Create user with command
Tontonsam
Member Posts: 90 ■■□□□□□□□□
I've been praticed with CBT Nuggets videos with my VMware and I was able to create users with ldifde/csvde, dsadd. But I try to create an user an another domain with dsadd and I was not able. I think it was the name of my domain. My domain name was for ex "Techexams" and not Techexams.net. So, i place this command:
dsadd user cn=Tontonsam,ou=IT,dc=techexams and it s failed. Do I need to have a domain name like Techexams.net to use those commands? And if my OU IT was in another OU like Boston, do i add the ou=boston before the ou=it?
Always on the creating user command, I pratice to use dsquery and dsmod to add a map drive in the home drive user and I can't. To achieve this, I have to use dsmod -hmdir and -hmdrv U: -profile to achieve this. And for use, it creates also roaming profiles for the user. How can only add a map drive using command?
Excuse me for not using another topic for another issues. I'd like to audit which users in my domain has failed to log on. and also succeed. I create a GPO and defined policy for audit account logon events and audit account managment (success,failure). When I check my event viewer, I see only user System for failure audits and some users told me that they have account locked out. And I can't see their failure attempt.
dsadd user cn=Tontonsam,ou=IT,dc=techexams and it s failed. Do I need to have a domain name like Techexams.net to use those commands? And if my OU IT was in another OU like Boston, do i add the ou=boston before the ou=it?
Always on the creating user command, I pratice to use dsquery and dsmod to add a map drive in the home drive user and I can't. To achieve this, I have to use dsmod -hmdir and -hmdrv U: -profile to achieve this. And for use, it creates also roaming profiles for the user. How can only add a map drive using command?
Excuse me for not using another topic for another issues. I'd like to audit which users in my domain has failed to log on. and also succeed. I create a GPO and defined policy for audit account logon events and audit account managment (success,failure). When I check my event viewer, I see only user System for failure audits and some users told me that they have account locked out. And I can't see their failure attempt.
MCP 70-270 / 70-290
Comments
-
dynamik Banned Posts: 12,312 ■■■■■■■■■□Tontonsam wrote:I've been praticed with CBT Nuggets videos with my VMware and I was able to create users with ldifde/csvde, dsadd. But I try to create an user an another domain with dsadd and I was not able. I think it was the name of my domain. My domain name was for ex "Techexams" and not Techexams.net. So, i place this command:
dsadd user cn=Tontonsam,ou=IT,dc=techexams and it s failed. Do I need to have a domain name like Techexams.net to use those commands?
What error does it give you?Tontonsam wrote:And if my OU IT was in another OU like Boston, do i add the ou=boston before the ou=it?
Yes.Tontonsam wrote:Always on the creating user command, I pratice to use dsquery and dsmod to add a map drive in the home drive user and I can't. To achieve this, I have to use dsmod -hmdir and -hmdrv U: -profile to achieve this. And for use, it creates also roaming profiles for the user. How can only add a map drive using command?
net use
http://www.ss64.com/nt/net_use.htmlTontonsam wrote:Excuse me for not using another topic for another issues. I'd like to audit which users in my domain has failed to log on. and also succeed. I create a GPO and defined policy for audit account logon events and audit account managment (success,failure). When I check my event viewer, I see only user System for failure audits and some users told me that they have account locked out. And I can't see their failure attempt.
How long ago did you change this setting? You might need to wait for group policy to refresh. You can also do a gpupdate /force command to have it update immediately -
Tontonsam Member Posts: 90 ■■□□□□□□□□I placed this command:
c:\dsadd user cn=tontonsam,ou=ad_dept,ou=it,dc=techexams
It gives me: dsadd failed:user cn=tontonsam,ou=ad_dept,ou=it,dc=techexams:Directory object not found.
But I think if my domain was techexams.net and I add the last dc=net, it will work. Do you think that is the problem. I am going to do a gpupdate for the Audit issue.MCP 70-270 / 70-290 -
Tontonsam Member Posts: 90 ■■□□□□□□□□According to the solution of net use. I think that net use is used to create map drive to client machine. What I want to do is that I create a map drive in ADUC for some users using command. After I placed the command, I must see in the profile tab of the user in ADUC, the letter of the drive and the UNC path. The CBT shows how to do this with dsmod. But I see when I do this, it creates both roaming path and home directory.MCP 70-270 / 70-290
-
Tontonsam Member Posts: 90 ■■□□□□□□□□I love this game. I love studying 70-290 cause it's very interesting than the 70-270 and it is more pratical. When I study with my Sybex book, I see the command section for create user,group,ou but I bypass this section cause I said to myself how can i remember those stuffs. But the CBT Nuggets are awsome and explain very well this section that I love now. Anyway, according to my problem, I see where is the issue now. I can create user with dsadd in a top of an OU but not in a child OU. For ex, if I have an IT OU and a child ou ITMGR, if I want to create a user in the IT OU, I place this command and it works:
dsadd user cn=tontonsam,ou=it,dc=techexams but if I want to create an user in the child ou, it doesn't work. here is the command.
dsadd user cn=tontonsam,ou=it,ou=itmgr,dc=techexams. Can anyone please see if there s a prob?
According to create a map drive in the profile account of the user, here is the command now.
dsmod user -hmdir \\testserver\data\$username$ -hmdrv W:
e
But I am still unable to audit bad logon or failure logon of users. I define a GPO in the Default Domain Policy, and define success,failure to audit account logon events and audit account managment. Whenever I go to the event viewer, I see a list of failure attemps for only a user named SYSTEM. Sometimes, I have to unlock account and I can't see bad attempt for those users in Event viewer.
So in resume,
1. How can I create an user, group, in a child OU?
2. What policy do i define to view bad logon attempt for users.MCP 70-270 / 70-290 -
dynamik Banned Posts: 12,312 ■■■■■■■■■□It looks like your OUs are backwards in the command. You'd list the child before the parent. Think of it as working from very specific (cn) to broad (dc).
I have to run. I'll try to look at your other question later. -
Tontonsam Member Posts: 90 ■■□□□□□□□□Incredible, it works. And when I type my above answer, I said to me to check this solution but have posted the issue anyway . I must place the child ou before the ou. Thanks.MCP 70-270 / 70-290
-
dynamik Banned Posts: 12,312 ■■■■■■■■■□I think that was my fault. I misunderstood your question in my first post and told you "yes" when that was incorrect. You need to list the child objects first. Sorry about that.