Creating and Updating Active Directory Objects
Active Directory objects can be used to locate resources in a computer network domain, such as users, security policies, printers, distributed components, and other resources. Active Directory objects can be created and updated using WMI. You can update an Active Directory object when new information about the object becomes available by using WMI event notification. For example, once an Active Directory user object is created, you can detect its creation with an event query in WMI and when the event is received, you can update the object with new information.
The following code example creates a new WMI instance of the class that represents the Active Directory user object. The example shows how to assign values to various properties required to create the new Active Directory user instance.
Const cUserID = "WMIUser" Const cComputerName = "LocalHost" Const cWMInamespace = "root/directory/LDAP" Const cWMIclass = "ds_user" Const ADS_UF_ACCOUNTDISABLE = &h000002 Set objWMILocator = _ CreateObject("WbemScripting.SWbemLocator") objWMILocator.Security_.AuthenticationLevel = _ wbemAuthenticationLevelDefault Set objWMIServices = objWMILocator. _ ConnectServer(cComputerName, cWMInamespace, "", "") Set objWMIClass = objWMIServices.Get(cWMIclass) Set objWMIInstance = objWMIClass.SpawnInstance_ objWMIInstance.DS_sAMAccountName = userID objWMIInstance.ADSIPath = "LDAP://CN=" & userID & _ ",CN=Users,DC=LissWare,DC=Net" objWMIInstance.Put_ (wbemChangeFlagCreateOrUpdate Or _ wbemFlagReturnWhenComplete) WScript.Echo "Active Directory user created."
The following code example updates a WMI instance of an Active Directory object. In this example, the displayname attribute is updated.
set svc = getObject("Winmgmts:root\directory\ldap") ' A context object is used to tell the provider which ' specific properties are going to be updated. ' In most cases, when you update a WMI object you do not ' need to specify an additional context object. ' However, if a context object is not supplied for a ' directory service provider, the update fails. set octx = createobject( _ "wbemscripting.swbemnamedvalueset") octx.add "__PUT_EXT_PROPERTIES", array("ds_displayname") octx.add "__PUT_EXTENSIONS", true octx.add "__PUT_EXT_CLIENT_REQUEST", true set objEnum = svc.execQuery( _ "select * from ds_computer where ds_cn = 'userName'", "WQL", 32) for each obj in objEnum obj.ds_DisplayName = "updatedName" obj.put_ 1, octx next WScript.Echo "Active Directory user successfully updated"