Active Directory User Import, AD Bulk Users


Import and Modify Active Directory Users in bulk

The Interface

The interface is designed so that you can see each attribute that will be imported for each User. Using the Previous and Next buttons you can check through your import file making sure each User will be imported correctly. If you notice a mistake simply amend it using the interface. To the right you’ll see a log of how your import is progressing, you can save and print the log should you require.

Import from Excel, CSV file or Microsoft SQL Server

The import file can be formatted using the CSV (comma separated value) format or semicolon separated format allowing easy preparation using a spreadsheet program such as Excel.

You can choose to import from a standard CSV file or from an ODBC source such a SQL server.

You can import any of the attributes found below and place them in the import file in any order. As shown in the example below, row 1 contains the column header, this is the attribute name you wish to import such as givenName (first name). The attribute names can be placed in any order, you don’t need to use all the attributes names, simply add the attributes you require. The column header (sAMAccountName,givenName,sn) tells the program what to expect in the rows beneath. Using a spreadsheet allows you to construct the file quickly or import your user data from elsewhere.

Example CSV Import File

Modify Existing Active Directory User Accounts

AD Bulk Users can be used to modify existing Active Directory Users. This is done by adding the column header ‘Modify’ to the import file and setting the value to ‘TRUE’.

To modify a Users ‘description’ attribute, the following would be required in the import file (CSV): sAMAccountName,description,Modify
Joe Smith,Accountant,TRUE

The Users sAMAccountName is used to locate the user in Active Directory, as seen in the example below.

Example use of modify column

If you wanted to modify more than one attribute simply add the additional column headers to your import file. For example: sAMAccountName,description,telephone,Modify

Command Line Arguments

Automate your import tasks by using the following command line arguments.
ADBulkUsers.exe /path:CN=users,DC=Domain,DC=Com /file:import.csv /import /log:file.log

Arguments:

/path The LDAP path to where the users should be imported.
/file Path to the import file.
/import Starts the import process.
/modify Modifies the users found in the CSV file or DB table.
/leaveOpen Leaves the GUI open after a command line import.
/log Saves the log to the specified file.
/username Username of a user with permissions to create users.
/password Password for above user.
/server Domain Controller used to create users.
/lowersAMAccountName Converts the sAMAccountName value to lower case.
/lowerCN Converts the CN value to lower case.
/addUsersToGroups Add the user to the group specified in the memberOf column.
/removeUsersFromGroups Removes the user from the group specified in the memberOf column.
/sqlServer The SQL server where the database lives.
/dbUsername Username used to connect to the SQL server.
/dbPassword Password used to connect to the SQL table.
/database The database containing the users table.
/table The table that contains the users to be imported/updated.
   
   

Microsoft Terminal Services Support

Import and Modify Terminal Services Home Folder and Profile Path for users. See Screenshot

Microsoft Exchange Support

Create Exchange Server Mailbox for users. See Screenshot

Wildcards

The following wildcards can be used throughout your CSV file or SQL table:

%username% (reads the value found in the sAMAccountName column)
%firstname% (reads the value found in the givenName column)
%lastname% (reads the value found in the sn column)
%givenName% (reads the value found in the givenName column)
%sn% (reads the value found in the sn column)
%sAMAccountName% (reads the value found in the sAMAccountName column)
%userPrincipalName% (reads the value found in the userPrincipalName column)
%initials% (reads the value found in the initials column)
%email% (reads the value found in the mail column)
%firstNamefirst% (reads the first letter of the value found in the givenName column)
%firstNamelast% (reads the last letter of the value found in the givenName column)
%lastNamefirst% (reads the first letter of the value found in the sn column)
%lastNamelast% (reads the last letter of the value found in the sn column)

Home Folders

To set the users Home Folder add the column header ‘homeFolder’ to your import file. You can use a local folder such as “c:\User1″ or a UNC path followed by a semi colon and the drive letter to use such as ” \\server\homedrives\;z:”.

Creating the users home folder

To create the users home folder add the attribute ‘createHomeDirectory’ to the first line of the import file and the values ‘TRUE’ or ‘FALSE’ to the proceeding lines. This is to be used in conjunction with the homeFolder property.

If the program finds the property ‘createHomeDirectory’ it will create a csv file and prompt you to save it. After the users have been imported run the program ‘Home Folder Creator’ and select the file you saved, this will then create the users home directory at the specified path and assign the correct permissions for that user. The reason the creation of the users home folder needs to be completed after the user import is to give the user object time to replicate across the domain so that the permissions can be correctly assigned.

