I was given the task this week (or at least pressure to get it done finally) of assigning home folders to the 500 users in my Active Directory. I didn’t have any sort of budget to throw at the task, so purchasing a tool to help me was right out. That left me with 3 options:
- Do all the edits by hand.
- Writing a script that would pull all the users from selected OU’s and change the info.
- Find a free or at least open-source tool to help me accomplish the task.
This time last month, I had to add an extra email address to all 500 accounts. At that point I was tired from a lot of long days in a row and not feeling like learning anything new so I did it all by hand. BIG MISTAKE. 500 email addresses took me about 4 hours to do and I hated every minute of it.
The idea of scripting the process is highly intriguing to me. In fact, it seems like a really good idea. The down sides are that A) I’m still not very good at WMI scripting and this would be my first daliance with ADSI, B) I didn’t have a lot of time to monkey with learning it, and C) if I was going to do it, I wanted it done right.
One of the major objectives in our restructuring is allowing the other members of the tech staff to begin dealing with account creating/deletion/changes/resets. I have much stronger reservations about giving the staff direct access to edit items in AD than my boss does, because I’m the one that’s going to have to rebuild it all and find all the missing data. We’re building up to having a central IT Department server that’s a software repository and general resource cache. The way I figure it, once I learn the scripting a bit better, I can create a website for this server that’ll allow the techs to do specific tasks (and not muck anything else up).
The upshot of all of this is that I spent a day looking for free interfaces to help me along. I looked at Apollo AD, but it just didn’t feel right and wasn’t designed to do what I needed. To my surprise, the guys at M$ have written a tool that helps do exactly this sort of thing. The best part? It’s free!
Welcome to ADModify.NET. (The links have changed a few times, so I won’t include it here. Use Google or search TechNet for it.)
It takes a little practice to get real comfortable with the way this thing works.
- It doesn’t update the directory tree unless you specifically ask it to.
- You can only select users by selecting an OU if it’s set to display all those users in the directory tree.
- Once you add them to the list, you have to select them again to take action on them.
- After it performs the edits, the program quits. You have to restart the entire program to make another set of edits.
