Script for Modifying Active Directory Accounts

[yellowartist]

I am writing a script that will enumerate members of Group1 and put their requested AD properties into a spreadsheet. The script will then bind to each user from that spreadsheet and make the requested modifications.

I am having problems with making some of the modifications.
Problems:
1. It will cycle through the first person and make the requested changes, when it gets to the second one I get an error saying access denied. I have full permissions to all the OU's so I know it is not because of the object residing in an OU I do not have permissions to.

2. When I try to rename the accounts I get an error saying "(null): There is a naming violation. "
I can get it to work with a lab AD and not pulling from a spreadsheet but cannot get it to work in our production AD pulling from a spreadsheet.

3. I am also having problems getting my error capturing to work. I am not getting a error log like I would like.

Any assistance is greatly appreciated! Thanks.

Option Explicit
on error resume Next
Dim objGroup, objuser, objExcel, iRow, strUser, iCol
Dim strExcelPath, objApp, strGroupName, objSheet
Dim StrDay, StrYear, StrMonth
DIM UID, PWD, LDAPPATH, objou
Dim Strgrpkst, strCN, StrSAM, StrDN
Dim StrUPN, StrDisplay, StrDate, STRou, obj
Dim strLogErrorText, strErrorFile
Dim fso2, fsoFile2, objfso
Dim StrSN, StrGN, StrName

'Constants for passing Credentials
Const ADS_SECURE_AUTHENTICATION = 1
Const ADS_USE_ENCRYPTION = 2
'Constant for modifing an array
Const ADS_PROPERTY_APPEND = 3

'Prompt for userid
UID = InputBox("User Name with domain prefix (domain\admcn):")

'Prompt for password
PWD = InputBox("Please enter your password:")


Dim LDAP 'As IADsOpenDSObject 
Set LDAP = GetObject("LDAP:") 
Set obj = LDAP.OpenDSObject(LDAPPATH, uid, pwd, _
ADS_SECURE_AUTHENTICATION)

if err.number<>0 Then 
    wscript.echo "Error connecting to AD " & err.number, err.description
    err.Clear
    Wscript.Quit(0)
End If

'String for date mmddyy
StrMonth = Month(Date)
StrYear = Right(Year(Date),2)
StrDay = Day(Date)

CreateWorkLog
WScript.Sleep (1500)
ModifyAcct
WScript.Sleep (1500)
Sub CreateWorkLog()
	
	'Path to create spreadsheet
	strExcelPath = "i:\" & StrMonth & StrDay & StrYear & "_" & "work_Log" & ".xls" 
	LDAPPATH = "LDAP://CN=group,OU=Groups,OU=KBS,DC=mydomain,DC=com"
	'KST Group to not disable accounts or reset passwords
	Strgrpkst = "LDAP://CN=Group2,OU=Groups,OU=KBS,DC=mydomain,DC=com"	
	' Create a new Excel File
	Set objExcel = CreateObject("Excel.Application")
		' Create a new workbook.
	objExcel.Workbooks.Add
		' Bind to worksheet.
	Set objSheet = objExcel.ActiveWorkbook.Worksheets(1)
	objSheet.Name = "Work_Log"
		' Populate spreadsheet cells with user attributes.
		'Group to pull members from GG_ES_ACCT_ADMIN
	Set objGroup = GetObject(LDAPPATH)
		If err.number<>0 Then 
	    	WScript.Echo "Error connecting to" & LDAPPATH
	    End If
	Set objExcel = CreateObject("Excel.Application")
	With objExcel
	  .SheetsInNewWorkbook = 1
	  .Workbooks.Add
	  .Visible = False
	   iRow=1
	   
	'Bind to the user and pull the following information
	For Each strUser in objGroup.Member
	    Set objuser =  GetObject("LDAP://" & strUser)
	    StrSN = (objuser.sn)
	    StrGN = (objuser.givenName)
	    StrDN = (objuser.distinguishedName)
	    StrName = ("CN=" & StrSN & "\, " & StrGN & ",")
	    STRou = Replace(StrDN, StrName, "") 
	    