The Home Folder Creator can also be accessed from the command line. See the Help file for details.

Importing into multiple OU’s

To import users into multiple OU’s from the same import file add the property ‘destinationOU’ to your import file. An LDAP path placed in this field results in the user being imported into that OU. This overrides the ‘Active Directory Container’ OU found on the settings tab. If the user has a destinationOU value present in the import file then the user is imported into that OU otherwise the user is imported into the OU found on the settings tab.

Common Name (CN) attribute

The Common Name is the name you see in Active Directory Users and Computers and can be set using the property name ‘CN’. The variables %firstname%, %lastname% and %username% can be used with the ‘CN’ property. The program by default will set the CN to %Firstname% %Lastname%, this can be swapped to %Lastname% %Firstname% if required. If you want to use a comma, (example: Bloggs, Joe) then add a backslash before the comma (example: Joe\, Bloggs).

Manager Property

The manager attribute requires the distinguishedName of an existing Active Directory user, an example value would be “CN=JBloggs,OU=Managers,DC=Domain,DC=Com”.

Custom or unlisted attributes

It is possible to add additional and custom attributes to the program. The interface is generated from the dynamically and can be updated to accomodate additional attributes. When importing custom attributes the attribute needs to exist in the Active Directory schema before import. For assistance with using custom or unlisted attributes please e-mail support@dovestones.com.

Supported Attributes List

Please note all column headers to be used in the import file are case sensitive.

General Tab

Display Name Attribute Name
(column headers in CSV file)
Example Value
First Name givenName John
Initials initials JS
Last Name sn Smith
Display Name displayName “John, Smith”
Description description Sales Manager
Office physicalDeliveryOfficeName London Office
Telephone Number telephoneNumber 0123 456 789
Telephone Number (Other) otherTelephone 0123 4457 89
Email mail JSmith@domain.com
Web Page wWWHomePage http://www.johnsmith.com
Web Page (Other) url http://www.John.net,www.John.org
Password password JohnsPass321
Destination OU destinationOU OU=Sales,DC=Domain,DC=Com
Common Name CN John Smith or %lastname% %firstname%
Modify User if already exists Modify True or False
Delete User Delete True or False

Address Tab

Display Name Attribute Name
(column headers in CSV file)
Example Value
Street streetAddress 10 Downing St;London
(Use a semi-colon for carriage return)
PO Box postOfficeBox Po Box 1
City l (Lowercase L) London
State/Province st New York
Zip/Postal Code postalCode 614415
Country c GB – (Click here for country codes)

Group Tab

Display Name Attribute Name
(column headers in CSV file)
Example Value
Group memberOf CN=ManagersGroup,DC=Domain,DC=Com

Account Tab

Display Name Attribute Name
(column headers in CSV file)
Example Value
User Logon Name userPrincipalName JSmith@domain.com
User Logon Name (Pre W2K) sAMAccountName JSmith mandatory Mandatory, you must include this
User must change password at next logon mustChangePassword True or False
User cannot change password userCannotChangePassword True or False
Account is Disabled accountDisabled True or False
Use DES encryption useDES True or False
Do not require kerberos preauthentication notRequireKerberos True or False
Password never expires passwordNeverExpires True or False
Account is trusted for delegation trustedForDelegation True or False
Store password using reversable encryption passwordReversable True or False
Smart card is required for interactive logon smartCardRequired True or False
Account is sensitive and cannot be delegated sensitiveForDelegation True or False
Account Expires (use same date format as server) expires 01/01/2007

Profile Tab

Display Name Attribute Name
(column headers in CSV file)
Example Value
Profile Path profilePath \\server\profiles
Login Script scriptPath logon.bat
Home Folder (local or UNC, see notes above) homeFolder \\server\homedir\Jsmith;z:
Drive only homeDrive H:
Path only homeDirectory \\server\homedir\Jsmith
Create Home Folder and Set Permissions createHomeDirectory True

Telephones Tab

Display Name Attribute Name
(column headers in CSV file)
Example Value
Home homePhone 660 123 122
Home (Other) otherHomePhone 0661 123 122
Pager pager 1234
Pager (Other) otherPager 123
Mobile mobile 120 456 789
Mobile (Other) otherMobile 121 456 789
Fax facsimileTelephoneNumber 122 456 789
Fax (Other) otherFacsimile
TelephoneNumber
0123 456 789
IP Phone ipPhone 01IP
IP Phone (Other) otherIpPhone 432493809
Notes info General information (Use a semi-colon for carriage return)

