By Greg Shields
Tired of the ADUC — the Active Directory Users & Computers — with all its mouse-moving and clicky-clicky? Among others, Windows Server 2003 adds four native tools that make the administration of “The A-Duck” a whole lot more command-line friendly. The first in our series, DSADD, allows for the generation of Active Directory objects. Need to create a new global group called “Sales” in the Groups OU for the FirstClassCorp.com domain? Just enter:
dsadd group “cn=Sales,ou=Groups,dc=FirstClassCorp,dc=com” -secgrp yes -scope g
Note that any time we have spaces in the distinguished name for an object, we have to encapsulate it with quotes. OUs are done similarly. Let’s create a new OU for those pesky sales people:
dsadd ou “ou=Sales People,dc=FirstClassCorp,dc=com”
Now, we’ll create a new user account for the new sales guy, John Brown, in our new Sales OU, give him a new initial password and require him to change it the first time he logs in:
dsadd user “cn=John Brown,ou=Sales People,dc=FirstClassCorp,dc=com” -samid jbrown -fn John -ln Brown -display “John Brown” -pwd N@wPassw8rd -mustchpwd yes
There’s plenty more object-creating ability using DSADD. Just do a DSADD /? at the command prompt to find out more.
