Re: Query disabled users and delete their memberof associations

Hi guys

I have been testing the following script and it is failing on line <41, 58>
"microsoft vbscript compilation error: Unterminated string constant"

Any ideas?

Also, are you able to sanitise the script itself to see if my logic is
correct?

Much thanks in advance

Cheers
Bry



***********************************************

Option Explicit

Dim objDSE, objConnection, objCommand, objRecordset, i

Set objDSE = GetObject("LDAP://rootDSE";)

Set objConnection = CreateObject("ADODB.Connection")
objConnection.Provider = "ADsDSOObject"
objConnection.Open

Set objCommand = CreateObject("ADODB.Command")
Set objCommand.ActiveConnection = objConnection

objCommand.CommandText = _
"<LDAP://DC=TEST,DC=cp,DC=uk>;" & _

"(&(objectCategory=person)(objectClass=user)(userAccountControl:1.2.840.113556.1.4.803:=2))"


Set objRecordset = objCommand.Execute

i = 0
If Not objRecordset.EOF Then
While Not objRecordset.EOF
i = i + 1
Call ModifyObject(objRecordset.Fields("arrMemberOf"))
objRecordset.MoveNext
Wend
WScript.Echo "Modified " & i & " objects"
Else
WScript.Echo "No objects to modify"
End if

objRecordset.Close
objConnection.Close

Sub ModifyObject(strObjectUser)
Dim objUser

Const ADS_PROPERTY_DELETE = 4
Const E_ADS_PROPERTY_NOT_FOUND = &h8000500D

Set objUser = GetObject("LDAP://"; & strObjectUser"))
arrMemberOf = objUser.GetEx("MemberOf")

If Err.Number = E_ADS_PROPERTY_NOT_FOUND Then
WScript.Echo "No Group Memberships Found"
WScript.Quit

End If

For each group in arrMemberOf
Set objGroup = GetObject("LDAP://"; & Group)
objGroup.PutEx ADS_PROPERTY_DELETE, _
"member", Array("strObjectUser")

objGroup.SetInfo
End Sub

***********************************************

"Joe Richards [MVP]" wrote:

Yep it absolutely does. :)

--
Joe Richards Microsoft MVP Windows Server Directory Services
Author of O'Reilly Active Directory Third Edition
www.joeware.net


---O'Reilly Active Directory Third Edition now available---

http://www.joeware.net/win/ad3e.htm


Paul Williams [MVP] wrote:
Thankfully we don't have multiple domains, which means I can avoid such a
royal PITA! ;-)

We made a concious decision to have one big fat domain, as opposed to four
or five smaller ones. Which is simplifying the design and deployment of a
number of large enterprise apps.


.

Relevant Pages

  • Re: Fresh set of eyes for ADSI problem (User Description)
    ... Set objConnection = CreateObject ... I've been working on a script to enumerate our private drive folders ... Dim objFolder, objSubfolder, colSubfolders ... Dim strdescription, strhomeDirectory, strhomeDrive, objItem, objrootDSE, ...
    (microsoft.public.scripting.vbscript)
  • OWA usage analysis script
    ... For this script, you need an access database with the following fields ... ' From the book Inside Active Directory, ... Set objConnection = CreateObject ...
    (microsoft.public.exchange2000.clients)
  • Re: Check if Active Directory account exists
    ... The key to troubleshooting this script is to remove the "On Error Resume ... Const ForReading = 1 ... Set objConnection = CreateObject ...
    (microsoft.public.scripting.vbscript)
  • Re: I am trying to get the login id from a full name
    ... When I run the script I get this error ... Microsoft VBScript compilation error: Expected end of statement ... 2000 logon name") you can use the NameTranslate object to convert this to ...
    (microsoft.public.scripting.vbscript)
  • Re: Query disabled users and delete their memberof associations
    ... This really is getting beyond my script skillset (but thouroughly enjoyable ... Dim objDSE, objConnection, objCommand, objRecordset, i ... Sub ModifyObject ... WScript.Echo "No Group Memberships Found" ...
    (microsoft.public.windows.server.active_directory)