Platform SDK: Active Directory, ADSI, and Directory Services

User Creation with the ADSI LDAP Provider

With the LDAP provider, you can only create global user account. Local accounts reside in the SAM database and must be created using the WinNT provider.

When you create a user using the WinNT provider in Windows 2000, the new user will be placed in the user container of the domain. You may move this user to an organizational unit any time.

To create a user object, you must at least specify the common name (cn) and samAccountName attributes. When no additional attributes are specified, the user account will be created with the following default properties, in addition to the GUID and SID of the user object.

Property Value
Account Disabled TRUE
Account Never Expires TRUE
CN (common name) Must be specified explicitly.
First Name (givenName) Empty
Full Name Empty
Group Domain User
Last Name (sn) Empty
Password Empty
Password Never Expires FALSE
Profile Empty
SamAccountName Must be specified explicitly.
User Cannot Change Password FALSE
User Must Change Password TRUE
User Principal Name (UPN) Empty

Example Code [Visual Basic]

The following Visual Basic code segment creates a user account with the default attributes as specified above.

Set ou = GetObject("LDAP://OU=PBS,DC=Microsoft,DC=COM")
Set usr = ou.Create("user", "cn=Jeff Smith")
usr.Put "samAccountName", "jsmith"
usr.SetInfo

Example Code [C++]

The following C++ code snippet creates a user account with the default attributes as specified above. For brevity, error checking is omitted.

#include <activeds.h>

int main()
{
   HRESULT hr = CoInitialize(NULL);

   IADsContainer *pCont;
   IADsUser *pUser;

   LPWSTR adsPath = L"LDAP://serv1/CN=Users,dc=Fabrikam,dc=com";
   LPWSTR usrPass = L"adminSecrete";
   LPWSTR usrName = L"Administrator";

   hr = ADsOpenObject(adsPath, 
                      usrName,
                      usrPass,
                      ADS_SECURE_AUTHENTICATION,
                      IID_IADsContainer,
                      (void**)&pCont);

   IDispatch *pDisp;
   hr = pCont->Create(L"user",L"cn=Jeff Smith",&pDisp);
   pCont->Release();

   hr = pDisp->QueryInterface(IID_IADsUser,(void**)&pUser);
   pDisp->Release();

   VARIANT var;
   VariantInit(&var);
   V_BSTR(&var) = L"jsmith";
   V_VT(&var)=VT_BSTR;
   hr = pUser->Put(L"samAccountName",var);

   hr = pUser->SetInfo();

   VariantClear(&var);
   pUser->Release();

   CoUninitialize();

   return 0;
}
Built on Tuesday, February 08, 2000