Re: Query disabled users and delete their memberof associations
- From: bryan <bryan@xxxxxxxxxxxxxxxxxxxxxxxxx>
- Date: Fri, 25 May 2007 01:59:01 -0700
Hi Joe
First of all, apologies for delay in getting back to you - I have only just
got back to check this query.
I shall give it a try and let you know how it goes.
Many many thanks for your reply.
Kind rgds
Bry
"Joe Richards [MVP]" wrote:
This issue is likely the quote character in the line.
Set objUser = GetObject("LDAP://"; & strObjectUser"))
just before the last set of parens.
--
Joe Richards Microsoft MVP Windows Server Directory Services
Author of O'Reilly Active Directory Third Edition
www.joeware.net
---O'Reilly Active Directory Third Edition now available---
http://www.joeware.net/win/ad3e.htm
bryan wrote:
Hi guys
I have been testing the following script and it is failing on line <41, 58>
"microsoft vbscript compilation error: Unterminated string constant"
Any ideas?
Also, are you able to sanitise the script itself to see if my logic is
correct?
Much thanks in advance
Cheers
Bry
***********************************************
Option Explicit
Dim objDSE, objConnection, objCommand, objRecordset, i
Set objDSE = GetObject("LDAP://rootDSE";)
Set objConnection = CreateObject("ADODB.Connection")
objConnection.Provider = "ADsDSOObject"
objConnection.Open
Set objCommand = CreateObject("ADODB.Command")
Set objCommand.ActiveConnection = objConnection
objCommand.CommandText = _
"<LDAP://DC=TEST,DC=cp,DC=uk>;" & _
"(&(objectCategory=person)(objectClass=user)(userAccountControl:1.2.840.113556.1.4.803:=2))"
Set objRecordset = objCommand.Execute
i = 0
If Not objRecordset.EOF Then
While Not objRecordset.EOF
i = i + 1
Call ModifyObject(objRecordset.Fields("arrMemberOf"))
objRecordset.MoveNext
Wend
WScript.Echo "Modified " & i & " objects"
Else
WScript.Echo "No objects to modify"
End if
objRecordset.Close
objConnection.Close
Sub ModifyObject(strObjectUser)
Dim objUser
Const ADS_PROPERTY_DELETE = 4
Const E_ADS_PROPERTY_NOT_FOUND = &h8000500D
Set objUser = GetObject("LDAP://"; & strObjectUser"))
arrMemberOf = objUser.GetEx("MemberOf")
If Err.Number = E_ADS_PROPERTY_NOT_FOUND Then
WScript.Echo "No Group Memberships Found"
WScript.Quit
End If
For each group in arrMemberOf
Set objGroup = GetObject("LDAP://"; & Group)
objGroup.PutEx ADS_PROPERTY_DELETE, _
"member", Array("strObjectUser")
objGroup.SetInfo
End Sub
***********************************************
"Joe Richards [MVP]" wrote:
Yep it absolutely does. :)
--
Joe Richards Microsoft MVP Windows Server Directory Services
Author of O'Reilly Active Directory Third Edition
www.joeware.net
---O'Reilly Active Directory Third Edition now available---
http://www.joeware.net/win/ad3e.htm
Paul Williams [MVP] wrote:
Thankfully we don't have multiple domains, which means I can avoid such a
royal PITA! ;-)
We made a concious decision to have one big fat domain, as opposed to four
or five smaller ones. Which is simplifying the design and deployment of a
number of large enterprise apps.
- Prev by Date: Re: Event 1374
- Next by Date: Re: How to deny some properties of ADUC
- Previous by thread: Re: Event 1374
- Next by thread: Permissions Chart ?? or web site ??
- Index(es):
Relevant Pages
|
