Re: Moving user to another container
- From: "ComputerTeacher" <computerteacher-nospam@xxxxxxxxxxxx>
- Date: Thu, 6 Jul 2006 22:04:56 -0600
Thanks for your response and script suggestion Richard.
Thinking about it, you're correct, it's only good to move the users to
enforce different GPO's. I really only want those students to use the same
mandatory profile. So I think I'll change my idea and write a script to set
the users profile to the appropriate path and then add them to the
appropriate groups so they have the correct permissions. I can use the
generic scripts from the technet scripting to accomplish that. If it
doesn't work, then I'll try using your script.
Thanks,
Jeremy
"Richard Mueller" <rlmueller-NOSPAM@xxxxxxxxxxxxxxxxxxxx> wrote in message
news:%23gC6QhXoGHA.516@xxxxxxxxxxxxxxxxxxxxxxx
"ComputerTeacher" <computerteacher-nospam@xxxxxxxxxxxx> wrote in message
news:evaMH9WoGHA.4768@xxxxxxxxxxxxxxxxxxxxxxx
I am the network administrator of a school that is part of a school
district AD (2003)
Each school has it's own OU with other OUs underneath.
Various students from other schools have been sent to my school for
summer school courses.
I have created a csv file with the user names of students to be moved.
I know (obviously) which OU to move all the students to.
But I don't know from which school they are coming. So I need to know
the best way to use a MoveHere script to move them from somewhere in the
"computer accounts" OU to the "computer
accounts\sectionU06\schoolU047\047Uustudents\047summerschool" OU.
I figure my best option is to create a script that outputs the OU
location of each student to a file and then use that information to
create seperate movehere scripts for each school.
Any suggestions?
Thanks,
Jeremy
Hi,
First, if all the OU's are in the same domain, there probably is no reason
to move the users. Permissions should be granted by group membership. The
only issue I can think of is group policies, which are applied to OU's.
Otherwise, no one should know the difference.
To move the user objects you need the Distinguished Names (DN's) of the
users. I gather your csv file has the NT names, also called the
"pre-Windows 2000 logon name" instead. You also need the distinguished
name (DN) of the target OU. The DN of the target OU might be:
strOU =
"ou=047summerschool,ou=047Uustudents,ou=schoolU047,ou=sectionU06,ou=computer
accounts,dc=MyDomain,dc=com"
You need to verify this, as it seems unusual. If you have a csv with the
DN of the users to be moved, you can code a VBScript program to read the
file and move each to the target OU. If the csv file instead has the NT
names, you can still do this. The program would read each NT name from the
file, use the NameTranslate object (combined with the NetBIOS name of the
domain) to convert to the DN, then move the user object.
I assume the csv file would have one name per line. Assuming one NT name
per line, the program would be similar to:
==================
Option Explicit
Dim strFile, strOU, objOU, objRootDSE, strDNSDomain
Dim objTrans, strNetBIOSDomain, strNTName, strUserDN
Dim objFSO, objFile
' Constants for the NameTranslate object.
Const ADS_NAME_INITTYPE_GC = 3
Const ADS_NAME_TYPE_NT4 = 3
Const ADS_NAME_TYPE_1779 = 1
' Specify the csv file. This file has one user NT name per line.
strFile = "c:\scripts\students.csv"
' Specify the DN of the target OU.
strOU = "ou=047summerschool,dc=MyDomain,dc=com"
' Bind to the target OU.
Set objOU = GetObject("LDAP://"; & strOU)
' Determine DNS name of domain from RootDSE.
Set objRootDSE = GetObject("LDAP://RootDSE";)
strDNSDomain = objRootDSE.Get("defaultNamingContext")
' Use the NameTranslate object to find the NetBIOS domain name from the
' DNS domain name.
Set objTrans = CreateObject("NameTranslate")
' Initialize NameTranslate by locating the Global Catalog.
objTrans.Init ADS_NAME_INITTYPE_GC, ""
' Use the Set method to specify the RPC 1779 format of the domain name.
objTrans.Set ADS_NAME_TYPE_1779, strDNSDomain
' Use the Get method to retrieve the NetBIOS Name.
' This has a trailing backspace, which we will use.
strNetBIOSDomain = objTrans.Get(ADS_NAME_TYPE_NT4)
' Open the file for read access.
Set objFSO = CreateObject("Scripting.FileSystemObject")
Set objFile = objFSO.OpenTextFile(strFile, 1)
' Read each line of the file and process.
Do Until objFile.AtEndOfStream
strNTName = Trim(objFile.ReadLine)
If (strNTName <> "") Then
' Use the Set method to specify the NT name.
objTrans.Set ADS_NAME_TYPE_NT4, strNetBIOSDomain & strNTName
' Use the Get method to retrieve the RPC 1779 Distinguished Name.
strUserDN = objTrans.Get(ADS_NAME_TYPE_1779)
' Move the user object to the target OU.
objOU.MoveHere "LDAP://"; & strUserDN, vbNullString
End If
Loop
' Clean up.
objFile.Close
===========
You must modify for your csv file name and path, and the DN of your target
OU. If the csv file has user DN's, you don't need to use the NameTranslate
object. You can just read strUserDN directly from the file (instead of
strNTName) and move the objects using the MoveHere method of the OU
object.
--
Richard
Microsoft MVP Scripting and ADSI
Hilltop Lab - http://www.rlmueller.net
.
- Follow-Ups:
- Re: Moving user to another container
- From: ComputerTeacher
- Re: Moving user to another container
- References:
- Moving user to another container
- From: ComputerTeacher
- Re: Moving user to another container
- From: Richard Mueller
- Moving user to another container
- Prev by Date: Re: Moving user to another container
- Next by Date: Re: Domain Migration - Duplicate Computer KDC Errors
- Previous by thread: Re: Moving user to another container
- Next by thread: Re: Moving user to another container
- Index(es):
Relevant Pages
|
