Create Active Directory Users

This is an example of how to configure a Data Sync project to create AD User accounts and to create a default password.

First you need to prepare your source data, you are looking for a DataSet similar to this.

Data Set

Once you connect to your target Active Directory you need to configure Account Name and Logon Name with the below properties under the AD properties collection:

ReadOnly=False
TryParseValue=False

Connect

In order to create the AD Users you will need to set the SchemaClassName to User, the SchemaItemFormat uses this format string to create the Distinguished Name in your Active Directory from the source data.

Schema Map

Next configure the Schema Map, to map the values to your AD. You will need something unique to identify the records. In this example I am using the Email address.

Key Column

If you run this now it will create the AD User accounts with a default configuration. You can use the Project Automation Item Events to complete the configuration of each individual account after they are created by implementing the AfterAddItem method. For example enable Project Automation from View->Project Automation then use the code below with the AfterAddItem method. This code unlocks the account sets the password to never expire and sets a default password.

    public override void AfterAddItem(object sender, DataCompareItemInvariant item, object identity)
{        
        Trace.WriteLine("AfterAddItem->{0}", identity); 
        
        using(var entry = DataSourceB.GetDirectoryEntry(identity)) 
        {                        
            var uac = (int entry.Properties["userAccountControl"].Value;            
            uac = uac | 0x10000; //Password never Expires</span>
            uac = uac &amp; ~0x2; //Unlocked
            
            entry.Properties["userAccountControl"].Value = uac;
            entry.Invoke("SetPassword", "!password123");
            entry.Properties["pwdLastSet"].Value = -1;            
            entry.CommitChanges();            
        }        
    }

The call to GetDirectoryEntry on the DataSourceB returns a .NET Directory Entry object. You can then call this as you would normally with .NET code.


Can't find the answers you're looking for? Contact our support team and we'll personally get back to you as quickly as we can.