Active Directory Cookbook for Windows Server 2003 and Windows 2000-Active Directory Cookbook for Windows Server 2003 and Windows 2000

[ Team LiB ]

Recipe 6.7 Copying a User

6.7.1 Problem

You want to copy an existing user account, which may be serving as a template, in order to create a new account.

6.7.2 Solution

6.7.2.1 Using a graphical user interface

Open the Active Directory Users and Computers snap-in.
In the left pane, browse to the parent container of the template user object.
In the right pane, right-click on the user and select Copy.
Enter the name information for the new user and click Next.
Enter a password, check any options you want enabled, and click Next.
Click Finish.

6.7.2.2 Using VBScript

' This code copies the attributes in the Attrs array from an 
' existing object to a new one.
' ------ SCRIPT CONFIGURATION ------
arrAttrs        = Array("department","co","title","l", "c", "st")
strParentDN     = "<ParentContainer>"   ' e.g. cn=Users,dc=rallencorp,dc=com
strTemplateUser = "<TemplateUserName>"  ' e.g. template-user-sales
strNewUser      = "<NewUserName>"       ' e.g. jdoe
strPassword     = "<Password>"
' ------ END CONFIGURATION ---------

Const ADS_UF_NORMAL_ACCOUNT = 512  ' from ADS_USER_FLAG_ENUM

Set objTemplate = GetObject("LDAP://cn=" & strTemplateUser & _
                            "," & strParentDN)
Set objParent   = GetObject("LDAP://" & strParentDN)
Set objUser     = objParent.Create("user", "cn=" & strNewUser)

objUser.Put "sAMAccountName", strNewUser
objUser.Put "userAccountControl", ADS_UF_NORMAL_ACCOUNT

for each strAttr in arrAttrs
   objUser.Put strAttr, objTemplate.Get(strAttr)
next

objUser.SetInfo
objUser.SetPassword(strPassword)
objUser.AccountDisabled = FALSE
objUser.SetInfo
WScript.Echo "Successfully created user"

6.7.3 Discussion

Copying a user consists of copying the attributes that are common among a certain user base, which can include department, address, and perhaps even organizational information. ADUC actually uses attributes that are marked in the schema as "Copied when duplicating a user" to determine which attributes to copy. The VBScript solution just used a hardcoded set of attributes. If you are interested in finding the attributes that are configured in the schema to get copied, see Recipe 10.12.

6.7.3.1 Using a graphical user interface

In order to copy a user in ADUC, you have to browse to the user object. If you locate the user by using Find instead, the Copy option is not available when right-clicking a user in the search results window.

6.7.3.2 Using VBScript

ADSI has a CopyHere method, but it is available only for the NDS provider. It was not implemented for the LDAP provider and so copying a user via a single method is not supported.

6.7.4 See Also

Recipe 10.12 for finding the attributes that should be copied when duplicating a user

[ Team LiB ]