SISTEMAS OPERATIVOS 2

Dsadd
Agrega tipos de objetos especficos al directorio.
Dsadd es una herramienta de lnea de comandos que est integrada en Windows Server
2008. Est disponible si tiene instalada la funcin de servidor de servicios de dominio
de Active Directory (AD DS). Para utilizar dsadd, debe ejecutar el comando dsadd
desde un smbolo del sistema con privilegios elevados. Para abrir un smbolo del
sistema con privilegios elevados, haga clic en Inicio, haga clic en smbolo del sistemay,
a continuacin, haga clic en Ejecutar como administrador.

Comandos
Comando -Descripcin

Dsadd computer -Agrega un solo equipo en el directorio.

Dsadd contact -Agrega un contacto al directorio.
Dsadd group -Agrega un grupo en el directorio.
Dsadd ou -Agrega una unidad organizativa al directorio.
Dsadd user -Agrega un usuario al directorio.
Dsadd quota -Agrega una especificacin de cuota a una particin de directorio.

Creacin de usuarios con dsadd

Dsadd es una herramienta de la lnea de comandos que sirve para agregar objetos
al directorio activo. Para utilizar estas herramientas debemos instalar support tools
que est en el CD de Windows Server 2008 en la ruta support\tools\suptools.msi.
Esta utilidad permite agregar usuarios al directorio incluso con la cuenta activada y
con contrasea. Por ejemplo:
c>dsadd user "CN=IVAN, OU=SISTEMAS, DC=MARTINEZ, DC=LOCAL" -pwd
pro1@mador -disabled no
Ejemplo:
Esto nos va a aadir el usuario Ivan a la unidad organizativa Sistemas del dominio
martinez.local y la cuenta estar habilitada con la contrasea puesta en el
parmetro -pwd. Por defecto, si no se especifica el parmetro -disabled, la cuenta
estar deshabilitada.
PARAMETROS DE DSADD

Docente:Mg Ivan Martinez Moran Consultor en Infraestructura Tecnologica

SISTEMAS OPERATIVOS 2

dsadd user DNUsuario [-samid nombreSAM] [-upn UPN] [-fn nombre] [-mi inicial] [ln apellidos][-display nombreDescriptivo] [-empid idEmpleado] [-pwd {contrasea *}]
[-desc descripcin] [-memberof grupo ...] [-office oficina] [-tel nmeroDeTelfono] [email correoElectrnico] [-hometel nmeroDeTelfonoParticular] [-pager
nmeroDeLocalizador] [-mobile nmeroDeTelfonoMvil] [-fax nmeroDeFax] [iptel nmeroDeTelfonoIP] [-webpg pginaWeb] [-title cargo] [-dept departamento]
[-company compaa] [-mgr director] [-hmdir directorioPrincipal] [-hmdrv
letraDeUnidad:][-profile rutaDeAccesoDePerfil] [loscrrutaDeAccesoDeSecuenciaDeComandos] [-mustchpwd {yesno}] [-canchpwd
{yes no}] [-reversiblepwd {yes no}] [-pwdneverexpires {yes no}] [-acctexpires
nmeroDeDas] [-disabled {yes o}] [{-s servidor -d dominio}] [-u nombreDeUsuario]
[-p {contrasea
*}] [-q] [{-uc -uco -uci}]

Parameters

Parameter

<UserDN>

Description

Required. Specifies the distinguished name of the user that you

want to add. If you omit the distinguished name, dsadd takes
the name from standard input (stdin).

Specifies the Security Accounts Manager (SAM) name as the

unique SAM account name for this user, for example, Linda. If
-samid <SAMName> you do not specify the SAM name, dsadd attempts to create the
SAM account name by using up to the first 20 characters from
the common name (CN) value of UserDN.
-upn <UPN>

Specifies the user principal name of the user that you want to
add, for example, Linda@widgets.contoso.com.

-fn <FirstName>

Specifies the first name of the user that you want to add.

-mi <Initial>

Specifies the middle initial of the user that you want to add.

-ln <LastName>

Specifies the last name of the user that you want to add.

-display
<DisplayName>

Specifies the display name of the user that you want to add.

-empid <EmployeeID> Specifies the employee ID of the user that you want to add.
Specifies that the password for the user be set to Password or
-pwd {<Password>| *} an asterisk (*). If you set the password to *, dsadd prompts you
for a user password.

Docente:Mg Ivan Martinez Moran Consultor en Infraestructura Tecnologica

SISTEMAS OPERATIVOS 2

-desc <Description>

Specifies the description of the user that you want to add.

-memberof
<GroupDN>

Specifies the distinguished names of the groups of which you

want the user to be a member.

