Creating and Updating Active Directory Objects

Active Directory objects can be used to locate resources in a computer network domain, such as users, security policies, printers, distributed components, and other resources. Active Directory objects can be created and updated using WMI. You can update an Active Directory object when new information about the object becomes available by using WMI event notification. For example, once an Active Directory user object is created, you can detect its creation with an event query in WMI and when the event is received, you can update the object with new information.

The following code example creates a new WMI instance of the class that represents the Active Directory user object. The example shows how to assign values to various properties required to create the new Active Directory user instance.

Const cUserID = "WMIUser"
Const cComputerName = "LocalHost"
Const cWMInamespace = "root/directory/LDAP"
Const cWMIclass = "ds_user"


Set objWMILocator = _
objWMILocator.Security_.AuthenticationLevel = _

Set objWMIServices = objWMILocator. _
    ConnectServer(cComputerName, cWMInamespace, "", "")

Set objWMIClass = objWMIServices.Get(cWMIclass)

Set objWMIInstance = objWMIClass.SpawnInstance_

objWMIInstance.DS_sAMAccountName = userID
objWMIInstance.ADSIPath = "LDAP://CN=" & userID & _

objWMIInstance.Put_ (wbemChangeFlagCreateOrUpdate Or _

WScript.Echo "Active Directory user created."

The following code example updates a WMI instance of an Active Directory object. In this example, the displayname attribute is updated.

set svc = getObject("Winmgmts:root\directory\ldap")

' A context object is used to tell the provider which
' specific properties are going to be updated.  
' In most cases, when you update a WMI object you do not
' need to specify an additional context object. 
' However,  if a context object is not supplied for a
' directory service provider, the update fails.

set octx = createobject( _
octx.add "__PUT_EXT_PROPERTIES", array("ds_displayname")
octx.add "__PUT_EXTENSIONS", true
octx.add "__PUT_EXT_CLIENT_REQUEST", true

set objEnum = svc.execQuery( _
    "select * from ds_computer where ds_cn = 'userName'", "WQL", 32)

for each obj in objEnum
 obj.ds_DisplayName = "updatedName"
 obj.put_ 1, octx

WScript.Echo "Active Directory user successfully updated"