快速业务通道

利用VBS脚本自动创建计算机帐户的代码

作者 佚名 来源 ASP编程 浏览 发布时间 2013-07-09
mcse注:其实这是按照ADSI(ActiveDirectoryServicesInterface:活动目录服务接口)写的程序。如果你安装了resourcekit,这段代码可以用netcom这条命令进行工作,下面是netcom的一个例子:

  NETDOM/Domain:MYDOMAIN/user:adminuser/password:apasswordMEMBERMYCOMPUTER/ADD

复制代码 代码如下:

  ***********************

  ''*StartScript

  ''***********************

  DimsComputerName,sUserOrGroup,sPath,computerContainer,rootDSE,lFlag

  DimsecDescriptor,dACL,ACE,oComputer,sPwd

  ''

  ''*Declareconstantsusedindefiningthedefaultlocationforthe

  ''*machineaccount,flagstoidentifytheobjectasamachineaccount,

  ''*andsecurityflags

  ''ConstUF_WORKSTATION_TRUST_ACCOUNT=&H1000

  ConstUF_ACCOUNTDISABLE=&H2

  ConstUF_PASSWD_NOTREQD=&H20

  ConstADS_GUID_COMPUTRS_CONTAINER="aa312825768811d1aded00c04fd8d5cd"

  ConstADS_ACETYPE_ACCESS_ALLOWED=0

  ConstADS_ACEFLAG_INHERIT_ACE=2

  ''

  ''*Settheflagsonthisobjecttoidentifyitasamachineaccount

  ''*anddeterminethename.Thenameisusedstaticallyhere,butmay

  ''*bedeterminedbyacommandlineparameterorbyusinganInputBox

  ''lFlag=UF_WORKSTATION_TRUST_ACCOUNTOrUF_ACCOUNTDISABLEOrUF_PASSWD_NOTREQD

  sComputerName="TestAccount"

  ''

  ''*EstablishapathtothecontainerintheActiveDirectorywhere

  ''*themachineaccountwillbecreated.Inthisexample,thiswill

  ''*automaticallylocateadomaincontrollerforthedomain,readthe

  ''*domainname,andbindtothedefault"Computers"container

  ''*********************************************************************

  SetrootDSE=GetObject("LDAP://RootDSE")

  sPath="LDAP://  SetcomputerContainer=GetObject(sPath)

  sPath="LDAP://"&computerContainer.Get("distinguishedName")

  SetcomputerContainer=GetObject(sPath)

  ''''*Here,thecomputeraccountiscreated.Certainattributesmust

  ''*haveavaluebeforecalling.SetInfotocommit(write)theobject

  ''*totheActiveDirectory

  ''SetoComputer=computerContainer.Create("computer","CN="&sComputerName)

  oComputer.Put"samAccountName",sComputerName+"$"

  oComputer.Put"userAccountControl",lFlag

  oComputer.SetInfo

  ''

  ''*Establishadefaultpasswordforthemachineaccount

  ''sPwd=sComputerName&"$"

  sPwd=LCase(sPwd)

  oComputer.SetPasswordsPwd

  ''''*Specifywhichuserorgroupmayactivate/jointhiscomputertothe

  ''*domain.Inthisexample,"MYDOMAIN"isthedomainnameand

  ''*"JoeSmith"istheaccountbeinggiventhepermission.Notethat

  ''*thisisthedownlevelnamingconventionusedinthisexample.

  ''sUserOrGroup="MYDOMAIN\joesmith"

  ''''*BindtotheDiscretionaryACLonthenewlycreatedcomputeraccount

  ''*andcreateanAccessControlEntry(ACE)thatgivesthespecified

  ''*userorgroupfullcontrolonthemachineaccount

  ''SetsecDescriptor=oComputer.Get("ntSecurityDescriptor")

  SetdACL=secDescriptor.DiscretionaryAcl

  SetACE=CreateObject("AccessControlEntry")

  ''

  ''*AnAccessMaskof"-1"grantsFullControl

  ''

  ACE.AccessMask=-1

  ACE.AceType=ADS_ACETYPE_ACCESS_ALLOWED

  ACE.AceFlags=ADS_ACEFLAG_INHERIT_ACE

  ''''*Grantthiscontroltotheuserorgroupspecifiedearlier.

  ''ACE.Trustee=sUserOrGroup

  ''

  ''*Now,addthisACEtotheDACLonthemachineaccount

  ''dACL.AddAceACE

  secDescriptor.DiscretionaryAcl=dACL

  ''

  ''*Commit(write)thesecuritychangestothemachineaccount

  ''oComputer.Put"ntSecurityDescriptor",Array(secDescriptor)

  oComputer.SetInfo

  ''''*Onceallparametersandpermissionshavebeenset,enablethe

  ''*account.

  ''

  oComputer.AccountDisabled=False

  oComputer.SetInfo

  ''''*CreateanAccessControlEntry(ACE)thatgivesthespecifieduser

  ''*orgroupfullcontrolonthemachineaccount

  ''wscript.echo"Thecommandcompletedsuccessfully."

  ''*****************

  ''*EndScript


凌众科技专业提供服务器租用、服务器托管、企业邮局、虚拟主机等服务,公司网站:http://www.lingzhong.cn 为了给广大客户了解更多的技术信息,本技术文章收集来源于网络,凌众科技尊重文章作者的版权,如果有涉及你的版权有必要删除你的文章,请和我们联系。以上信息与文章正文是不可分割的一部分,如果您要转载本文章,请保留以上信息,谢谢!

分享到: 更多

Copyright ©1999-2011 厦门凌众科技有限公司 厦门优通互联科技开发有限公司 All rights reserved

地址(ADD):厦门软件园二期望海路63号701E(东南融通旁) 邮编(ZIP):361008

电话:0592-5908028 传真:0592-5908039 咨询信箱:web@lingzhong.cn 咨询OICQ:173723134

《中华人民共和国增值电信业务经营许可证》闽B2-20100024  ICP备案:闽ICP备05037997号