Precedence web site

Wiki Home

Support-KB-AD >> Scripts

Jump To: Support > KB > AD > Scripts

User management scripts

As part of a supported AD network, we supply a number of scripts to create and manage users. The core scripts are:

  • addusers.vbs - bulk creates users from a CSV file (CSV file in same format as used on NetManager). If user already exists, will update settings (but leave password unchanged).
  • adduser.vbs - creates a single user. Prompts for username, password and real name.
  • settsprofile.vbs - sets terminal services profile and logon script only based on a CSV file
  • export.vbs - creates a CSV file for each group containing all the users within that group (must be run on DC).

The user creation scripts (addusers and adduser) do the following:

  • Create user
  • Create home area in specified location
  • Set permissions on home area (with optional read-only or read-write access to given groups)
  • Share home area (either hidden or not)
  • Set home drive in AD
  • Set home path in AD
  • Set profile path
  • Set terminal services profile path
  • Set logon script

The exact behaviour of the scripts is controlled by a file called config.txt. An example file (which contains descriptive comments) is shown below: 

; $Date: 2010/08/19 15:47:49 $
; server = fileserver for home areas
server=FILESERVER

; drive = drive for home areas
drive=U:

; profile = regular workstation profile
; %SERVER%, %GROUP% and %USERNAME% will be substituted
profile=\\FILESERVER\profiles$\workstation

; tsprofile = terminal services profile
; %SERVER% and %GROUP% will be substituted
tsprofile=\\FILESERVER\profiles$\termserv

; logon = logon script
logon=kix32 logon.kix

; homedir = template for home dirs in AD
; %SERVER%, %GROUP% and %USERNAME% will be substituted
; do not put a $ on the end (this is handled by the hidden option below)
homedir=\\%SERVER%\%USERNAME%

; makehomedirs = (y/n) - make home directories on server?
makehomedirs=y

; groupsub = (y/n) - create home directories in a subdirectory named
; after the group
groupsub=y

; homepath = Path to create home directories in (see groupsub above)
homepath=E:\Users

; hidden = (y/n) - home directories are hidden shares?
hidden=y

; delshare = (y/n) - delete old shares to avoid clashes
delshare=y

; setprofileperms = (y/n) - whether to set permissions on profile too
; Only to be used with roaming profiles
setprofileperms=n

; pdc = domain controller to create users on (blank = server above)
pdc=

; readgroup = comma-separated list of groups who should have read access
; to the home areas
readgroup=

; writegroup = comma-separated list of groups who should have write access
; to the home areas (Administrators always has full control)
writegroup=

; group = force creation in this group
group=

; vetogroup = comma-separated list of groups we should not create
; use this when you have multiple configurations and you need to ensure
; you are using the right one
vetogroup=

The addusers/adduser scripts should be run on the fileserver (if home areas are to be held on a Windows server) or on a domain controller (if home areas are to be held on NetManager).

If you need multiple configurations (for example, if home areas are held in E:\Users\Students\groupname\username for students and E:\Users\Staff\username for staff) you can create multiple config files (called e.g. staffconfig.txt). You can then create a shortcut to the addusers.vbs script and specify the config filename on the end of the shortcut (e.g. so the shortcut path is \\netmanager\root\scripts\user\addusers.vbs staffconfig.txt).

In addition there are:

  • changepass.vbs - prompts for username and password and resets password for that user
  • delgroup.vbs - deletes all users from a given group (but does not delete home areas, etc.)
  • listg.vbs - outputs all groups to a file called groups.txt
  • listu.vbs - outputs all users to a file called users.txt
  • mailexport.vbs - attempts to export all users' email addresses from AD/Exchange in a format suitable for Email Aliases
  • sethome.vbs - sets home path and drive for a specified group (N.B. does not use config.txt)
  • resetpass.vbs - resets password for a whole group (similar to resetpass on NetManager).
Precedence Technologies Ltd, Technology House, 36a Union Lane, Cambridge, UK | Tel: 08456 446 800
Edit - History - Print - Recent Changes - Search
Page last modified on September 13, 2011, at 11:52 AM by sborrill