Re: Problem disabling and deleting AD Account

---

• From: "Al Dunbar" <AlanDrub@xxxxxxxxxxxxxxxxxxx>
• Date: Mon, 13 Aug 2007 18:30:44 -0600

---

If you want help with your scripts, I'd suggest you post them, and explain
exactly what they are failing to do.

/Al

"meridean" <chris.john.flynn@xxxxxxxxx> wrote in message
news:1186556619.248077.101580@xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx
Can anyone assist. I am having 2 issues.

Issue 1.
I am trying to disable a User account using the WinNT provider and
also hide the user from the Exchange Address List. (The Checkbox in
Active Directory)
I am also trying to remove the user from all groups except Domain
Users.


Issue 2.
I am trying to delete a user and also multiple users from a file.
(This works but not entirely) The problem I have is I need to
initiate
the deletion of the Exchange Mailbox also. At the moment the AD User
is deleted but not the exchange mailbox. Can anyone assist with this?


Script Code Follows:


<html>
<head>
<title>User Deletion Utility</title>
<HTA:APPLICATION
ID="objDeleteAccount"
APPLICATIONNAME="AccountDeletionScript"
BORDER="thin"
CAPTION="yes"
ICON="SETUP.ICO"
SHOWINTASKBAR="yes"
SCROLL="NO"
SINGLEINSTANCE="yes"
SYSMENU="yes"
WINDOWSTATE="normal"
MAXIMIZEBUTTON="no"
MINIMIZEBUTTON="no"




</head>
<style>
BODY
{
background-color: "#E4EAF6";
font-family: Helvetica;
font-size: 10pt;
color: "#000080";
margin-top: 5%;
margin-left: 5%;
margin-right: 5%;
margin-bottom: 5%;

}


</STYLE>
<SCRIPT Language="VBScript">
'==========================================================================­
===========================================================================­
===
'Sub to intialise and load the HTA Script Window.
'==========================================================================­
===========================================================================­
===
sub window_onload

self.focus()
strComputer = "."
Set objWMIService = GetObject("winmgmts:\\" & strComputer &
"\root\cimv2")
Set colItems = objWMIService.ExecQuery("Select * From
Win32_DesktopMonitor")
For Each objItem in colItems
intHorizontal = objItem.ScreenWidth
intVertical = objItem.ScreenHeight
Next
'Msgbox intHorizontal & VBTAB & intVertical
intLeft = (intHorizontal - 600) / 2
intTop = (intVertical - 600) / 2
window.resizeTo 600,600
'window.moveTo intLeft, intTop


txtusername.value = ""
txtreference.value = ""
txtinitials.value = ""
txtinitials.disabled = false
txtreference.disabled = false
txtusername.disabled = false
btnUserOption.disabled = false
btnReset.disabled = false
btnClose.disabled = false


End sub
'==========================================================================­
===========================================================================­
===
'Sub to load option selected by user to rename and delete user
accounts.
'==========================================================================­
===========================================================================­
===
Sub btnRunScript_Click


username = txtusername.value
strReference = txtreference.value
AdminUser = txtinitials.value
btnUserOption.disabled = true
btnReset.disabled = false
btnClose.disabled = false


If RadioDisable.Checked = true Then
Call DisableAccount(username,strReference,AdminUser)
ElseIf RadioDelete.Checked = true Then
If AccSingleRadio.Checked Then
Call DeleteAccountAD(username,AdminUser)
AccMultiRadio.Checked = false
AccSingleRadio.Disabled = true
txtusername.disabled = false
ElseIf AccMultiRadio.Checked Then
Call DeleteMultiAccountAD(AdminUser)
AccSingleRadio.Checked = false
AccMultiRadio.Disabled = true
txtusername.disabled = true
txtinitials.disabled = true
txtreference.disabled = true
Else
AccSingleRadio.Checked = false
AccMultiRadio.Checked = false
txtusername.disabled = false
btnUserOption.disabled = false
btnReset.disabled = false
btnClose.disabled = false
Exit Sub
End If
Else
MsgBox "You have not selected any actions, please
select an Action
to perform."
End If


txtusername.value = ""
txtreference.value = ""
txtinitials.value = ""
txtinitials.disabled = false
txtreference.disabled = false
RadioDisable.Checked = false
RadioDelete.Checked = false
AccSingleRadio.Checked = false
AccMultiRadio.Checked = false
AccSingleRadio.Disabled = false
AccMultiRadio.Disabled = false
txtusername.disabled = false
RadioDisable.Disabled = false
RadioDelete.Disabled = false
btnUserOption.disabled = false
btnReset.disabled = false
btnClose.disabled = false


