Problem disabling and deleting AD Account
- From: meridean <chris.john.flynn@xxxxxxxxx>
- Date: Wed, 08 Aug 2007 00:03:39 -0700
Can anyone assist. I am having 2 issues.
Issue 1.
I am trying to disable a User account using the WinNT provider and
also hide the user from the Exchange Address List. (The Checkbox in
Active Directory)
I am also trying to remove the user from all groups except Domain
Users.
Issue 2.
I am trying to delete a user and also multiple users from a file.
(This works but not entirely) The problem I have is I need to
initiate
the deletion of the Exchange Mailbox also. At the moment the AD User
is deleted but not the exchange mailbox. Can anyone assist with this?
Script Code Follows:
<html>
<head>
<title>User Deletion Utility</title>
<HTA:APPLICATION
ID="objDeleteAccount"
APPLICATIONNAME="AccountDeletionScript"
BORDER="thin"
CAPTION="yes"
ICON="SETUP.ICO"
SHOWINTASKBAR="yes"
SCROLL="NO"
SINGLEINSTANCE="yes"
SYSMENU="yes"
WINDOWSTATE="normal"
MAXIMIZEBUTTON="no"
MINIMIZEBUTTON="no"
</head>
<style>
BODY
{
background-color: "#E4EAF6";
font-family: Helvetica;
font-size: 10pt;
color: "#000080";
margin-top: 5%;
margin-left: 5%;
margin-right: 5%;
margin-bottom: 5%;
}
</STYLE>
<SCRIPT Language="VBScript">
'==========================================================================
===========================================================================
===
'Sub to intialise and load the HTA Script Window.
'==========================================================================
===========================================================================
===
sub window_onload
self.focus()
strComputer = "."
Set objWMIService = GetObject("winmgmts:\\" & strComputer &
"\root\cimv2")
Set colItems = objWMIService.ExecQuery("Select * From
Win32_DesktopMonitor")
For Each objItem in colItems
intHorizontal = objItem.ScreenWidth
intVertical = objItem.ScreenHeight
Next
'Msgbox intHorizontal & VBTAB & intVertical
intLeft = (intHorizontal - 600) / 2
intTop = (intVertical - 600) / 2
window.resizeTo 600,600
'window.moveTo intLeft, intTop
txtusername.value = ""
txtreference.value = ""
txtinitials.value = ""
txtinitials.disabled = false
txtreference.disabled = false
txtusername.disabled = false
btnUserOption.disabled = false
btnReset.disabled = false
btnClose.disabled = false
End sub
'==========================================================================
===========================================================================
===
'Sub to load option selected by user to rename and delete user
accounts.
'==========================================================================
===========================================================================
===
Sub btnRunScript_Click
username = txtusername.value
strReference = txtreference.value
AdminUser = txtinitials.value
btnUserOption.disabled = true
btnReset.disabled = false
btnClose.disabled = false
If RadioDisable.Checked = true Then
Call DisableAccount(username,strReference,AdminUser)
ElseIf RadioDelete.Checked = true Then
If AccSingleRadio.Checked Then
Call DeleteAccountAD(username,AdminUser)
AccMultiRadio.Checked = false
AccSingleRadio.Disabled = true
txtusername.disabled = false
ElseIf AccMultiRadio.Checked Then
Call DeleteMultiAccountAD(AdminUser)
AccSingleRadio.Checked = false
AccMultiRadio.Disabled = true
txtusername.disabled = true
txtinitials.disabled = true
txtreference.disabled = true
Else
AccSingleRadio.Checked = false
AccMultiRadio.Checked = false
txtusername.disabled = false
btnUserOption.disabled = false
btnReset.disabled = false
btnClose.disabled = false
Exit Sub
End If
Else
MsgBox "You have not selected any actions, please
select an Action
to perform."
