com/en-us/server-cloud/forefront/identity-manager.aspx


  • Advertisement
  • Registered Users, Registered Users 2 Posts: 2,426 ✭✭✭ressem


    CptSternn wrote: »
    Microsoft makes a product that does this and more.

    http://www.microsoft.com/en-us/server-cloud/forefront/identity-manager.aspx

    Thanks, hadn't noticed that. SC magazine describe it as costing $15,000 + $18 per user + a SQL Server license. Is that fairly accurate?


Advertisement