Re: UserAccountControl, enable account and converted native DS type
From: Richard Mueller [MVP] (rlmueller-NOSPAM_at_ameritech.NOSPAM.net)
Date: 03/16/04
- Next message: Richard Mueller [MVP]: "Re: UserAccountControl, enable account and converted native DS type"
- Previous message: Si Ballenger: "Re: Repalce batch file with VB script?"
- In reply to: Tim McGue: "RE: UserAccountControl, enable account and converted native DS type"
- Next in thread: Steve Fulton: "Re: UserAccountControl, enable account and converted native DS type"
- Reply: Steve Fulton: "Re: UserAccountControl, enable account and converted native DS type"
- Messages sorted by: [ date ] [ thread ]
Date: Tue, 16 Mar 2004 17:31:05 -0600
Tim McGue wrote:
> I think there is something wrong with that sample. I believe that is from
Script Center right? Anyway just do this:
>
> objUser.Put "userAccountControl", 2
Hi,
You should not assign values this way to userAccountControl. The above would
disable the account (it would no longer be a user account). The object is to
set just one bit of the userAccountControl attribute. You do this be "Or"ing
the existing value with the bit mask for the flag of interest. In this case,
the bit mask for ADS_UF_ACCOUNTDISABLE has a value of 2 (actually &H02). If
you know what all the other bits are, you could assign a value that takes
them all into account. For example, a normal user with no other bits set
would have a value of &h200, which is 512 (decimal). So, to set this one bit
you might assign a value of &h200 and &h02, which would be 514. However,
this is risky, as you could be "stepping" on other bit settings. The rules
are:
1. To test a bit, "And" the corresponding bit mask with userAccountControl.
2. To set a bit, "Or" the bit mask with userAccountControl.
3. To toggle a bit, "Xor" the bit mask with userAccountControl.
You will note that the only way to un-set (disable) a bit is to first test
if it is set, and if it is to toggle it. Also, when you test with the "And"
operator, any non-zero result means the bit is set. A zero result means the
bit is not set.
-- Richard Microsoft MVP Scripting and ADSI HilltopLab web site - http://www.rlmueller.net --
- Next message: Richard Mueller [MVP]: "Re: UserAccountControl, enable account and converted native DS type"
- Previous message: Si Ballenger: "Re: Repalce batch file with VB script?"
- In reply to: Tim McGue: "RE: UserAccountControl, enable account and converted native DS type"
- Next in thread: Steve Fulton: "Re: UserAccountControl, enable account and converted native DS type"
- Reply: Steve Fulton: "Re: UserAccountControl, enable account and converted native DS type"
- Messages sorted by: [ date ] [ thread ]
Relevant Pages
|