End If
txtusername.value = ""
txtreference.value = ""
txtinitials.value = ""
txtinitials.disabled = false
txtreference.disabled = false
RadioDisable.Checked = false
RadioDelete.Checked = false
AccSingleRadio.Checked = false
AccMultiRadio.Checked = false
AccSingleRadio.Disabled = false
AccMultiRadio.Disabled = false
txtusername.disabled = false
RadioDisable.Disabled = false
RadioDelete.Disabled = false
btnUserOption.disabled = false
btnReset.disabled = false
btnClose.disabled = false
End Sub
'==========================================================================
===========================================================================
===
'Sub to set the format for the dropdown box, and enable the remaining
buttons/Fields.
'==========================================================================
===========================================================================
===
Sub dropdown_click
btnUserOption.disabled = false
btnReset.disabled = false
btnClose.disabled = false
End Sub
'==========================================================================
===========================================================================
===
'Sub to search for the AD account and then disable it using input
from
the Administrator.
'==========================================================================
===========================================================================
===
Sub DisableAccount(username,strReference,AdminUser)
On Error Resume Next
strNTDomain = "Domain"
'***Check to see if the user exists in the domain.
Set objUser = GetObject("WinNT://" & strNTDomain & "/" &
username &
",user")
'***If the User does not exist, exit the Script.
If Err.Number = -2147022675 Then
On Error GoTo 0
MsgBox "The " & username & " account does not exist."
txtusername.Value = ""
btnUserOption.disabled = false
btnReset.disabled = false
btnClose.disabled = false
Exit Sub
End If
'***Disable the user Account in the domain.
objUser.displayname = "Disabled Account - " & now & " - " &
AdminUser
& " - " & strReference
objUser.description = "Disabled Account - " & now & " - " &
AdminUser & " - " & strReference
msExchHideFromAddressLists = true
objUser.SetInfo
objUser.msExchHideFromAddressLists = true
objUser.SetInfo
For Each objGroup In objUser.Groups
If UCase(ObjGroup.Name) <> "DOMAIN USERS" Then
MsgBox objGroup.Name
objGroup.Remove(objUser)
Else
'Do Nothing
End If
Next
objUser.SetInfo
objUser.Accountdisabled = TRUE
objUser.SetInfo
If Err.Number = -2147024891 Then
On Error GoTo 0
MsgBox "You do not have access to modify the account:
" & username &
". Please contact 3rd Line with the Account Details."
txtusername.Value = ""
btnUserOption.disabled = false
btnReset.disabled = false
btnClose.disabled = false
Exit Sub
End If
MsgBox "Account: " & username & " has been disabled."
End Sub
'==========================================================================
===========================================================================
===
'Sub to search for the AD account and then delete it using input from
the Administrator.
'==========================================================================
===========================================================================
===
Sub DeleteAccountAD(username,AdminUser)
On Error Resume Next
'Open connection to AD using LDAP
Set objCommand = CreateObject("ADODB.Command")
Set objConnection = CreateObject("ADODB.Connection")
objConnection.Provider = "ADsDSOObject"
objConnection.Open "Active Directory Provider"
objCommand.ActiveConnection = objConnection
'***Set the ou and gets the Parent ID based on the
username***
strBase = "<LDAP://dc=Domain,dc=local>"
strFilter = "(&(objectCategory=person)(sAMAccountName=" &