	    .Cells(irow,1) = (objUser.CN)
	    .Cells(irow,2) = (objUser.sAMAccountName)
	    .Cells(irow,3) = (objUser.distinguishedName)
	    .Cells(irow,4) = (objUser.homeDirectory)
	    .Cells(iRow,5) = (objUser.homeMDB)
	    .Cells(iRow,6) = (objuser.mailNickname)
	    .Cells(iRow,7) = (Join(objUser.proxyAddresses))
	    .Cells(iRow,8) = (Join(objUser.memberof))
	    .Cells(iRow,9) = (objuser.ExtensionAttribute1)
	    .Cells(iRow,10) = (objuser.ExtensionAttribute5)
	    .Cells(iRow,11) = (objuser.msExchHomeServerName)
	    .Cells(iRow,12) = (objuser.legacyExchangeDN)
	    .Cells(iRow,13) = (objuser.userPrincipalName)
	    .Cells(iRow,14) = (objuser.DisplayName)
	    .Cells(iRow,15) = (objuser.sn)
	    .Cells(iRow,16) = (objuser.givenName)
	    .Cells(iRow,17) = STRou
	    
	   irow=irow + 1
	Next
	End With
		If err.number<>0 Then 
	    	WriteErrorLog "Error connecting to" & strUser   
		End If
	 
	' Save the spreadsheet, close the workbook and exit.
	objExcel.ActiveWorkbook.SaveAs strExcelPath
	objExcel.ActiveWorkbook.Close
	objExcel.Application.Quit
	'WScript.Echo "Spreadsheet Created"
		' If err.number<>0 Then 
	'     	WScript.Echo "Error saving " & strExcelPath
	'     End If
End Sub


Sub ModifyAcct()
'String for date mmddyy
StrMonth = Month(Date)
StrYear = Right(Year(Date),2)
StrDay = Day(Date)

wscript.echo "start script"
 
strExcelPath = "i:\" & StrMonth & StrDay & StrYear & "_" & "work_Log" & ".xls" 

' Open the Excel spreadsheet
Set objExcel = CreateObject("Excel.Application")
Set objSpread = objExcel.Workbooks.Open(strExcelPath)
intRow = 1 

' Here is the 'DO...Loop' that cycles through the cells
' Note intRow, x must correspond to the column in strSheet
'This part marks the accounts for deletion.
Do Until objExcel.Cells(intRow,1).Value = ""
	strCN = Trim(objExcel.Cells(intRow, 1).Value)
	StrSAM = Trim(objExcel.Cells(intRow, 2).Value)
    StrDN = Trim(objExcel.Cells(intRow, 3).Value)
    StrUPN = Trim(objExcel.Cells(intRow, 13).Value)
    StrDisplay = Trim(objExcel.Cells(intRow, 14).Value)
    STRou = Trim(objExcel.Cells(intRow, 17).Value)
    strougroup = "CN=Group3,OU=Groups,OU=KBS,DC=mydomain,DC=com"
    StrNewCN = (StrMonth & "/" & StrDay & "/" & StrYear & " " & strdisplay)
    WScript.Echo STRou
          
   Set objUser = GetObject("LDAP://" & strdn)
'Wscript.echo "LDAP://" & StrDN
		objUser.Put "sAMAccountName", ("1" & strSam)
		objUser.Put "DisplayName", StrNewCN
		objUser.Put "userPrincipalName", ("1" & strUPN)
		objUser.Put "extensionAttribute5", "EXEMPT"
		objuser.setinfo
	If err.number <> 0 Then 
		WriteErrorlog "Unable to modify " & strCN
	End If

