Asked by:
LCSEnableConfigureUsers.wsf

Question
-
I'm trying to enable a whole bunch of users for OCS 2007 at once. I would like to enable users that are part of a certain group. Not an antire OU. In the reskit I found LCSEnableConfigureUsers.wsf for this. However when I run the tool I get the following error:
Please check file with users - make sure SIP address is valid
User cannot be SIP enabled with a valid Primary URI
I'm confused here. Is it not the whole point of enabling users for OCS that they get a SIP address as well? What am I missing here.
We run OCS 2007 in a Win2k3 environment with exchange 2003
Kind Regards,
Cyriel
Wednesday, July 23, 2008 2:33 PM
All replies
-
Cyriel,
I think the issue might be with the entries in your usersFile. Could you share your usersFile is possible?
Wednesday, July 23, 2008 11:48 PM -
Your user file should look something like this:
sip:joe.bloggs@voicelab.org.uk
sip
ave.banthorpe@voicelab.org.uk
-Dave
Thursday, July 24, 2008 9:47 AM -
I've blogged don another way to do this in which you can easily specify the exact scope of accounts: http://blogs.pointbridge.com/Blogs/schertz_jeff/Pages/Post.aspx?_ID=29
Tuesday, July 29, 2008 2:53 AMModerator -
Indeed there was a mistake in the usersfile. So now I'm able to enable users in a specific OU. The next step is that I want to enable people in a specific group. It gives me the same error as before. Below the entry in my users file:
DN:CN=mygroup,OU=OU1, OU=OU2, DC=Mydomain, DC=com
Any suggestions are welcome.
The blogpost is actually also very helpfull.
Cyriel
Monday, August 4, 2008 8:09 AM -
What did the userfile look like? I'm trying to input a list of individual users (not all users in an OU) and need to figure out how to do it. The user's e-mail address will be their SIP addres.Thursday, February 19, 2009 8:05 PM
-
I have the same problem. My usersfile.txt looks exactly like the 2 entries below. Hopefully you can help.
DN:CN=Users,DC=meb,DC=org##(cn=*)
GROUP:CN=Domain Users,CN=Users,DC=meb,DC=orgI'm not really sure why I need both lines but, these lines by themselves aren't working either? I would ultimately like to periodically run this script to ensure all users in the "Domain Users" group are enabled.
Monday, March 30, 2009 9:37 PM -
If you've published the user's e-mail address in AD and are planning on having the SIP address = the e-mail address, in the Usersfile, have everything start with "email:" and then use their e-mail addresses. I was able to do this in our lab and everything works perfectly.
- Edited by Sick Freak Thursday, April 9, 2009 3:49 PM
Thursday, April 2, 2009 11:36 PM -
This works great! What about if I wanted to enable many users at a time? Can I do it by group? Say enable everyone in the "Domain Users" group?Wednesday, April 8, 2009 5:23 PM
-
Actually, it works great if the user has been enabled before. When trying to enable a user for the first time, I get the following error: “User cannot be enabled for OCS as one of the required properties (UserDN or HomeServerDN/PoolName) is missing”. My users.txt file looks like this:
email:davegee@meb.org
My output file looks like this:
Microsoft (R) Windows Script Host Version 5.6
Copyright (C) Microsoft Corporation 1996-2001. All rights reserved.
@------------------------------------------------------------
@ Text file with Users: users.txt
@ Text file with User Configration: globalconfig.txt
@------------------------------------------------------------
@------------------------------------------------------------
@ Configuring user sip:davegee@meb.org
@------------------------------------------------------------
User sip:davegee@meb.org
Since user has NOT been previously SIP enabled, creating...
[-] User cannot be enabled for OCS as one of the required properties (UserDN or HomeServerDN/PoolName) is missing
Thursday, April 9, 2009 4:26 PM -
Multiple questions, multiple answers... :)
- Can you enable many users at one time? Yes
- If you want to be specific about each and every user - not every user in an OU - in the Usersfile, just add an individual "email:user@domain.com" entry for each person on separate lines.