username &
"))"
strAttributes =
"sAMAccountName,distinguishedName,Name,AdsPath"
strQuery = strBase & ";" & strFilter & ";" & strAttributes
objCommand.CommandText = strQuery
Set ADSIRecordSet = objCommand.Execute
strName = ADSIRecordSet.Fields("sAMAccountName").Value
If err.number = 3021 then
msgbox "The account could not be found for " &
username & VBTAB &
"Script Run by: " & VBTAB & AdminUser & VBTAB & "on: " & now
set WshShell = CreateObject("WScript.Shell")
WshShell.LogEvent 0, "The account could not be found
for " &
username & VBTAB & "Script Run by: " & VBTAB & AdminUser & VBTAB &
"on: " & Now
'WshShell.LogEvent 0000, "The account could not be
found for " &
username & VBTAB & "Script Run by: " & VBTAB & AdminUser & VBTAB &
"on: " & now
exit sub
end if
strUserName = ADSIRecordSet.Fields("distinguishedName").Value
strAdsPath = ADSIRecordSet.Fields("AdsPath").Value
strusername = strAdsPath
Singlename = "yes"
ParentDn = "Na"
UserCn = "Na"
If instr(strusername,"\,") then Singlename = "No"
If SingleName ="yes" then
Pos1s = InStr(strusername,"CN=")
Pos1e = InStr(strusername,",")
pos1e = pos1e - pos1s
UserCn = ltrim(rtrim(mid(strusername,Pos1s,POs1e)))
Pos2s = InStr((Pos1s+1),strusername,"CN=")
Pos2e = len(strusername)
pos2e = pos2e - (pos2s-1)
ParentDn = ltrim(rtrim(mid(strusername,Pos2s,POs2e)))
Else
Pos1s = InStr(strusername,"CN=")
Pos1e = InStr(strusername,",C")
pos1e = pos1e - pos1s
UserCn = ltrim(rtrim(mid(strusername,Pos1s,POs1e)))
Pos2s = InStr((Pos1s+1),strusername,"CN=")
Pos2e = len(strusername)
pos2e = pos2e - (pos2s-1)
ParentDn = ltrim(rtrim(mid(strusername,Pos2s,POs2e)))
End If
Set ObjOU = GetObject("LDAP://"; & ParentDn)
ObjOU.Delete "User", UserCn
MsgBox "Account: " & username & " has been deleted."
End sub
'==========================================================================
===========================================================================
===
'Sub to search for the AD account and then delete it using input from
a file.
'==========================================================================
===========================================================================
===
Sub DeleteMultiAccountAD(AdminUser)
On Error Resume Next
'Set and Open Excel File
Set objExcel = CreateObject("Excel.Application")
Set objWorkbook = objExcel.Workbooks.Open ("T:\SLA\Delete User Script
\UsersForDeletion.xls")
strErrorLog = "T:\SLA\Delete User Script\DeletionLogFile.txt"
Set objFSO = CreateObject("Scripting.FileSystemObject")
Set objFile = objFSO.OpenTextFile(strErrorLog, 8, True, 0)
intRow = 2
Do Until objExcel.Cells(intRow,1).Value = ""
username = objExcel.Cells(intRow, 1).Value
AdminUser = objExcel.Cells(intRow, 2).Value
strReference = objExcel.Cells(intRow, 3).Value
'#Set Organisational Unit within Active Directory#
'Open connection to AD using LDAP
Set objCommand = CreateObject("ADODB.Command")
Set objConnection = CreateObject("ADODB.Connection")
objConnection.Provider = "ADsDSOObject"
objConnection.Open "Active Directory Provider"
objCommand.ActiveConnection = objConnection
'***Set the ou and gets the Parent ID based on the
username***
strBase = "<LDAP://dc=Domain,dc=local>"
strFilter = "(&(objectCategory=person)(sAMAccountName=" &
username &
"))"
strAttributes =
"sAMAccountName,distinguishedName,Name,AdsPath"
strQuery = strBase & ";" & strFilter & ";" & strAttributes
objCommand.CommandText = strQuery
Set ADSIRecordSet = objCommand.Execute
strName = ADSIRecordSet.Fields("sAMAccountName").Value
strUserName = ADSIRecordSet.Fields("distinguishedName").Value
strAdsPath = ADSIRecordSet.Fields("AdsPath").Value
strusername = strAdsPath
errornumber = err.number
Singlename = "yes"
ParentDn = "Na"
UserCn = "Na"
