Thanks Neil, :) I will study that and hope to get going with it..
Rgds, Kenny, ST SG
Subject: RE: Any tools/scripts to change user logon profile automatically? From: "Braebaum, Neil" <[EMAIL PROTECTED]> Date: Mon, 28 Jul 2003 10:35:32 +0100 X-Message-Number: 1
Subject: RE: Any tools/scripts to change user logon profile automatically? From: "Ken L" <[EMAIL PROTECTED]> Date: Mon, 28 Jul 2003 06:01:42 +0000
Neil, The company attribute is the one that differentiate the 300 from 600 users.. Thanks again..
Righto...
The company attribute is only available via the LDAP provider (ie not available, as you'd probably expect, through the WinNT provider). Actually, it's not listed in my ADSI scripting book, but I just tried it through a test script, and you can access it just fine.
I don't know how much you know about scripting, and I don't want to insult your intelligence with anything - but I'll highlight the steps you'll need to script, and supply examples of how to do it.
Firstly with an AD domain, and given you'll need to use the LDAP provider for some attributes you want to access, you'll need to establish the naming context of the domain in LDAP parlance. I normally access the rootdse object, and use that so that I don't need to hard code it into scripts... so:-
< start of vbscript / ADSI example... >
Dim objRootDSE Dim strNamingContext
set objRootDSE=getobject("LDAP://rootdse";)
strNamingContext=objRootDSE.get("defaultnamingcontext")
set objectRootDSE=nothing
< end of vbscript / ADSI example... >
So strNamingContext will have the relevant naming context for your domain in LDAP parlance (eg it will contain something like "DC=company,DC=com").
Next thing you'll want to do is evaluate all users within the AD hierarchy. I'm assuming that you don't have any container / OU starting point, with which to be selective, so you'll simply have to recurse and filter on user type objects. So...
(note the above example already shows how to establish the naming context of the domain, and puts it into a string, so we'll assume we already have it, in the named variable above...)
< start of vbscript / ADSI example... >
call recursepath(strNamingContext)
sub recursepath(ADPath) Dim objContainer,objContainerUser,objSubOU,objUser
' Open the passed container - give that this could be at the root of the domain, or some ' OU below this, we cannot actually assume it is an OU to start with. ' Note we don't evaluate true containers - so the default location for users (the users container) ' will NOT be evaluated - something to note, if the actual users to be processed are in ' this container, or could be...
set objContainer=getobject("LDAP://"&ADPath)
' set a filter for the user objects in this container...
objContainer.filter=array("user")
' evaluate all the user type objects (filtered in the previous line) in this container ONLY
for each objContainerUser in objContainer
' establish an actual open object to the user object
set objUser=getobject("LDAP://"&objContainerUser.name&","&ADPath)' going here will have to be whatever processing we actually want to do on the user...
set objUser=nothing next
' set a filter to evaluate OUs below the current container / OU...
set objContainer.filter=array("organizationalunit")
' evaluate all OUs in the current container / OU...
for each objSubOU in objContainer
' recursively call this same subroutine with the OU name we've just
discovered...
call recursepath(objSubOU,name&","&ADPath)
nextset objContainer=nothing end sub
< end of vbscript / ADSI example... >
So this bit evaluates any users below the domain and in any OU hierarchy. Note - as mentioned in the comments in this script example, it doesn't process any containers - so the default "users" container is ignored, and any users in this container won't be processed.
The last bit you have to do is simple make some conditional logic on whatever it is you want to include in the "company" attribute, and then set what you want in the loginscript attribute (it was this you wanted to change, wasn't it?). Note: both these items could be passed arguments to the script, or merely hard=coded in - I'll just hard-code some vanilla examples.
So from the above examples, we've established the naming context, and are processing any user objects from the domain root downwards that are in OUs... we have an open object to the current user we are processing, called "objUser"...
< start of vbscript / ADSI example... >
if objUser.company="CompanyA" then objUser.loginscript="loginscriptA.cmd" objUser.setinfo end if
< end of vbscript / ADSI example... >
Note the "objUser.setinfo" is the line that actually updates the user.
I could have simply written one big example that actually did all that you want, but I don't truly think it helps techies, simply to write one big fate accompli - rather I think it's more long term help to show what needs to be done, with examples of how to do it - then you still learn something because you actually have to put all the bits together and get some understanding of what the scripts doing, as opposed to merely editing strings in scripts to personalise it to your implementation.
And nobody is paying me to write you one big script to do the job - I'm all about helping others to do stuff and sharing information, but not doing everything for them ;-)
Hope this helps
Neil
*********************************************** This e-mail and its attachments are confidential and are intended for the above named recipient only. If this has come to you in error, please notify the sender immediately and delete this e-mail from your system. You must take no action based on this, nor must you copy or disclose it or any part of its contents to any person or organisation. Statements and opinions contained in this email may not necessarily represent those of Littlewoods. Please note that e-mail communications may be monitored. The registered office of Littlewoods Limited and its subsidiaries is 100 Old Hall Street, Liverpool, L70 1AB. Registered number of Littlewoods Limited is 262152. ************************************************
_________________________________________________________________ Are you in love? Find a date on MSN Personals http://match.msn.com.my/
------ You are subscribed as [EMAIL PROTECTED] Web Interface: http://intm-dl.sparklist.com/cgi-bin/lyris.pl?enter=nt2000&text_mode=&lang=english To unsubscribe send a blank email to [EMAIL PROTECTED]
