The IADsUser interface is a dual interface that inherits from IADs. It is designed to represent and manage an end-user account on a network. Call the methods of this interface to access and manipulate end-user account data. Such data includes names of the user, telephone numbers, job title, and so on. This interface supports features for determining the group association of the user, and for setting or changing the password.
To bind to a domain user through a WinNT provider, use the domain name as part of the ADsPath, as shown in the following code example.
Similarly, use the computer name as part of the ADsPath to bind to a local user.
In Active Directory, domain users reside in the directory. The following code example shows how to bind to a domain user through an LDAP provider.
However, local accounts reside in the local SAM database and the LDAP provider does not communicate with the local database. Thus, to bind to a local user, you must go through a WinNT provider as described in the second code example.
The IADsUser interface has these methods.
|IADsUser::ChangePassword||Changes the user password from the specified old value to a new value.|
|IADsUser::Groups||Obtains a collection of the ADSI group objects to which this user belongs.|
|IADsUser::SetPassword||Sets the user password to a specified value.|
As with any other ADSI object, the container object creates a Windows user account object. First, bind to a container object. Then, call the IADsContainer::Create method and specify mandatory or optional attributes.
With WinNT, you do not have to specify any additional attributes when creating a user. You may call the IADsContainer::Create method to create the user object directly.
Dim dom As IADsContainer Dim usr As IADsUser On Error GoTo Cleanup Set dom = GetObject("WinNT://MyDomain") Set usr = dom.Create("user","jeffsmith") usr.SetInfo Cleanup: If(Err.Number<>0) Then MsgBox("An error has occurred. " & Err.Number) End If Set mach = Nothing Set usr = Nothing
In this case, a domain user is created with the following default values.
|Full Name||SAM Account Name (such as jeffsmith)|
|User Must Change Password||TRUE|
|User Cannot Change Password||FALSE|
|Password Never Expires||FALSE|
|Account Never Expires||TRUE|
To create a local user, bind to a target computer, as shown in the following code example.
Dim mach As IADsContainer Dim usr as IADsUser On Error GoTo Cleanup Set mach = GetObject("WinNT://MyMachine,Computer") Set usr = mach.Create("user","jeffsmith") usr.SetInfo Cleanup: If(Err.Number<>0) Then MsgBox("An error has occurred. " & Err.Number) End If Set mach = Nothing Set usr = Nothing
The newly created local user will have the same default properties as the domain user. The group membership, however, will be "users", instead of "domain user".
|Minimum supported client||Windows Vista|
|Minimum supported server||Windows Server 2008|