If instr(strusername,"\,") then Singlename = "No"
If SingleName ="yes" then
Pos1s = InStr(strusername,"CN=")
Pos1e = InStr(strusername,",")
pos1e = pos1e - pos1s
UserCn = ltrim(rtrim(mid(strusername,Pos1s,POs1e)))
Pos2s = InStr((Pos1s+1),strusername,"CN=")
Pos2e = len(strusername)
pos2e = pos2e - (pos2s-1)
ParentDn = ltrim(rtrim(mid(strusername,Pos2s,POs2e)))
Else
Pos1s = InStr(strusername,"CN=")
Pos1e = InStr(strusername,",C")
pos1e = pos1e - pos1s
UserCn = ltrim(rtrim(mid(strusername,Pos1s,POs1e)))
Pos2s = InStr((Pos1s+1),strusername,"CN=")
Pos2e = len(strusername)
pos2e = pos2e - (pos2s-1)
ParentDn = ltrim(rtrim(mid(strusername,Pos2s,POs2e)))
End If
If errornumber = 3021 then
objFile.WriteLine "User NOT found in domain:" & VBTAB
& username &
VBTAB & "Script Run by: " & VBTAB & AdminUser & VBTAB & "on: " & now
&
VBCRLF
set WshShell = CreateObject("WScript.Shell")
WshShell.LogEvent 0, "The account could not be found
for " &
username & VBTAB & "Script Run by: " & VBTAB & AdminUser & VBTAB &
"on: " & Now
Else
Set ObjOU = GetObject("LDAP://"; & ParentDn)
ObjOU.Delete "User", UserCn
objFile.WriteLine username & VBTAB & "Deleted" & VBTAB
& VBTAB &
"Script Run by: " & VBTAB & AdminUser & VBTAB & "on: " & now &
VBCRLF
set WshShell = CreateObject("WScript.Shell")
WshShell.LogEvent 0, username & VBTAB & "Deleted" &
VBTAB & VBTAB &
"Script Run by: " & VBTAB & AdminUser & VBTAB & "on: " & Now
End if
intRow = intRow + 1
Loop
'#Close workbook and quit Excel#
objExcel.ActiveWorkbook.Close
objExcel.Application.Quit
'#Clean up#
Set objExcel = Nothing
Set obj*** = Nothing
Set objUser = Nothing
MsgBox "The Script has Completed. Please refer to the log file for
further information. (" & strErrorLog & ")"
End Sub
'==========================================================================
===========================================================================
===
'Sub to set fields for radio buttons.
'==========================================================================
===========================================================================
===
Sub Disable_Click
RadioDisable.Checked = true
RadioDelete.Checked = false
AccSingleRadio.Checked = false
AccMultiRadio.Checked = false
AccSingleRadio.Disabled = true
AccMultiRadio.Disabled = true
txtusername.disabled = false
txtreference.disabled = false
txtinitials.disabled = false
End Sub
'==========================================================================
===========================================================================
===
'Sub to set fields for radio buttons.
'==========================================================================
===========================================================================
===
Sub Delete_Click
RadioDisable.Checked = false
RadioDelete.Checked = true
AccSingleRadio.Checked = false
AccMultiRadio.Checked = false
AccSingleRadio.Disabled = false
AccMultiRadio.Disabled = false
txtusername.disabled = false
txtreference.disabled = false
txtinitials.disabled = false
End Sub
'==========================================================================
===========================================================================
===
'Sub to set fields for radio buttons.
'==========================================================================
===========================================================================
===
Sub Delete_Single_Click
AccSingleRadio.Checked = true
AccMultiRadio.Checked = false
txtusername.disabled = false
txtreference.disabled = false
txtinitials.disabled = false
End Sub
'==========================================================================
===========================================================================
===
'Sub to set fields for radio buttons.