End Sub
'==========================================================================­
===========================================================================­
===
'Sub to set the format for the dropdown box, and enable the remaining
buttons/Fields.
'==========================================================================­
===========================================================================­
===
Sub dropdown_click


btnUserOption.disabled = false
btnReset.disabled = false
btnClose.disabled = false


End Sub
'==========================================================================­
===========================================================================­
===
'Sub to search for the AD account and then disable it using input
from
the Administrator.
'==========================================================================­
===========================================================================­
===
Sub DisableAccount(username,strReference,AdminUser)


On Error Resume Next


strNTDomain = "Domain"


'***Check to see if the user exists in the domain.
Set objUser = GetObject("WinNT://" & strNTDomain & "/" &
username &
",user")
'***If the User does not exist, exit the Script.
If Err.Number = -2147022675 Then
On Error GoTo 0
MsgBox "The " & username & " account does not exist."
txtusername.Value = ""
btnUserOption.disabled = false
btnReset.disabled = false
btnClose.disabled = false
Exit Sub
End If


'***Disable the user Account in the domain.
objUser.displayname = "Disabled Account - " & now & " - " &
AdminUser
& " - " & strReference
objUser.description = "Disabled Account - " & now & " - " &
AdminUser & " - " & strReference
msExchHideFromAddressLists = true
objUser.SetInfo
objUser.msExchHideFromAddressLists = true
objUser.SetInfo


For Each objGroup In objUser.Groups


If UCase(ObjGroup.Name) <> "DOMAIN USERS" Then
MsgBox objGroup.Name
objGroup.Remove(objUser)
Else
'Do Nothing
End If
Next


objUser.SetInfo
objUser.Accountdisabled = TRUE
objUser.SetInfo


If Err.Number = -2147024891 Then
On Error GoTo 0
MsgBox "You do not have access to modify the account:
" & username &
". Please contact 3rd Line with the Account Details."
txtusername.Value = ""
btnUserOption.disabled = false
btnReset.disabled = false
btnClose.disabled = false
Exit Sub
End If


MsgBox "Account: " & username & " has been disabled."


End Sub
'==========================================================================­
===========================================================================­
===
'Sub to search for the AD account and then delete it using input from
the Administrator.
'==========================================================================­
===========================================================================­
===
Sub DeleteAccountAD(username,AdminUser)
On Error Resume Next


'Open connection to AD using LDAP
Set objCommand = CreateObject("ADODB.Command")
Set objConnection = CreateObject("ADODB.Connection")
objConnection.Provider = "ADsDSOObject"
objConnection.Open "Active Directory Provider"
objCommand.ActiveConnection = objConnection


'***Set the ou and gets the Parent ID based on the
username***


strBase = "<LDAP://dc=Domain,dc=local>"


strFilter = "(&(objectCategory=person)(sAMAccountName=" &
username &
"))"
strAttributes =
"sAMAccountName,distinguishedName,Name,AdsPath"
strQuery = strBase & ";" & strFilter & ";" & strAttributes
objCommand.CommandText = strQuery
Set ADSIRecordSet = objCommand.Execute


strName = ADSIRecordSet.Fields("sAMAccountName").Value


If err.number = 3021 then
msgbox "The account could not be found for " &
username & VBTAB &
"Script Run by: " & VBTAB & AdminUser & VBTAB & "on: " & now
set WshShell = CreateObject("WScript.Shell")
WshShell.LogEvent 0, "The account could not be found
for " &
username & VBTAB & "Script Run by: " & VBTAB & AdminUser & VBTAB &
"on: " & Now
'WshShell.LogEvent 0000, "The account could not be
found for " &
username & VBTAB & "Script Run by: " & VBTAB & AdminUser & VBTAB &
"on: " & now
exit sub
end if


strUserName = ADSIRecordSet.Fields("distinguishedName").Value
strAdsPath = ADSIRecordSet.Fields("AdsPath").Value
strusername = strAdsPath


