Creating user accounts
The following code sample creates a user account in the specified organizational unit.
- ADSI
-
[Reflection.Assembly]::LoadWithPartialName("Softerra.Adaxes.Adsi") # Connect to the Adaxes service $ns = New-Object "Softerra.Adaxes.Adsi.AdmNamespace" $service = $ns.GetServiceDirectly("localhost") # Bind to the organizational unit $parent = $service.OpenObject("Adaxes://OU=Sales,DC=company,DC=com", $null, $null, 0) # Create a new user object $user = $parent.Create("user", "CN=John Smith") # First name $user.Put("givenName", "John") # Last name $user.Put("sn", "Smith") # User logon name (pre-Windows 2000) $user.Put("sAMAccountName", "jsmith") # Password $user.Put("unicodePwd", "secret") # Must change password at first logon $user.Put("pwdLastSet", 0) # Account is enabled $user.AccountDisabled = $false # Save the user account to the directory $user.SetInfo() - PowerShell
-
Import-Module Adaxes $parentDN = "OU=Sales,DC=company,DC=com" $domain = "company.com" $name = "John Smith" $firstName = "John" $lastName = "Smith" $password = ConvertTo-SecureString "secret" -AsPlainText -Force $username = "jsmith" New-AdmUser $name -Path $parentDN ` -GivenName $firstName -Surname $lastName -SamAccountName $username ` -AccountPassword $password -ChangePasswordAtLogon $true -Enabled $true ` -Server $domain -AdaxesService localhost
The following code sample creates a user account with the following account options enabled.
- Password never expires
- Cannot change password
- Smart card is required
- ADSI
-
[Reflection.Assembly]::LoadWithPartialName("Softerra.Adaxes.Adsi") # Connect to the Adaxes service $ns = New-Object "Softerra.Adaxes.Adsi.AdmNamespace" $service = $ns.GetServiceDirectly("localhost") # Bind to the organizational unit $parent = $service.OpenObject("Adaxes://OU=Sales,DC=company,DC=com", $null, $null, 0) # Create a new user object $user = $parent.Create("user", "CN=John Smith") # First name $user.Put("givenName", "John") # Last name $user.Put("sn", "Smith") # User logon name (pre-Windows 2000) $user.Put("sAMAccountName", "jsmith") # Password $user.Put("unicodePwd", "secret") # Account options [Softerra.Adaxes.Interop.Adsi.PersistentObjects.ADS_USER_FLAG_ENUM]$accountOptions = "ADS_UF_DONT_EXPIRE_PASSWD", "ADS_UF_SMARTCARD_REQUIRED" $user.Put("userAccountControl", [int]$accountOptions) # Cannot change password $user.Put("adm-CannotChangePassword", $true) # Save the user account to the directory $user.SetInfo() - PowerShell
-
Import-Module Adaxes $parentDN = "OU=Sales,DC=company,DC=com" $domain = "company.com" $name = "John Smith" $firstName = "John" $lastName = "Smith" $password = ConvertTo-SecureString "secret" -AsPlainText -Force $username = "jsmith" New-AdmUser $name -Path $parentDN ` -GivenName $firstName -Surname $lastName -SamAccountName $username ` -AccountPassword $password -PasswordNeverExpires $true -CannotChangePassword $true ` -SmartcardLogonRequired $true -Server $domain -AdaxesService localhost
For a list of account options flags, see ADS_USER_FLAG_ENUM. Note that you cannot set the Cannot change password flag by modifying account options – you need to set the adm-CannotChangePassword virtual property to $true.