'==========================================================================
===========================================================================
===
Sub Delete_Multiple_Click
AccSingleRadio.Checked = false
AccMultiRadio.Checked = true
txtusername.disabled = true
txtreference.disabled = true
txtinitials.disabled = true
End Sub
'==========================================================================
===========================================================================
===
'Sub to reset the HTA Script Window
'==========================================================================
===========================================================================
===
sub btnReset_click
txtusername.value = ""
txtreference.value = ""
txtinitials.value = ""
txtinitials.disabled = false
txtreference.disabled = false
AccSingleRadio.Checked = false
AccMultiRadio.Checked = false
RadioDisable.Checked = false
RadioDelete.Checked = false
AccSingleRadio.Disabled = false
AccMultiRadio.Disabled = false
RadioDisable.Disabled = false
RadioDelete.Disabled = false
btnUserOption.disabled = false
btnReset.disabled = false
btnClose.disabled = false
End sub
'==========================================================================
===========================================================================
===
'Sub to close the HTA Script Window
'==========================================================================
===========================================================================
===
Sub window_close
window.parent.close
End Sub
'==========================================================================
===========================================================================
===
'End of VBScript and Begining of Main HTML Code.
'==========================================================================
===========================================================================
===
</SCRIPT>
<body bgColor="000000">
<P ALIGN = center>
<img src="wavylogo.bmp" alt="Domain"></P>
<BR>
<P ALIGN = center><h2 ALIGN = center>
Welcome to the Domain Account Deletion Script</P></h2>
<BR>
<table width="100%" border="0">
<tr><th COLSPAN=2>Please Select the Action type<hr></th></tr>
</table>
<table width="100%" border="1">
<tr><td width="33%" valign="top" border= "black"><input
type="radio"
name="RadioDisable" name="Disable_Accounts"
onclick="Disable_Click">Disable User Accounts<BR>
<td width="33%" valign="top" border= "black"><input
type="radio"
name="RadioDelete" name="Delete_Accounts"
onclick="Delete_Click">Delete User Accounts<BR></td>
</tr>
<table width="100%" border="0">
<tr><th COLSPAN=2>Please Select the deletion type<hr></th></
tr>
</table>
<table width="100%" border="1">
<tr><td width="33%" valign="top" border= "black"><input
type="radio"
name="AccSingleRadio" name="Delete_Single_Account"
onclick="Delete_Single_Click">Single User Account<BR>
<td width="33%" valign="top" border= "black"><input
type="radio"
name="AccMultiRadio" name="Delete_Multiple_Accounts"
onclick="Delete_Multiple_Click">Multiple User Accounts<BR></td>
</tr>
<table width="100%" border="0">
<tr><th COLSPAN=2>Please Enter the Users Information<hr></th></
tr>
</table>
<table width="100%" border="0">
<tr><td>Please enter the AD account username:</td><td><input
type="text" id="txtusername" size="30"></td></tr>
<tr><td>Please enter the request reference number:</
td><td><input
type="text" id="txtreference" size="30"></td></tr>
<tr><td>Please enter your initials:</td><td><input
type="text"
id="txtinitials" size="30"></td></tr>
</table><hr>
<table width="100%" border="0">
<tr><td><P ALIGN = center><input type="button"
id="btnUserOption"
Value="Submit" onclick="btnRunScript_Click"><input type="button"
id="btnReset" Value="Reset" onclick="btnReset_Click"><input
type="button" id="btnClose" Value="Close" onclick="window_Close"></
P></
th></tr>
</table>
</body>
</html>
Many Thanks in advance.
.
- Follow-Ups:
- Re: Problem disabling and deleting AD Account
- From: Al Dunbar
- Re: Problem disabling and deleting AD Account
- Prev by Date: Re: Windows XP Compressed Folder
- Next by Date: Testing for Hidden Files
- Previous by thread: Re: Windows XP Compressed Folder
- Next by thread: Re: Problem disabling and deleting AD Account
- Index(es):