Singlename = "yes"


ParentDn = "Na"
UserCn = "Na"


If instr(strusername,"\,") then Singlename = "No"


If SingleName ="yes" then
Pos1s = InStr(strusername,"CN=")
Pos1e = InStr(strusername,",")
pos1e = pos1e - pos1s
UserCn = ltrim(rtrim(mid(strusername,Pos1s,POs1e)))


Pos2s = InStr((Pos1s+1),strusername,"CN=")
Pos2e = len(strusername)
pos2e = pos2e - (pos2s-1)
ParentDn = ltrim(rtrim(mid(strusername,Pos2s,POs2e)))
Else
Pos1s = InStr(strusername,"CN=")
Pos1e = InStr(strusername,",C")
pos1e = pos1e - pos1s
UserCn = ltrim(rtrim(mid(strusername,Pos1s,POs1e)))


Pos2s = InStr((Pos1s+1),strusername,"CN=")
Pos2e = len(strusername)
pos2e = pos2e - (pos2s-1)
ParentDn = ltrim(rtrim(mid(strusername,Pos2s,POs2e)))


End If


Set ObjOU = GetObject("LDAP://"; & ParentDn)
ObjOU.Delete "User", UserCn
MsgBox "Account: " & username & " has been deleted."


End sub
'==========================================================================­
===========================================================================­
===
'Sub to search for the AD account and then delete it using input from
a file.
'==========================================================================­
===========================================================================­
===
Sub DeleteMultiAccountAD(AdminUser)
On Error Resume Next


'Set and Open Excel File


Set objExcel = CreateObject("Excel.Application")
Set objWorkbook = objExcel.Workbooks.Open ("T:\SLA\Delete User Script
\UsersForDeletion.xls")
strErrorLog = "T:\SLA\Delete User Script\DeletionLogFile.txt"
Set objFSO = CreateObject("Scripting.FileSystemObject")
Set objFile = objFSO.OpenTextFile(strErrorLog, 8, True, 0)


intRow = 2
Do Until objExcel.Cells(intRow,1).Value = ""


username = objExcel.Cells(intRow, 1).Value
AdminUser = objExcel.Cells(intRow, 2).Value
strReference = objExcel.Cells(intRow, 3).Value


'#Set Organisational Unit within Active Directory#


'Open connection to AD using LDAP
Set objCommand = CreateObject("ADODB.Command")
Set objConnection = CreateObject("ADODB.Connection")
objConnection.Provider = "ADsDSOObject"
objConnection.Open "Active Directory Provider"
objCommand.ActiveConnection = objConnection


'***Set the ou and gets the Parent ID based on the
username***


strBase = "<LDAP://dc=Domain,dc=local>"


strFilter = "(&(objectCategory=person)(sAMAccountName=" &
username &
"))"
strAttributes =
"sAMAccountName,distinguishedName,Name,AdsPath"
strQuery = strBase & ";" & strFilter & ";" & strAttributes
objCommand.CommandText = strQuery
Set ADSIRecordSet = objCommand.Execute


strName = ADSIRecordSet.Fields("sAMAccountName").Value
strUserName = ADSIRecordSet.Fields("distinguishedName").Value
strAdsPath = ADSIRecordSet.Fields("AdsPath").Value
strusername = strAdsPath


errornumber = err.number


Singlename = "yes"


ParentDn = "Na"
UserCn = "Na"


If instr(strusername,"\,") then Singlename = "No"


If SingleName ="yes" then
Pos1s = InStr(strusername,"CN=")
Pos1e = InStr(strusername,",")
pos1e = pos1e - pos1s
UserCn = ltrim(rtrim(mid(strusername,Pos1s,POs1e)))


Pos2s = InStr((Pos1s+1),strusername,"CN=")
Pos2e = len(strusername)
pos2e = pos2e - (pos2s-1)
ParentDn = ltrim(rtrim(mid(strusername,Pos2s,POs2e)))
Else
Pos1s = InStr(strusername,"CN=")
Pos1e = InStr(strusername,",C")
pos1e = pos1e - pos1s
UserCn = ltrim(rtrim(mid(strusername,Pos1s,POs1e)))


