AD/OU User move..

J

jim

We currently have all of our user's in a single OU ("users"). We're just
now planning on organizing them in a more logical way based on which
department they're in. Is there a way to script or automate moving blocks
of users to different OU's? We'll be using a standard CSV file from our HR
department that should have the appropriate department information for each
user. Right now it looks like we'd be stuck dragging and dropping each
account one by one. There must be a simpler way to do this?? Any ideas? A
resource kit utility perhaps?

Thanks in advance!
jim
 
J

Jim Underwood

Jim,

Here is some VB.Net code to move a user. It is fairly simple once you have
defined which OUs you are moving each user to. objADEntry is the original
user object, and strPath is the full path to the new OU that you are placing
the user in. strADAdminUser, strADAdminPassword, and strADAuthType are
optional if you are runnign the code as a domain admin, which I assume that
you are.

You can eliminate most of the code in ProcessAD, and just use the two lines
below, if you want to use the full path to the individual users rather than
looking them up by account name. This can be done with VBScript as well,
but I dont have any examples of that.

As for reading in the CSV file, I'm sure someone will have a good example
that they can give.

Dim container As New DirectoryEntry("LDAP:\\" & <Distinguished name of
user>)
MoveADUser(container, <new OU path>)


Private Sub MoveADUser(ByVal objADEntry As DirectoryEntry, ByVal strPath
As String)

'***********************************************************************
' Private method
' moves AD user from one path to another

'***********************************************************************
Try
'Dim objDirPath As New DirectoryEntry(strPath, strADAdminUser,
strADAdminPassword, strADAuthType)
Dim objDirPath As New DirectoryEntry(strPath) ' use thsi if you
are running as a domain admin
objADEntry.MoveTo(objDirPath)
objADEntry.CommitChanges()
Catch ex As System.Runtime.InteropServices.COMException
MsgBox("Error connecting to Active Directory. Could not change
user path." & vbCrLf & ex.ErrorCode & " - " & ex.Message)
Exit Sub
End Try
End Sub

Public Function ProcessAD(ByVal strUserID As String) As Boolean

'***********************************************************************
' Private method
' locates user and calls procedure to update the ID if found, create
the id if not found

'***********************************************************************
ProcessAD = False
'This procedure will locate an account for a user withing Active
Directory,
' Confirm that the account found matches the user exactly,
' and call the functions to either update the account

'Search for account
Dim booFound As Boolean = False
Dim container As New DirectoryEntry("LDAP:\\DC=Domain,DC=com")
Try
Dim ads As Object = container.NativeObject
Catch ex As System.Runtime.InteropServices.COMException
MsgBox("Error connecting to Active Directory. " & vbCrLf &
ex.ErrorCode & " - " & ex.Message)
Exit Function
End Try
' create search object and define filter
Dim mySearcher As New
System.DirectoryServices.DirectorySearcher(container)
mySearcher.Filter = "(&(sAMAccountName=" & strUserID &
")(objectClass=user))"
Dim result As System.DirectoryServices.SearchResult
For Each result In mySearcher.FindAll()
'Compare network account to userID to make certain we have a
good match
'Without this partial matches may be possible
If result.GetDirectoryEntry().Properties("sAMAccountName").value
= strUserID Then
booFound = True
Exit For
End If
Next
If booFound = True Then
ProcessAD = MoveADUser(result.GetDirectoryEntry,
DestinationPath) ' set Destination path to the new OU
else
msgbox("User " & strUserID & " not found")
End If
End Function
 
T

Tom Che [MSFT]

Hi Jim,

Thanks for posting here.

It appears that this is a Development related request and would best be
addressed in the Developer newsgroups. I have provided the link below:

<http://msdn.microsoft.com/newsgroups/default.asp>

Or you may ask for developer support:
<http://support.microsoft.com/directory/directory/phonepro.asp?sd=msdn>

Have a nice day!

Sincerely,
Tom Che
Microsoft Online Partner Support
Get Secure! - www.microsoft.com/security

=====================================================
When responding to posts, please "Reply to Group" via your newsreader so
that others may learn and benefit from your issue.
=====================================================
This posting is provided "AS IS" with no warranties, and confers no rights.

--------------------
 

Ask a Question

Want to reply to this thread or ask your own question?

You'll need to choose a username for the site, which only take a couple of moments. After that, you can post your question and our members will help you out.

Ask a Question

Top