'If user is not In the GG_ES_ACCT_ADMIN_KST then reset password and disable account
	If objGroup <> Strgrpkst Then
	'If Objuser.memberof <> Strgrpkst  Then
    	objUser.SetPassword "i5A2sj*!"
		objUser.userAccountControl = 514
		objuser.setInfo
	If err.number <> 0 Then 
		WriteErrorlog "Unable to disable " & strCN
	End If
	End If
'Hide From GAL
   objuser.put "msExchHideFromAddressLists", True
   objuser.setInfo
		If err.number <> 0 Then 
			WriteErrorlog "Unable to hide from GAL " & strCN
		End If
'Mailbox restrictions
    Objuser. putEX ADS_PROPERTY_UPDATE, "authOrig", Array("CN=*DL EMail Team,OU=Distribution Lists,OU=location,OU=_ADC,DC=mydomain,DC=com")
    objuser.SetInfo
		If err.number <> 0 Then 
			WriteErrorlog "Unable to modify " & strCN
		End If

' '  Add (str)User to (str)Group
' Set objUser = GetObject("LDAP://"& strdn)
' Set objGroup = GetObject("LDAP://"& strOUGroup)
' objGroup.add(objUser.ADsPath)
' 		If err.number <> 0 Then 
' 			WriteErrorLog "Unable to modify " & strCN
' 		End If
LSTROU = ("LDAP://" & StrOU)
WScript.Echo lstrou
'Rename Account
set objOU = getobject(LSTROU)
WScript.Echo (objuser.Adspath & " OU = " & STRou)
objOU.MoveHere objuser.Adspath,("CN=" & StrNewCN)
	If err.number <> 0 Then 
		WriteErrorLog "Unable to modify " & strCN
	End If
' Increment to next user.
intRow = intRow + 1
Loop

Wscript.Echo "Done"
objExcel.Quit 
WScript.Quit
End Sub

Sub RenameAcct()
'String for date mmddyy
StrMonth = Month(Date)
StrYear = Right(Year(Date),2)
StrDay = Day(Date)

wscript.echo "start script"
 
strExcelPath = "i:\" & StrMonth & StrDay & StrYear & "_" & "work_Log" & ".xls" 

' Open the Excel spreadsheet
Set objExcel = CreateObject("Excel.Application")
Set objSpread = objExcel.Workbooks.Open(strExcelPath)
intRow = 1 

' Here is the 'DO...Loop' that cycles through the cells
' Note intRow, x must correspond to the column in strSheet
'This part marks the accounts for deletion.
Do Until objExcel.Cells(intRow,1).Value = ""
	strCN = Trim(objExcel.Cells(intRow, 1).Value)
	StrSAM = Trim(objExcel.Cells(intRow, 2).Value)
    StrDN = Trim(objExcel.Cells(intRow, 3).Value)
    StrUPN = Trim(objExcel.Cells(intRow, 13).Value)
    StrDisplay = Trim(objExcel.Cells(intRow, 14).Value)
    STRou = Trim(objExcel.Cells(intRow, 17).Value)
    strougroup = "CN=GG_KBS_ES,OU=Groups,OU=KBS,DC=mydomain,DC=com"
    StrNewCN = (StrMonth & "/" & StrDay & "/" & StrYear & " " & strdisplay)
    WScript.Echo STRou
          
LSTROU = ("LDAP://" & StrOU)

'Rename Account
Set objOU = getobject(LSTROU)
objOU.MoveHere ("LDAP://" & StrDN),("CN=" & StrNewCN)
	If err.number <> 0 Then 
		WriteErrorLog "Unable to modify " & strCN
	End If
' Increment to next user.
intRow = intRow + 1
Loop

Wscript.Echo "Done"
objExcel.Quit 
WScript.Quit
end Sub



'************************************************************************************************
' Error Logging
'************************************************************************************************
'write log information to file

sub WriteErrorLog(strLogErrorText)
	strErrorFile = "I:\ErrorFile.txt" 
	ErrorLogCount = ErrorLogCount + 1

	set fso2 = CreateObject("scripting.FileSystemObject")
	Set fsoFile2 = fso2.OpenTextFile(strErrorFile, fsoForAppending, true)
	fsoFile2.WriteLine strLogErrorText
	fsoFile2.Close
end Sub


' Delete error log file before next pass
Sub DeleteErrorLog()
		set objfso = CreateObject("Scripting.FileSystemObject")
	If objFSO.FileExists(strErrorFile) Then
		objFSO.DeleteFile(strErrorFile)
	End If
End Sub

 

[tsuji]

[1] LDAPPATH is not set before calling createworklog. How is it going to work in the first place?