-office <Office>

Specifies the office location of the user that you want to add.

-tel <PhoneNumbe>r

Specifies the telephone number of the user that you want to

add.

-email <Email>

Specifies the e-mail address of the user that you want to add.

-hometel
Specifies the home telephone number of the user that you want
<HomePhoneNumber> to add.
-pager <PagerNumber> Specifies the pager number of the user that you want to add.
-mobile
<CellPhoneNumber>

Specifies the cell phone number of the user that you want to
add.

-fax <FaxNumber>

Specifies the fax number of the user that you want to add.

-iptel
<IPPhoneNumber>

Specifies the IP phone number of the user that you want to add.

-webpg <WebPage>

Specifies the Web page URL of the user that you want to add.

-title <Title>

Specifies the title of the user that you want to add.

-dept <Department>

Specifies the department of the user that you want to add.

-company <Company>

Specifies the company information of the user that you want to

add.

-mgr <ManagerDN>

Specifies the distinguished name of the manager of the user that

you want to add.

-hmdir
<HomeDirectory>

Specifies the home directory location of the user that you want
to add. If you specify HomeDirectory as a Universal Naming
Convention (UNC) path, then you must specify a drive letter
for dsadd to map to this path using the -hmdrv parameter.

-hmdrv <DriveLetter> :

Specifies the home directory drive letter (for example, E:) of

the user that you want to add.

-profile <ProfilePath> Specifies the profile path of the user that you want to add.

Docente:Mg Ivan Martinez Moran Consultor en Infraestructura Tecnologica

SISTEMAS OPERATIVOS 2

-loscr <ScriptPath>

Specifies the logon script path of the user that you want to add.

Specifies whether users must change their passwords when they

-mustchpwd {yes | no} next log on. The available values are yes and no. By default,
users do not have to change their passwords (no).

-canchpwd {yes | no}

Specifies whether users can change their passwords. The

available values are yes and no. By default, users can change
their passwords (yes). The value of this parameter must be yes
if the value of the -mustchpwd parameter is yes.

-reversiblepwd {yes |
no}

Specifies whether to store user passwords using reversible

encryption. The available values are yes and no. By default,
users cannot use reversible encryption (no).

Specifies whether the user password never expires. The

-pwdneverexpires {yes
available values are yes and no. By default, user passwords
| no}
expire (no).

-acctexpires
<NumberOfDays>

Specifies the number of days from today that the user account
will expire. A value of 0 sets expiration at the end of today. A
positive value sets expiration in the future. A negative value
sets expiration in the past. The value never sets the account to
never expire. For example, a value of 0 implies that the account
expires at the end of today. A value of -5 implies that the
account has already expired 5 days ago and sets an expiration
date in the past. A value of 5 sets the account expiration date for
5 days in the future.
Specifies whether dsadd disables the user account for logon.
The available values are yes or no. For example, the following
command creates a Nicolettep user account in an enabled state:

-disabled {yes | no}

dsadd user
CN=Nicolettep,CN=Users,DC=Widgets,DC=Contoso,DC=Com
-pwd Password1 -disabled no

By default, the user account is disabled for log on (yes). For

example, the following command creates a Nathanp user
account in a disabled state:
dsadd user
CN=Nathanp,CN=Users,DC=Widgets,DC=Contoso,DC=Com

{-s <Server> | -d
<Domain>}
-u <UserName>

Connects to a specified remote server or domain. By default,

the computer is connected to the domain controller in the logon
domain.
Specifies the user name with which the user logs on to a remote
server. By default, -u uses the user name with which the user

Docente:Mg Ivan Martinez Moran Consultor en Infraestructura Tecnologica

SISTEMAS OPERATIVOS 2

logged on. You can use any of the following formats to specify
a user name:

user name (for example, Linda)

domain\user name (for example, widgets\Linda)

user principal name (UPN) (for example,

Linda@widgets.contoso.com)

-p {<Password> | *}

Specifies to use either a password or a * to log on to a remote

server. If you type *, you are prompted for a password.

-q

Suppresses all output to standard output (quiet mode).

Specifies that output or input data is formatted in Unicode. The
following list explains each format.

-uc: Specifies a Unicode format for input from or

output to a pipe (|).

-uco : Specifies a Unicode format for output to a

pipe (|) or a file.

-uci: Specifies a Unicode format for input from a

pipe (|) or a file.

{-uc | -uco | -uci}

/?

Displays help at the command prompt.

Se pueden aadir otros objetos como: Computer, OU o Group. Con un poco de

ingenio para aadir masivamente usuarios

Docente:Mg Ivan Martinez Moran Consultor en Infraestructura Tecnologica