Welcome to Office Zealot Sign in | Join | Help

VBS Script for Creating Users in a WSS 2003 Extranet Domain

SharePoint 2007 offers a more flexible authetication model; one that does not require all users to exist in Active Directory.  This will be especially useful in building WSS-based extranets.  Today, with WSS 2003, extranet users must exist in an AD domain.  Even if you properly configure your DMZ to have a separate AD environment for external users, it's still a pain to coordinate with IT on the creation of new client credentials (this is assuming you are not using SharePoint in AD Creation Mode).  Below is a variation of a VB script I have used to automatically define new users in a DMZ AD domain.  I have an OU (Orgainzational Unit) defined for my clients (I don't want to use the 'Users' collection as I might have different types of external users and I don't want folks to slip in the back door by being Domain Users).  In the OU, I set different AD groups, per client.  The script below is hardcoded for demonstration purposes.  I have actually created a Web service to call a parameterized version of it.  The Web service could then be called by a web application and could be managed by non-IT users.  The goal is to create new users and assign them to the right client group... where your SharePoint sites are already wired to map security to the appropriate AD groups.  This sure beats having to manage new user requests (or giving non-IT people access to the domain controller!).

'Script to create a new Client user account in the Extranet AD

'First: set the proper domain
Set oRoot = GetObject("LDAP://rootDSE")
Set oOU = GetObject("LDAP://OU=Clients, " & oRoot.Get("defaultNamingContext"))

'Second: add the user
Set oUser = oOU.Create("Users", "cn=Test Client")
oUser.Put "sAMAccountName", "testclient"
oUser.Put "sn", "Client"
oUser.Put "givenName", "Test"
oUser.Put "mail","testclient@clientcompany.com"
oUser.Put "Description", "Account created through Client creation program"
oUser.SetInfo

'Third: set the password
oUser.AccountDisabled = False
oUser.SetPassword "06Jornata!"
oUser.SetInfo

'Fourth: add user to proper Client group
set oGroup = oOU.GetObject("Group","cn=ClientA")
oGroup.Add(oUser.ADsPath)
oGroup.SetInfo

Published Thursday, August 17, 2006 6:47 AM by Mauro

Comments

Sunday, October 08, 2006 4:00 PM by Anonymous

# re: VBS Script for Creating Users in a WSS 2003 Extranet Domain

Will this script work with SharePoint 2007? Does SharePoint 2007 support COM-based API?
Thanks!
Tuesday, June 26, 2007 10:20 AM by The Boiler Room - Mark Kruger, Microsoft SharePoint MVP

# 2007 MOSS Resource Links (Microsoft Office SharePoint Server)

2007 MOSS Resource Links (Microsoft Office SharePoint Server) Here is an assortment of various 2007 Microsoft

Tuesday, December 11, 2007 8:03 PM by Mirrored Blogs

# Development--

Body: Application Development on MOSS 2007 & WSS V3 Beginning custom SharePoint development with

Monday, February 18, 2008 7:25 AM by SharePoint mola

# SharePoint resources

Gracias a Mark Kruger (SharePoint MVP) por esta lista de recursos de SharePoint donde podréis encontrar

Monday, February 18, 2008 8:12 AM by SHAREPOINTBlogs.com Mirror

# SharePoint resources

Gracias a Mark Kruger (SharePoint MVP) por esta lista de recursos de SharePoint donde podréis encontrar

Anonymous comments are disabled