[2] The error control scheme is all wrong.
[2.1] The resume next directive in the main will not extend to the sub/function. Hence, in every of your sub/function, you have to insert the directive independent.
[2.2] Without such insertion, what happens? Once error is raised in the sub/function, the sub/function will immediately return to the main or caller. Hence, all the subsequent statements will not be executed. (Debugging consequence: have you checked the logging data to the spread sheet is properly created? I bet not.)
[2.3] Once the resume next directive is properly inserted into the sub/function, and since you control the err.number at specific places - and that's fine - and that you want the subsequent statements being executed, you have to clear the err in the err control block (ie, within the if err.number<>0 then ... end if block. Otherwise, err will not clear itself and your err log will be populated every time the loop is executed. It is not because you place the if err.number<>0 then... end if block wrong. (see [3]).

[3] In the createworklog(), you place the err control block after the loop, that is incorrect. strUser will then only be the last user's strUser if err ever occurs.
[tt]
'... sub createworklog...
'etc etc...
.Cells(iRow,17) = STRou
[blue]'move up to here[/blue]
[blue] If err.number<>0 Then
WriteErrorLog "Error connecting to" & strUser
[/blue]err.clear[/red][blue]
End If[/blue]
irow=irow + 1
Next
End With
[red]'[/red]If err.number<>0 Then
[red]'[/red]WriteErrorLog "Error connecting to" & strUser
[red]'[/red]End If
[/tt]
[4] Without all those corrected, there is not much sense to further debug from the incorrect error logs or whatever.

 

[yellowartist]

I have made some changes, I have looked at that Spreadsheet file it is creating and it looks good. There are occassionally blanks like on the home drive field if they don't have a home drive. This hadn't caused a problem before.

I am making it through the first loop on SUB ModifyAcct, and then it hits the "Wscript.echo strou" and it gets stuck in a loop right there. The first account continues to get modified, but the other accounts do not.

I am still very new to scripting so any help is appreciated.

Option Explicit
On Error Resume Next
Dim objGroup, objuser, objExcel, iRow, strUser, iCol
Dim strExcelPath, objApp, strGroupName, objSheet
Dim StrDay, StrYear, StrMonth
DIM UID, PWD, LDAPPATH, objou
Dim Strgrpkst, strCN, StrSAM, StrDN
Dim StrUPN, StrDisplay, StrDate, STRou, obj
Dim strLogErrorText, strErrorFile
Dim fso2, fsoFile2, objfso
Dim StrSN, StrGN, StrName

'Constants for passing Credentials
Const ADS_SECURE_AUTHENTICATION = 1
Const ADS_USE_ENCRYPTION = 2
'Constant for modifing an array
Const ADS_PROPERTY_APPEND = 3

LDAPPATH = "LDAP://CN=GROUP1,OU=Groups,OU=CO,DC=Mydomain,DC=com"
'KST Group to not disable accounts or reset passwords
Strgrpkst = "LDAP://CN=GROUP2,OU=Groups,OU=CO,DC=Mydomain,DC=com"	
'strExcelPath = "i:\" & StrMonth & StrDay & StrYear & "_" & "work_Log" & ".xls" 

'Prompt for userid
UID = InputBox("User Name with domain prefix (koch\admcn):")

'Prompt for password
PWD = InputBox("Please enter your password:")


