Need help editing a vbs script...

D-boyD-boy Member Posts: 595
I'm not an expert in vbs, so wondering if anyone on here can please help me...

I am trying to edit this script below to create a local user account, add the flag so the user "cannot change password" and "Password never expires". Also, add account to local admin group on the current machine.


I found this online, But don't know how to add the option to "not allow the user to change the password" on the local account:
The script also allows for input for username and password.

Or if the same can be done in Powershell would be even better.


Set objShell = CreateObject("Wscript.Shell")

Set objEnv = objShell.Environment("Process")
strComputer = objEnv("COMPUTERNAME")
strUser = inputbox("Enter the username for the new admin account.")
strPass = inputbox("Enter the password for the new account.")

Set colAccounts = GetObject("WinNT://" & strComputer & ",computer")

Set objUser = colAccounts.Create("user", strUser)

objUser.SetPassword strPass

Const ADS_UF_DONT_EXPIRE_PASSWD = &h10000
objPasswordExpirationFlag = ADS_UF_DONT_EXPIRE_PASSWD
objUser.Put "userFlags", objPasswordExpirationFlag

objUser.SetInfo

Set Group = GetObject("WinNT://" & strComputer & "/Administrators,group")
Group.Add(objUser.ADspath)





Thanks,
D

Comments

  • cmztechcmztech Member Posts: 55 ■■□□□□□□□□
    @D-boy

    On one hand, I'm not trying to drive traffic away from here but, I think you'd get a stronger response from stackoverflow.com or experts-exchange.com.

    On the other hand, it just so happens I love PowerShell! Although, I have to put out a disclaimer here:

    1bb2u8.jpg

    At least for the script you are asking. I do have a suggestion though, if you can get your hands on Server 2012. In the Server Manager there is actually a place at the bottom that shows all the things being done within the Active Directory as written by PowerShell.

    So, go into Server 2012 ADUC and create a new Joe User account exactly how you intend the account to be made. Then go look at what PowerShell just did to create that account in Server Manager. Copy the scripts into your PS editor and work with it. Let me know what you think.
  • cmztechcmztech Member Posts: 55 ■■□□□□□□□□
    I took a swing at it after all, I just love PowerShell. What can I say!

    I recommend you do this:

    1. Create an excel spreadsheet. name the first row of columns after the names of each field below found in the script. This means for each item in the script that has a .Title (a period then a title) that needs to have it's own column header.

    For example, your first three columns will be DisplayName, GivenName, and sn.

    Save the spreadsheet with a simple name, such as "newuser.xlsx"

    2. Then fill out the spreadsheet by answering each column header for the new user account.

    3. Use the script below to import the spreadsheet and use the objects to create a new user account.

    (the "one does not simply" part comes into play here because if this works without troubleshooting then that's amazing)

    function Create-ADUser {
    <#
    .Synopsis
    This script will import (create) AD user accounts from a .csv file
    .DESCRIPTION
    The Path variable is the AD container path. You can find this by right clicking the destination container within the AD tree and looking at it's properties. This is known as the Organizational Unit path, i.e. "OU=Users,DC=contoso,DC=com"
    .EXAMPLE
    create-aduser -List C:\Spreadsheet -Password Password
    .EXAMPLE
    Another example of how to use this cmdlet
    #>
    [CmdletBinding()]
    [OutputType([string])]
    Param (
    # Type the name of the list without the extension
    [Parameter(Mandatory=$true,ValueFromPipelineByPropertyName=$true,Position=0)]
    [String]$List,
    [Parameter(Mandatory=$true,Position=1)]
    [String]$password
    )

    Begin{
    $csv = Import-CSV -Path C:\insertPathToFile.csv
    }
    Process {
    foreach($_ in $csv){

    $newUserID=@{
    Name=$_.DisplayName
    GivenName=$_.GivenName
    surName=$_.sn
    DisplayName=$_.DisplayName
    samAccountName=$_.samAccountName
    Description=$_.Description
    EmailAddress=$_.Email
    OfficePhone=$_.TelephoneNumber
    UserPrincipalName=$_.UserPrincipalName
    Path=$_.Path
    AccountPassword=(ConvertTo-SecureString $password -AsPlainText -Force)
    Enabled=$true
    ChangePasswordAtLogon=$false
    PasswordNeverExpires=$true
    CannotChangePassword=$true
    }
    Try{
    New-ADUser @newUserID -Verbose -ErrorAction Stop
    Write-Host "UserID $($item.UserID) created!" -ForegroundColor green
    }
    Catch{
    Write-Host "There was a problem creating UserID $($item.UserID). The account was not created!" -ForegroundColor Red
    }
    }

    }
    End{ }
    }
Sign In or Register to comment.