Tek-Tips is the largest IT community on the Internet today!
Members share and learn making Tek-Tips Forums the best source of peer-reviewed technical information on the Internet!
-
Congratulations Chris Miller on being selected by the Tek-Tips community for having the most helpful posts in the forums last week. Way to Go!
Remove Disabled User accounts from AD
- Thread starter Boxalld
- Start date
Disabled Accounts:
Delete an Account:
--------------------------------------------------------------------------------
dm4ever
My philosophy: K.I.S.S - Keep It Simple Stupid
Delete an Account:
--------------------------------------------------------------------------------
dm4ever
My philosophy: K.I.S.S - Keep It Simple Stupid
Here is how I do it:
I hope you find this post helpful.
Regards,
Mark
Check out my scripting solutions at
Work SMARTER not HARDER. The Spider's Parlor's Admin Script Pack is a collection of Administrative scripts designed to make IT Administration easier! Save time, get more work done, get the Admin Script Pack.
Code:
'==========================================================================
'
' NAME: DeleteDisabledUsers.vbs
'
' AUTHOR: Mark D. MacLachlan , The Spider's Parlor
' URL: [URL unfurl="true"]http://www.thespidersparlor.com[/URL]
' DATE : 7/18/2007
' COPYRIGHT (c) 2007 All Rights Reserved
'
' COMMENT:
'
' THIS CODE AND INFORMATION IS PROVIDED "AS IS" WITHOUT WARRANTY OF
' ANY KIND, EITHER EXPRESSED OR IMPLIED, INCLUDING BUT NOT LIMITED To
' THE IMPLIED WARRANTIES OF MERCHANTABILITY AND/OR FITNESS FOR A
' PARTICULAR PURPOSE.
'
' IN NO EVENT SHALL THE SPIDER'S PARLOR AND/OR ITS RESPECTIVE SUPPLIERS
' BE LIABLE FOR ANY SPECIAL, INDIRECT OR CONSEQUENTIAL DAMAGES OR ANY
' DAMAGES WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS,
' WHETHER IN AN ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS
' ACTION, ARISING OUT OF OR IN CONNECTION WITH THE USE OR PERFORMANCE
' OF THIS CODE OR INFORMATION.
'
'==========================================================================
On Error Resume Next
Const ADS_UF_ACCOUNTDISABLE = 2
Set objConnection = CreateObject("ADODB.Connection")
Set oRootDSE = GetObject("LDAP://rootDSE")
strDomain = oRootDSE.Get("DefaultNamingContext")
objConnection.Open "Provider=ADsDSOObject;"
Set objCommand = CreateObject("ADODB.Command")
objCommand.ActiveConnection = objConnection
objCommand.CommandText = _
"<LDAP://" & strDomain & ">;(objectCategory=User)" & _
";userAccountControl,distinguishedName,cn;subtree"
Set objRecordSet = objCommand.Execute
intCounter = 0
Do Until objRecordset.EOF
intUAC=objRecordset.Fields("userAccountControl")
If intUAC AND ADS_UF_ACCOUNTDISABLE Then
'Delete the account
'First check if this is a built-in account and skip if it is
Select Case objRecordset.Fields("cn")
'Add any other accoutns you don't want deleted to the list below
'Seperate by commas.
Case "krbtgt","Guest","SUPPORT_388945a0"
'Do Nothing
Case Else
userDN = objRecordset.Fields("distinguishedName")
userCN = "cn=" & Trim(objRecordset.Fields("cn"))
strOU = Mid(userDN,InStr(1,userDN,",")+1,Len(userDN))
Set objOU = GetObject("LDAP://" & strOU)
If Err.Number <> 0 Then
WScript.Echo Err.Number,Err.Description
Err.Clear
End If
objOU.Delete "user", userCN
If Err.Number <> 0 Then
WScript.Echo userCN,Err.Number,Err.Description
Err.Clear
End If
intCounter = intCounter + 1
End Select
End If
objRecordset.MoveNext
Loop
WScript.Echo VbCrLf & "A total of " & intCounter & " accounts were deleted."
objConnection.CloseI hope you find this post helpful.
Regards,
Mark
Check out my scripting solutions at
Work SMARTER not HARDER. The Spider's Parlor's Admin Script Pack is a collection of Administrative scripts designed to make IT Administration easier! Save time, get more work done, get the Admin Script Pack.
- Status
Similar threads
- Locked
- Question
- Locked
- Question