Dim LDAP 'As IADsOpenDSObject 
Set LDAP = GetObject("LDAP:") 
Set obj = LDAP.OpenDSObject(LDAPPATH, uid, pwd, _
ADS_SECURE_AUTHENTICATION)

if err.number<>0 Then 
    wscript.echo "Error connecting to AD " & err.number, err.description
    err.Clear
    Wscript.Quit(0)
End If

'String for date mmddyy
StrMonth = Month(Date)
StrYear = Right(Year(Date),2)
StrDay = Day(Date)

CreateWorkLog
WScript.Sleep (1500)
ModifyAcct
WScript.Sleep (1500)

Sub CreateWorkLog()
On Error Resume Next
strExcelPath = "i:\" & StrMonth & StrDay & StrYear & "_" & "work_Log" & ".xls" 
	
		' Create a new Excel File
	Set objExcel = CreateObject("Excel.Application")
		' Create a new workbook.
	objExcel.Workbooks.Add
		' Bind to worksheet.
	Set objSheet = objExcel.ActiveWorkbook.Worksheets(1)
	objSheet.Name = "Work_Log"
		' Populate spreadsheet cells with user attributes.
		'Group to pull members from GROUP1
	Set objGroup = GetObject(LDAPPATH)
		If err.number<>0 Then 
	    	WScript.Echo "Error connecting to" & LDAPPATH
	    End If
	Set objExcel = CreateObject("Excel.Application")
	With objExcel
	  .SheetsInNewWorkbook = 1
	  .Workbooks.Add
	  .Visible = False
	   iRow=1
	   
	'Bind to the user and pull the following information
	For Each strUser in objGroup.Member
	    Set objuser =  GetObject("LDAP://" & strUser)
	    StrSN = (objuser.sn)
	    StrGN = (objuser.givenName)
	    StrDN = (objuser.distinguishedName)
	    StrName = ("CN=" & StrSN & "\, " & StrGN & ",")
	    STRou = Replace(StrDN, StrName, "") 
	    
	    .Cells(irow,1) = (objUser.CN)
	    .Cells(irow,2) = (objUser.sAMAccountName)
	    .Cells(irow,3) = (objUser.distinguishedName)
	    .Cells(irow,4) = (objUser.homeDirectory)
	    .Cells(iRow,5) = (objUser.homeMDB)
	    .Cells(iRow,6) = (objuser.mailNickname)
	    .Cells(iRow,7) = (Join(objUser.proxyAddresses))
	    .Cells(iRow,8) = (Join(objUser.memberof))
	    .Cells(iRow,9) = (objuser.ExtensionAttribute1)
	    .Cells(iRow,10) = (objuser.ExtensionAttribute5)
	    .Cells(iRow,11) = (objuser.msExchHomeServerName)
	    .Cells(iRow,12) = (objuser.legacyExchangeDN)
	    .Cells(iRow,13) = (objuser.userPrincipalName)
	    .Cells(iRow,14) = (objuser.DisplayName)
	    .Cells(iRow,15) = (objuser.sn)
	    .Cells(iRow,16) = (objuser.givenName)
	    .Cells(iRow,17) = STRou
			If err.number<>0 Then 
		    	WriteErrorLog "Error connecting to" & strUser   
		    	Err.clear
			End If	    
	   irow=irow + 1
	Next
	End With
		If err.number<>0 Then 
	    	WriteErrorLog "Error connecting to" & strUser  
	    	Err.clear 
		End If
	 
	' Save the spreadsheet, close the workbook and exit.
	objExcel.ActiveWorkbook.SaveAs strExcelPath
	objExcel.ActiveWorkbook.Close
	objExcel.Application.Quit
	'WScript.Echo "Spreadsheet Created"
		' If err.number<>0 Then 
	'     	WScript.Echo "Error saving " & strExcelPath
	'     End If
	'calls next script
End Sub


Sub ModifyAcct()
On Error Resume Next
strExcelPath = "i:\" & StrMonth & StrDay & StrYear & "_" & "work_Log" & ".xls" 
wscript.echo "start script"
 
