1

关于这个问题,还有一个问题,希望我能完成这个脚本

在此脚本中的“objUser.AccountDisabled = False”行,它应该启用 Active Directory 中的帐户,但它总是创建禁用的帐户。我尝试在命令后添加“objUser.SetInfo”并得到错误 (30, 2) (null):指定的目录服务属性或值不存在。”

有没有人有任何其他想法我可以尝试启用要创建的帐户?

提前感谢您的回复。

Dim strCode,strID,StrFName,strLName,strFirm,strPwd,strIPGM,strServer,strLMS,strSql,strLMSV,strDisplay

trCode = "za"
strID = "zademo1"
strFName = "Demo"
strLName = "Tester"
strFirm = "Demo"
strPwd = "za1234"
strServer = "rkasp01"
strDisplay = strFName & strLName
strIPGM = "lms" & strCode

Set objOU = GetObject("LDAP://cn=users,dc=asp,dc=rippe,dc=com")

Set objUser = objOU.Create("User", "cn=" & strID)
objUser.Put "sAMAccountName", strID

objUser.Put "givenName", strFName
objUser.Put "sn", strLName
objUser.Put "displayName", strLName
objUser.Put "homedirectory", "\\rkpdc\" & strFirm & "\" & strID
objUser.Put "scriptpath", strFirm & ".bat"
objUser.SetInfo

objUser.SetPassword strPwd
objUser.Put "PasswordExpired", CLng(1)
objUser.AccountDisabled = False  <---------------
'objUser.SetInfo

Set objOU = GetObject("LDAP://cn=users,dc=asp,dc=rippe,dc=com")
Set objGroup = objOU.Create("Group", "cn=" & strFirm)
objGroup.Put "sAMAccountName", strFirm


objGroup.Add objUser.ADSPath
4

2 回答 2

2

通过确保在尝试设置启用/禁用状态之前objUser.SetInfo已运行以保存对帐户的任何更改,我能够启用该帐户。

IE

objuser.setpassword "swSDD"
OBJUSER.SETINFO
objuser.AccountDisabled=False


objuser.setpassword "swSDD"
objuser.AccountDisabled=False
于 2014-08-11T12:49:28.500 回答
0

尝试userAccountControl直接修改帐户的属性。该userAccountControl属性是一个位掩码,每个位或标志控制诸如帐户启用/禁用状态、密码要求、密码过期状态以及许多其他内容,记录在这里

要启用帐户,您需要XOR屏蔽现有值中的启用/禁用标志(十六进制 0x002),如果帐户被禁用,则有效地启用该帐户。为了防止它在启用后禁用该帐户,我们可以检查该帐户是否已启用。

修改脚本示例:

Dim strCode,strID,StrFName,strLName,strFirm,strPwd,strIPGM,strServer,strLMS,strSql,strLMSV,strDisplay,intUAC

trCode = "za"
strID = "zademo1"
strFName = "Demo"
strLName = "Tester"
strFirm = "Demo"
strPwd = "za1234"
strServer = "rkasp01"
strDisplay = strFName & strLName
strIPGM = "lms" & strCode

Set objOU = GetObject("LDAP://cn=users,dc=asp,dc=rippe,dc=com")

Set objUser = objOU.Create("User", "cn=" & strID)
objUser.Put "sAMAccountName", strID

objUser.Put "givenName", strFName
objUser.Put "sn", strLName
objUser.Put "displayName", strLName
objUser.Put "homedirectory", "\\rkpdc\" & strFirm & "\" & strID
objUser.Put "scriptpath", strFirm & ".bat"

'removed duplicate SetInfo

objUser.SetPassword strPwd
objUser.Put "PasswordExpired", CLng(1)

'get existing value of userAccountControl
intUAC = objUser.Get("userAccountControl")
'AND the current value and the enable/disable flag (0x0002)
If intUAC AND 2 Then
    objUser.Put "userAccountControl", intUAC XOR 2
End If

'set the updated properties
objUser.SetInfo

Set objOU = GetObject("LDAP://cn=users,dc=asp,dc=rippe,dc=com")
Set objGroup = objOU.Create("Group", "cn=" & strFirm)
objGroup.Put "sAMAccountName", strFirm

objGroup.Add objUser.ADSPath
于 2013-01-05T01:47:08.370 回答