- If you want to do it by an OU, or multiple OUs, just put a "dn:OU=OCSUsers,OU=OurUsers,DC=department,DC=company,DC=com" entry per OU - this will enable every person in that OU.
- Can you do enable users by group?
- If you're talking about an OU, see above.
- If you're talking about a security group, according to the docs, you do it very similar to above: "dn:CN=OCSUserGroup,CN=Users,DC=department,DC=company,DC=com" - I have tried this, but not been able to get it to work.
- Can you enable everyone in the domain?
- To my knowledge, it can't be done at a domain level (it's always failed for me in the lab,) but you can do an ADUC search for all users - select all, right-click and run the the enable / configure wizards.
Thursday, April 9, 2009 4:29 PM - Can you enable many users at one time? Yes
-
Unfortunately, despite all the great information above I am still having issues using lcsenableconfigureuser.wsf trying to enable just ONE user.
For my user file I've tried:
email:username@domain.comwhich returns "User cannot be enabled for OCS as one of the required properties (UserDN or HomeServerDN/PoolName) is missing"
Next I tried:
DN:CN=username,OU=Users,OU=Acme,DC=US,DC=East,DC=domain,DC=comwhich returns "Please check file with users - make sure SIP address is valid. User cannot be SIP enabled with a valid Primary URI"
Then I tried:
DN:OU=Users,OU=Acme,DC=US,,DC=East,DC=domain,DC=com##(SamAccountName=username)
which returns the same error as the second above.My config file is:
Enabled:==true
PoolName:==pool01.us.east.domain.com
EnabledForFederation:==false
EnabledForInternetAccess:==false
PublicNetworkEnabled:==false
RemoteCallControlTelephonyEnabled:==false
ArchiveInternalCommunications:==false
ArchiveFederatedCommunications:==false
AllowOrganizeMeetingWithAnonymousParticipants:==false
MeetingPolicy:==Policy 5 (Low)
EnabledForEnhancedPresence:==false
IPPBXSoftPhoneRoutingEnabled:==false
UCEnabled:==falseI've not worked with wmi scripts before so any help is greatly appreciated.
Thanks!
JThursday, April 16, 2009 2:53 PM -
In my lab, where my account has all privileges, the script runs absolutely perfectly - I can enable/configure any number of users using the script.
Unfortunately, in production where my account doesn't have all the same privileges, I run into the exact same problem and just haven't taken the time to resolve it yet. Now, if a user is already enabled, the script does go through and configure the users without a problem, but if the user isn't configured, then I get the “User cannot be enabled for OCS as one of the required properties (UserDN or HomeServerDN/PoolName) is missing” message as well. I have not yet gone to the Enterprise Admins to see if they can run the script yet, but my hypothesis is that it's a permissions issue.
Tuesday, April 21, 2009 3:52 PM -
I'm having the exact same problem. I don't think it's a permissions issue though because I'm using a domain admin account that has all privileges (the same account I used to do the schema, forest, domian prep and the actual OCS server app install) with no issues. There's gotta be a better way to auto enable new user accounts? Maybe there is in R2?Thursday, April 30, 2009 4:33 PM
-
We didn't get it working and I was using a domain admin account as well. We decided to go with a custom script (I'll post it once they're finished with it) but you might take a look at Jeff Schertz's solution posted above.
Alternative: I understand powershell is a good way to enable batches of users, although I haven't used it myself. Here is a post I found on using powershell.http://www.powergui.org/thread.jspa?messageID=14068&tstart=0
Friday, May 1, 2009 1:49 PM -
Jeff Schertz's solution is probably great but, it's way over my head. I'm not familiar with powershell either but, I would appreciate you posting the solution that you end up using.
thxTuesday, May 5, 2009 6:25 PM