' Open the Excel spreadsheet
Set objExcel = CreateObject("Excel.Application")
Set objSpread = objExcel.Workbooks.Open(strExcelPath)
intRow = 1 

' Here is the 'DO...Loop' that cycles through the cells
' Note intRow, x must correspond to the column in strSheet
'This part marks the accounts for deletion.
Do Until objExcel.Cells(intRow,1).Value = ""
	strCN = Trim(objExcel.Cells(intRow, 1).Value)
	StrSAM = Trim(objExcel.Cells(intRow, 2).Value)
    StrDN = Trim(objExcel.Cells(intRow, 3).Value)
    StrUPN = Trim(objExcel.Cells(intRow, 13).Value)
    StrDisplay = Trim(objExcel.Cells(intRow, 14).Value)
    STRou = Trim(objExcel.Cells(intRow, 17).Value)
    strougroup = "CN=GROUP3,OU=Groups,OU=CO,DC=Mydomain,DC=com"
    StrNewCN = (StrMonth & "/" & StrDay & "/" & StrYear & " " & strdisplay)
    WScript.Echo STRou
          
   Set objUser = GetObject("LDAP://" & strdn)
'Wscript.echo "LDAP://" & StrDN
		objUser.Put "sAMAccountName", ("1" & strSam)
		objUser.Put "DisplayName", StrNewCN
		objUser.Put "userPrincipalName", ("1" & strUPN)
		objUser.Put "extensionAttribute5", "EXEMPT"
		objuser.setinfo
	If err.number <> 0 Then 
		WriteErrorlog "Unable to modify " & strCN
		Err.clear
	End If

'If user is not In the GROUP2 then reset password and disable account
	If objGroup <> Strgrpkst Then
	'If Objuser.memberof <> Strgrpkst  Then
    	objUser.SetPassword "i5A2sj*!"
		objUser.userAccountControl = 514
		objuser.setInfo
	If err.number <> 0 Then 
		WriteErrorlog "Unable to disable " & strCN
		Err.clear
	End If
	End If
'Hide From GAL
   objuser.put "msExchHideFromAddressLists", True
   objuser.setInfo
		If err.number <> 0 Then 
			WriteErrorlog "Unable to hide from GAL " & strCN
			Err.clear
		End If
'Mailbox restrictions
    Objuser. putEX ADS_PROPERTY_UPDATE, "authOrig", Array("CN=*DL EMail Team,OU=Distribution Lists,OU=location,OU=_ADC,DC=Mydomain,DC=com")
    objuser.SetInfo
		If err.number <> 0 Then 
			WriteErrorlog "Unable to modify " & strCN
			Err.clear
		End If

'  Add (str)User to (str)Group
Set objUser = GetObject("LDAP://"& strdn)
Set objGroup = GetObject("LDAP://"& strOUGroup)
objGroup.add(objUser.ADsPath)
		If err.number <> 0 Then 
			WriteErrorLog "Unable to modify " & strCN
			Err.Clear
		End If
' LSTROU = ("LDAP://" & StrOU)
' WScript.Echo lstrou
' 'Rename Account
' set objOU = getobject(LSTROU)
' WScript.Echo (objuser.Adspath & " OU = " & STRou)
' objOU.MoveHere objuser.Adspath,("CN=" & StrNewCN)
' 	If err.number <> 0 Then 
' 		WriteErrorLog "Unable to modify " & strCN
' 		Err.clear
' 	End If

' Increment to next user.
intRow = intRow + 1
Loop

Wscript.Echo "Done"
objExcel.Quit 
WScript.Quit
End Sub

Sub RenameAcct()
On Error Resume Next
strExcelPath = "i:\" & StrMonth & StrDay & StrYear & "_" & "work_Log" & ".xls" 
wscript.echo "start rename"
 
