Re: Creating accts through LDAP

From: Joe Richards [MVP] (humorexpress_at_hotmail.com)
Date: 01/12/05

Next message: Joe Richards [MVP]: "Re: Domain password expiration reset"
Previous message: KingBuzzo: "Re: NT4/2K3 DNS Domain Name - Fallback Issues"
In reply to: GMartin: "Re: Creating accts through LDAP"
Next in thread: Joe Kaplan \(MVP - ADSI\): "Re: Creating accts through LDAP"
Reply: Joe Kaplan \(MVP - ADSI\): "Re: Creating accts through LDAP"
Messages sorted by: [ date ] [ thread ]

Date: Wed, 12 Jan 2005 12:44:15 -0500

Yep, JoeK is a keeper. :o)

joe

--
Joe Richards Microsoft MVP Windows Server Directory Services
www.joeware.net
GMartin wrote:
> Thanks for the help, gentlemen. I'm continualy amazed by the quality of 
> folks who hang out here!
> 
> \\Greg
> 
> 
> Joe Richards [MVP] wrote:
> 
>> This is handled in the backend by setting useraccountcontrol & 
>> ADS_UF_PASSWD_NOTREQD when the account is created so it can exist 
>> without a password.
>>
>>   joe
>>
>> -- 
>> Joe Richards Microsoft MVP Windows Server Directory Services
>> www.joeware.net
>>
>>
>> Joe Kaplan (MVP - ADSI) wrote:
>>
>>> Create account, then add password, then enable it via 
>>> userAccountControl. The documentation is misleading in that the 
>>> account can't be enabled without a password with domain password 
>>> policy, but can actually exist.
>>>
>>> Joe K.
>>>
>>> "GMartin" <gmartin@gmartin.org> wrote in message 
>>> news:%23MKncID%23EHA.1408@TK2MSFTNGP10.phx.gbl...
>>>
>>>> Referencing How To Change a Windows 2000 User's Password Through LDAP
>>>> http://support.microsoft.com/?kbid=269190
>>>>
>>>> "...The attribute(unicodepwd)can only be modified; it cannot be 
>>>> added on object creation..."
>>>>
>>>> So, given that our domain (ou) policy requires passwords, how does 
>>>> one create an account without it?  Do we create the account in an OU 
>>>> with no such policy, add the password and then move the acct to the 
>>>> resting place?
>>>>
>>>> (scratching my head)
>>>>
>>>> \\Greg 
>>>
>>>
>>>
>>>
>>>

Next message: Joe Richards [MVP]: "Re: Domain password expiration reset"
Previous message: KingBuzzo: "Re: NT4/2K3 DNS Domain Name - Fallback Issues"
In reply to: GMartin: "Re: Creating accts through LDAP"
Next in thread: Joe Kaplan \(MVP - ADSI\): "Re: Creating accts through LDAP"
Reply: Joe Kaplan \(MVP - ADSI\): "Re: Creating accts through LDAP"
Messages sorted by: [ date ] [ thread ]

Relevant Pages

Re: PasswordFilter and ASP.NET
... looking at the set policy. ... Joe Richards Microsoft MVP Windows Server Directory Services ... >>Joe Richards Microsoft MVP Windows Server Directory Services ...
(microsoft.public.platformsdk.security)
Re: Scavenging Machine Acounts in AD
... Joe Richards Microsoft MVP Windows Server Directory Services ... Cary Shultz wrote:> Yes, Thank you, Joe! ... >>>>Cary Shultz wrote:>>>>>Mutsa,>>>>>>A large part of the problem apparently is that the domain user account>>>object is a member of the computer's local Administrators group. ...
(microsoft.public.win2000.active_directory)
Re: Deleted Objects
... Unless you are using backlinks these will not get updated automatically, ... Joe Richards Microsoft MVP Windows Server Directory Services ... >>references to deleted objects. ...
(microsoft.public.windows.server.active_directory)
Re: Setting a Group Disk Quota
... You make me blush Laura. ... Joe Richards Microsoft MVP Windows Server Directory Services ... >>basic programming. ...
(microsoft.public.win2000.file_system)
Re: Setting a Group Disk Quota
... You make me blush Laura. ... Joe Richards Microsoft MVP Windows Server Directory Services ... >>basic programming. ...
(microsoft.public.win2000.active_directory)