Automating User Mailbox Creation
The trick to creating Exchange 2000 user mailboxes via scripting is in the CDOEXM libraries.
- By Bill Boswell
- October 21, 2003
Bill: Is there a way to create a mail-enabled user account
in Windows 2000 with a VB script. I wrote a script that creates the account,
places the account in the right OU, creates an e-mail address and places
the user in the right group. I can't figure out the mail-enable part.
There must be a way to do this all in one script.
—Eric
Eric: I'm going to assume that you're using Exchange 2000
since you used the expression "mail-enable" the user. I'm also
going to assume that you mean "mailbox-enable" the user rather
than just assigning an SMTP address to the account.
Get
Help from Bill |
Got a Windows or Exchange question or need troubleshooting
help? Or maybe you want a better explanation than provided
in the manuals? Describe your dilemma in an e-mail
to Bill at mailto:[email protected];
the best questions get answered in this column.
When you send your questions, please include your
full first and last name, location, certifications (if
any) with your message. (If you prefer to remain anonymous,
specify this in your message but submit the requested
information for verification purposes.)
|
|
|
The trick to creating a user mailbox is to run your code on a machine
with the Exchange admin tools installed so you can get access to the CDOEXM
libraries. You can run the script on an Exchange server or you can install
the Exchange tools on your workstation. Then, all you need to do is add
a few lines to your script that define the mailbox server for the user
and to create the mailbox.
You'll need to know the Distinguished Name of the mailbox store. The
simplest way to get this is to copy the HomeMDB attribute of an existing
mailbox-enabled user as long as the new users you create will use the
same mailbox server. Dump the attributes of an existing user using the
LDP browser from the Support Tools or use LDIFDE with the following syntax:
ldifde -d cn=existinguser,ou=someou,dc=domain,dc=root
-f con
The -f con directs the output to the console. Here's an example for a
user
called Tom Hanks in the standard Users container in a domain called
Company.com:
ldifde -d "cn=tom hanks,cn=users,dc=company,dc=com"
-f con
Here's an example of the listing:
HomeMDB: "CN=Mailbox Store (W2K3-EX1), _
CN=First Storage Group," & _
"CN=InformationStore,CN=w2k3-EX1,CN=Servers, _
CN=Phoenix," & _
"CN=Administrative Groups,CN=company, _
CN=Microsoft Exchange," & _
"CN=Services,CN=Configuration,DC=company,DC=com"
You said that your script already created the user account, but just
for the sake of example, here's some quick ADSI code that creates a new
user object in Active Directory under the default Users container:
userName = "Tom Hanks"
tempPassword = "Green$Mile"
splitName = Split(userName, " ")
firstName = lcase(splitName(0))
lastName = lcase(splitName(1))
logonName = left(firstName,1) & lastName
upnName = LogonName & UPNDomain
Set RootDSE = GetObject("LDAP://RootDSE")
domainDN = RootDSE.Get("DefaultNamingContext")
Set userContainer = GetObject("LDAP://cn=users," & _
domainDN)
set newUser = userContainer.Create("user", "cn="
& _
userName)
newUser.SamAccountName = logonName
newUser.SetInfo
newUser.FirstName = firstName
newUser.LastName = lastName
newuser.DisplayName = userName
newUser.Description = "Test User"
newUser.AccountDisabled = FALSE
newUser.SetPassword(tempPassword)
newUser.SetInfo
Okay, here's where we create the user's mailbox. The trick here is remembering
that VBScript doesn't know diddly about an ADSI object or a CDOEXM object,
so you can create a new instance of the ADSI object and use it with a
CDOEXM method call and it all "just works." Here's the code:
MBXStoreDN = "CN=Mailbox Store (W2K3-EX1), _
CN=First Storage Group," & _
"CN=InformationStore,CN=w2k3-EX1,
CN=Servers,CN=Phoenix," & _
"CN=Administrative Groups,CN=company, _
CN=Microsoft Exchange," & _
"CN=Services,CN=Configuration,DC=company,DC=com"
Set exchUser = newUser
ExchUser.CreateMailbox MBXStoreDN
ExchUser.SetInfo
At this point, wait a little bit for the Recipient Update Service to
apply
the SMTP address onto the user and you're ready to send mail to the account.
You can check the attributes in Active Directory Users and Computers.
Let me know how this works for you...
About the Author
Contributing Editor Bill Boswell, MCSE, is the principal of Bill Boswell Consulting, Inc. He's the author of Inside Windows Server 2003 and Learning Exchange Server 2003 both from Addison Wesley. Bill is also Redmond magazine's "Windows Insider" columnist and a speaker at MCP Magazine's TechMentor Conferences.