' Open the Excel spreadsheet
Set objExcel = CreateObject("Excel.Application")
Set objSpread = objExcel.Workbooks.Open(strExcelPath)
intRow = 1 

' Here is the 'DO...Loop' that cycles through the cells
' Note intRow, x must correspond to the column in strSheet
'This part marks the accounts for deletion.
Do Until objExcel.Cells(intRow,1).Value = ""
	strCN = Trim(objExcel.Cells(intRow, 1).Value)
	StrSAM = Trim(objExcel.Cells(intRow, 2).Value)
    StrDN = Trim(objExcel.Cells(intRow, 3).Value)
    StrUPN = Trim(objExcel.Cells(intRow, 13).Value)
    StrDisplay = Trim(objExcel.Cells(intRow, 14).Value)
    STRou = Trim(objExcel.Cells(intRow, 17).Value)
    strougroup = "CN=GROUP3,OU=Groups,OU=CO,DC=Mydomain,DC=com"
    StrNewCN = (StrMonth & "/" & StrDay & "/" & StrYear & " " & strdisplay)
    WScript.Echo STRou
          
LSTROU = ("LDAP://" & StrOU)

'Rename Account
Set objOU = getobject(LSTROU)
objOU.MoveHere ("LDAP://" & StrDN),("CN=" & StrNewCN)
	If err.number <> 0 Then 
		WriteErrorLog "Unable to modify " & strCN
		Err.clear
	End If
' Increment to next user.
intRow = intRow + 1
Loop

Wscript.Echo "Done"
objExcel.Quit 
WScript.Quit
end Sub



'************************************************************************************************
' Error Logging
'************************************************************************************************
'write log information to file

sub WriteErrorLog(strLogErrorText)
	strErrorFile = "I:\ErrorFile.txt" 
	ErrorLogCount = ErrorLogCount + 1

	set fso2 = CreateObject("scripting.FileSystemObject")
	Set fsoFile2 = fso2.OpenTextFile(strErrorFile, fsoForAppending, true)
	fsoFile2.WriteLine strLogErrorText
	fsoFile2.Close
end Sub


' Delete error log file before next pass
Sub DeleteErrorLog()
		set objfso = CreateObject("Scripting.FileSystemObject")
	If objFSO.FileExists(strErrorFile) Then
		objFSO.DeleteFile(strErrorFile)
	End If
End Sub

 

[yellowartist]

One more thing I have noticed is that it is starting a row 2 and working down from there. It completely skips row 1. Row 3 is empty.

 

[tsuji]

[4] I look at it roughly. I only pick this point as a start. Inside the modifyacct() you have this line.
> If objGroup <> Strgrpkst Then
[4.1] objGroup is supposed to be an object whereas strgrpkst is a string. How can it ever be equal, inspit of how the vbs engine treat the inequality operation here.
[4.1] You define objGroup somewhere below in the modifyacct(), but at the first execution, what is the objGroup? Well, the script engine will find it and it is not nothing. It is established somewhere in the createworklog() where you'll find it. It is the group of distinguished name LDAP variable. So for the first execution, it is not the objGroup (group3) somewhere below the conditional block. Lesson [a]: be careful of the scope of variable. If you don't dim it in a sub, it will get global; lesson establish the variable before doing comparison; lesson [c] if you want to compare it with string, do you thing it's got a reasonable chance to succeed? (use strougroup in its place!?) Also strgroupkst is again a global variable established in the main. It all ends up with a soup of global variables borne at random places. No.
[4.2] And then in the main, there is an obj. The obj itself is the objGroup in createworklog()... eventually when it comes to modifyacct, objgroup after the first execution becomes objgroup for group3. Does it sound confusing? No, don't produce a script like that. (I am the least dogmatic, still, I find it ill-advised.)

[5] In createworklog, I don't see the reason why objexcel is going to be created and recreated...

[6] If you spend 21 days to finish a 21-day type book on vbs and start anew the script the 22nd day, you will finish it by 25th day. It will save you more time than forcing the thing from day 1.