Organization Tab

Display Name Attribute Name
(column headers in CSV file)
Example Value
Title title Manager
Department department Sales
Company company Big Corp
Manager manager CN=Ste Jobs,OU=Managers,DC=Domain,DC=Com
Employee ID employeeID  
Employee Type employeeType  
Employee Number employeeNumber  
Car License carLicense  
Division division  
Middle Name middleName  
Room Number roomNumber  
Assistant assistant CN=Joe Blog,OU=Managers,DC=Domain,DC=Com
jpegPhoto jpegPhoto E:\photos\%username%.jpg
(25KB or less, 200×200 pixels or less)

Exchange Tab

Display Name Attribute Name
(column headers in CSV file)
Example Value
Create Mailbox for User mailboxEnabled True, Required when creating a mailbox.
Alias mailNickname Jsmith *Required
Email addresses proxyAddresses SMTP:JSmith@doamin.com multiple addresses?
Automatically update based on recipient policy AutoUpdateOnRecipientPolicy True or False (True if omitted), can be used in place of proxyAddresses.
Simple Display Name displayNamePrintable Jsmith
Forward to altRecipient CN=User2,OU=Managers,DC=Domain,DC=Com
Deliver & Forward deliverAndRedirect True
Use MAPI Rich Text mAPIRecipient True or False
Hide From Address Lists msExchHideFromAddressLists True or False
Exchange Store ExchangeStore  
Mail-Enable User mailEnabled* True or False
*Do not use with mailboxEnabled above.
External Address targetAddress Required when mail-enabling a user.

Exchange Attributes

Display Name Attribute Name
(column headers in CSV file)
Example Value
extensionAttribute1 extensionAttribute1  
extensionAttribute2 extensionAttribute2  
extensionAttribute3 extensionAttribute3  
extensionAttribute4 extensionAttribute4  
extensionAttribute5 extensionAttribute5  
extensionAttribute6 extensionAttribute6  
extensionAttribute7 extensionAttribute7  
extensionAttribute8 extensionAttribute8  
extensionAttribute9 extensionAttribute9  
extensionAttribute10 extensionAttribute10  
extensionAttribute11 extensionAttribute11  
extensionAttribute12 extensionAttribute12  
extensionAttribute13 extensionAttribute13  
extensionAttribute14 extensionAttribute14  
extensionAttribute15 extensionAttribute15  

Terminal Services Tab

Display Name Attribute Name
(column headers in CSV file)
Example Value
Profile Path TSProfilePath \\server\profiles\%username%
Home Folder TSHomeFolder \\server\users\%username%;z:
Create Home Folder TSCreateHomeDirectory True or False
Deny Logon TSDenyLogon True or False

Dial-In Tab

Display Name Attribute Name
(column headers in CSV file)
Example Value
Allow Dial-In Access msNPAllowDialin True or False

Remote Control Tab

Display Name Attribute Name
(column headers in CSV file)
Example Value
Remote Control EnableRemoteControl 0 = Disable Remote Control, 1 = Require user’s permission, 2 = Do not require user’s permission, 3 = Require user’s permission, View Only, 4 = Do not require user’s permission, View Only

About thangletoan

Hallo Aloha

Posted on 09/05/2012, in Active Directory AD, Công nghệ và Giáo dục. Bookmark the permalink. 1 Phản hồi.

  1. Hey There. I found your blog using msn. This is an extremely well written article. I will make sure to bookmark it and return to read more of your useful info. Thanks for the post. I will definitely return.

Gửi phản hồi

Mời bạn điền thông tin vào ô dưới đây hoặc kích vào một biểu tượng để đăng nhập:

WordPress.com Logo

Bạn đang bình luận bằng tài khoản WordPress.com Log Out / Thay đổi )

Twitter picture

Bạn đang bình luận bằng tài khoản Twitter Log Out / Thay đổi )

Facebook photo

Bạn đang bình luận bằng tài khoản Facebook Log Out / Thay đổi )

Google+ photo

Bạn đang bình luận bằng tài khoản Google+ Log Out / Thay đổi )

Connecting to %s

%d bloggers like this: