Directory Services

User Creation with the ADSI LDAP Provider

With the ADSI LDAP provider, you can only create a global user account. Local accounts reside in the SAM database and must be created using the WinNT provider. For more information about creating a user object with the WinNT provider, see WinNT User Object.

To create a user object

  1. Bind to the container where the user object will reside and obtain either the IADsContainer or IDirectoryObject interface for the container.
  2. Use the IADsContainer.Create or IDirectoryObject::CreateDSObject method to create the user object.
  3. The minimum attributes required to create a user object will depend on the directory service used. For more information about creating an Active Directory user, see Creating a User.
  4. If the IADsContainer interface is used, the new object is not actually created until the IADs.SetInfo method is called.

    If the IDirectoryObject interface is used, the new object is created when the CreateDSObject method is called. The minimum attributes, including the objectClass, must be specified in the ADS_ATTR_INFO array passed to the CreateDSObject method.

Example Code [Visual Basic]

The following code example creates a user account with the default attributes.

Dim ou As IADs
Dim usr as IADsUser

On Error GoTo Cleanup

Set ou = GetObject("LDAP://OU=Finance,DC=Fabrikam,DC=COM")
Set usr = ou.Create("user", "cn=Jeff Smith")
usr.Put "samAccountName", "jeffsmith"

   If (Err.Number <> 0) Then
	MsgBox ("An error has occurred. " &  Err.Number)
   End If
   Set ou = Nothing
   Set usr = Nothing

Example Code [C++]

The following code example creates a user account with the default attributes. For brevity, error checking is omitted.

#include <activeds.h>

int main()
   HRESULT hr = CoInitialize(NULL);

   IADsContainer *pCont;
   IADsUser *pUser;

   LPWSTR adsPath = L"LDAP://serv1/CN=Users,dc=Fabrikam,dc=com";
   LPWSTR usrPass = NULL;
   LPWSTR usrName = NULL;

   // Add code to securely get the username and password or leave
   // as NULL to use the current security context.

   hr = ADsOpenObject(adsPath, 

   IDispatch *pDisp;
   hr = pCont->Create(CComBSTR("user"), CComBSTR("cn=Jeff Smith"), &pDisp);

   hr = pDisp->QueryInterface(IID_IADsUser,(void**)&pUser);

   VARIANT var;
   V_BSTR(&var) = L"jeffsmith";
   hr = pUser->Put(CComBSTR("samAccountName"), var);

   hr = pUser->SetInfo();



   return 0;