So what I would like to modify on this win32 script is the -USER LOGON NAME for the Account entry in the Active Directory.
The Script currently updates the -USER LOGON NAME (pre-Windows 2000) field. It leaves the USER LOGON NAME field empty for any users inserted with this script. I also would like to populate the first name and last name fields however; currently the script only modifies the full name field.
Furthermore when using Win32::Lanman::NetUserAdd( "itstw2k1", \%Account ); it adds the users to the users directory within the active directory - I would like to add users to specific OU's (organizational units) that we have created within the Active Directory. Actually these OU's are often nested within other OU's enabling strict usage of Group policy which is slightly off topic.
my $dbh1 = DBI->connect("DBI:CSV:")
or die "Cannot connect: " . $DBI::errstr;
$dbh1->{'csv_tables'}->{'stokes_studs'} = { 'file' => 'stokes_studs.cs
+v'};
my $href = $dbh1->selectall_hashref("SELECT * FROM stokes_studs", "key
+");
$num_records = keys %{$href};
print "$num_records\n";
foreach (keys %{$href}) {
$href->{$_}{id} = sprintf ("%00005d",$href->{$_}{id});
#print "$href->{$_}{last_name} = $href->{$_}{id}\n";
&addUser($href->{$_}{last_name}, #$href->{$_}{first_name}, $href->
+{$_}{id}, $href->{$_}{dob}, $href->{$_}{year});
}
sub makeHomefolder
{
#create the user directory and set the security on it
my($id,$homeServer,$domain,$pdc) = @_;
if ($pdc eq ''){$domain = '';}
#if ($id =~ /\w/) {
$id =~ s/\(\w+\)//g;
$id =~ s/ / /g;
$id =~ s/ /_/g;
$id = sprintf ("%.20s",$id);
#}
$userRoot = "$homeServer\\$id";
print "Creating Users Home Folder $userRoot\n";
system ("mkdir $userRoot");
}
sub addUser {
my($lastname,$firstname,$id,$bday,$comment) = @_;
my ($passwordAge, $privilege, $login_name,
$homeDir, $fullname, $flags, $scriptPath);
$login_name = "$firstname $lastname $bday";
$login_name = sprintf "%.1s%.1s%02d%02d", lcfirst $firstname, lcfi
+rst $lastname, split /\//, $bday;
#chop $login_name;
#chop $login_name;
print "login_name = $login_name";
$fullName = "$firstname $lastname";
$domain = "itelem1";
$homeServer = "E:\\Stokes_students\\$comment";
$pdc = Win32::AdminMisc::GetPDC($domain);
$passwordAge = 1; #never expire
$privilege = USER_PRIV_USER;
$homeDir = "";
$flags = UF_NORMAL_ACCOUNT | UF_SCRIPT;
$scriptPath = 'login.bat';
$location = '';
%Account = (
name => "$login_name",
password => "$id",
home_dir => "\\\\maxst2\\$login_name",
comment => "$comment",
usr_comment => "usr_comment",
flags => UF_DONT_EXPIRE_PASSWD | UF_PASSWD_CANT_CHANGE,
params => '',
script_path => 'login.bat',
full_name => "$fullName",
workstations => "",
profile => "\\\\maxst2\\$login_name",
acct_expires => -1,
#logon_hours => pack( "b168", "11111111" x 21 ),
home_dir_drive => "H:",
password_expired => 1,
);
if (Win32::NetAdmin::UsersExist("itstw2k1", $login_name)) { #### C
+RT
print "duplicate username found = $login_name";
} else {
print "\nadding user $login_name\n";
print "firstname = $firstname\n";
print "lastname = $lastname\n";
Win32::Lanman::NetUserAdd( "itstw2k1", \%Account );
makeHomefolder($fullName,$homeServer,$domain,$pdc);
makePermissions($login_name,$fullName,$comment);
#system "cusrmgr -u $login_name -f $fullName";
#die;
}
}
sub makePermissions
{
my($username,$full_name,$description) = @_;
$stop=1;
$full_name =~ s/\(\w+\)//g;
$full_name =~ s/ / /g;
$full_name =~ s/ /_/g;
$full_name = sprintf ("%.20s",$full_name);
#opendir DIR, "E:\\Stokes_students\\$description\\$full_name" or &
+ERROR();
sub ERROR {
$stop=0;
}
print "\nuserRoot = $userRoot\n";
if($stop==1) {
#closedir DIR;
print "\nModifying Security on Users Home Folder\n";
print "\nusername = $username\n";
$Dir = new Win32::Perms( "$userRoot") || die;
$Dir->Remove(-1);
$Dir->Allow(Administrators,Win32::Perms::FULL_CONTROL_DIR,Win3
+2::Perms::DIR);
$Dir->Allow(Administrators,Win32::Perms::FULL_CONTROL_FILE,Win
+32::Perms::FILE);
$Dir->Set();
$Dir->Allow("$username",Win32::Perms::FULL_CONTROL_DIR,Win32::
+Perms::DIR);
$Dir->Allow("$username",Win32::Perms::FULL_CONTROL_FILE,Win32:
+:Perms::FILE);
$Dir->Set();
$Dir->Allow(System,Win32::Perms::FULL_CONTROL_DIR,Win32::Perms
+::DIR);
$Dir->Allow(System,Win32::Perms::FULL_CONTROL_FILE,Win32::Perm
+s::FILE);
$Dir->Set();
print "\n\nCreating Share on user's Home Directory\n";
print "$username\n";
print "$full_name\n";
print "$description\n\n";
if(!Win32::Lanman::NetShareAdd("\\\\MAXST2",
{'netname' => "$username",
# share name
type => Win32::Lanman::STYPE_
+DISKTREE,
# share type
remark => 'user share',
# remark
permissions => Win32::Lanman:
+:ACCESS_ALL,
# only used for share level security
max_uses => 3,
# number of users can connect
current_uses => 0,
# unused
path => "$userRoot",
# physical share path
passwd => 'password',
# password
#security_descriptor => $secd
+esc
}))
# sec. descriptor if you need security
{
print "Sorry, something went wrong; error: ";
# get the error code
print Win32::Lanman::GetLastError();
exit 1;
}
print "\nModifying Security on User Share\n";
$path = "\\\\MAXST2\\$username";
$Dir = new Win32::Perms("share:".$path ) || warn
"Can not create perm for $path \n";
$Dir->Remove(-1);
$Dir->Allow(Administrators,Win32::Perms::FULL_CONTROL_DIR,Win3
+2::Perms::DIR);
$Dir->Allow(Administrators,Win32::Perms::FULL_CONTROL_FILE,Win
+32::Perms::FILE);
$Dir->Set();
$Dir->Allow("$username",Win32::Perms::FULL_CONTROL_DIR,Win32::
+Perms::DIR);
$Dir->Allow("$username",Win32::Perms::FULL_CONTROL_FILE,Win32:
+:Perms::FILE);
$Dir->Set();
$Dir->Allow(System,Win32::Perms::FULL_CONTROL_DIR,Win32::Perms
+::DIR);
$Dir->Allow(System,Win32::Perms::FULL_CONTROL_FILE,Win32::Perm
+s::FILE);
$Dir->Set();
}
}