Pos2s = InStr((Pos1s+1),strusername,"CN=")
Pos2e = len(strusername)
pos2e = pos2e - (pos2s-1)
ParentDn = ltrim(rtrim(mid(strusername,Pos2s,POs2e)))


End If


If errornumber = 3021 then
objFile.WriteLine "User NOT found in domain:" & VBTAB
& username &
VBTAB & "Script Run by: " & VBTAB & AdminUser & VBTAB & "on: " & now
&
VBCRLF
set WshShell = CreateObject("WScript.Shell")
WshShell.LogEvent 0, "The account could not be found
for " &
username & VBTAB & "Script Run by: " & VBTAB & AdminUser & VBTAB &
"on: " & Now
Else
Set ObjOU = GetObject("LDAP://"; & ParentDn)
ObjOU.Delete "User", UserCn
objFile.WriteLine username & VBTAB & "Deleted" & VBTAB
& VBTAB &
"Script Run by: " & VBTAB & AdminUser & VBTAB & "on: " & now &
VBCRLF
set WshShell = CreateObject("WScript.Shell")
WshShell.LogEvent 0, username & VBTAB & "Deleted" &
VBTAB & VBTAB &
"Script Run by: " & VBTAB & AdminUser & VBTAB & "on: " & Now
End if


intRow = intRow + 1


Loop


'#Close workbook and quit Excel#


objExcel.ActiveWorkbook.Close
objExcel.Application.Quit


'#Clean up#


Set objExcel = Nothing
Set obj*** = Nothing
Set objUser = Nothing


MsgBox "The Script has Completed. Please refer to the log file for
further information. (" & strErrorLog & ")"


End Sub
'==========================================================================­
===========================================================================­
===
'Sub to set fields for radio buttons.
'==========================================================================­
===========================================================================­
===
Sub Disable_Click


RadioDisable.Checked = true
RadioDelete.Checked = false
AccSingleRadio.Checked = false
AccMultiRadio.Checked = false
AccSingleRadio.Disabled = true
AccMultiRadio.Disabled = true
txtusername.disabled = false
txtreference.disabled = false
txtinitials.disabled = false


End Sub
'==========================================================================­
===========================================================================­
===
'Sub to set fields for radio buttons.
'==========================================================================­
===========================================================================­
===
Sub Delete_Click


RadioDisable.Checked = false
RadioDelete.Checked = true
AccSingleRadio.Checked = false
AccMultiRadio.Checked = false
AccSingleRadio.Disabled = false
AccMultiRadio.Disabled = false
txtusername.disabled = false
txtreference.disabled = false
txtinitials.disabled = false


End Sub
'==========================================================================­
===========================================================================­
===
'Sub to set fields for radio buttons.
'==========================================================================­
===========================================================================­
===
Sub Delete_Single_Click


AccSingleRadio.Checked = true
AccMultiRadio.Checked = false
txtusername.disabled = false
txtreference.disabled = false
txtinitials.disabled = false


End Sub
'==========================================================================­
===========================================================================­
===
'Sub to set fields for radio buttons.
'==========================================================================­
===========================================================================­
===
Sub Delete_Multiple_Click


AccSingleRadio.Checked = false
AccMultiRadio.Checked = true
txtusername.disabled = true
txtreference.disabled = true
txtinitials.disabled = true


End Sub
'==========================================================================­
===========================================================================­
===
'Sub to reset the HTA Script Window
'==========================================================================­
===========================================================================­
===
sub btnReset_click


txtusername.value = ""
txtreference.value = ""
txtinitials.value = ""
txtinitials.disabled = false
txtreference.disabled = false
AccSingleRadio.Checked = false
AccMultiRadio.Checked = false
RadioDisable.Checked = false
RadioDelete.Checked = false
AccSingleRadio.Disabled = false
AccMultiRadio.Disabled = false
RadioDisable.Disabled = false
RadioDelete.Disabled = false
btnUserOption.disabled = false
btnReset.disabled = false
btnClose.disabled = false


End sub
'==========================================================================­
===========================================================================­
===
'Sub to close the HTA Script Window
'==========================================================================­
===========================================================================­
===
Sub window_close
window.parent.close
End Sub
'==========================================================================­
===========================================================================­
===
'End of VBScript and Begining of Main HTML Code.
'==========================================================================­
===========================================================================­
===
</SCRIPT>
<body bgColor="000000">
<P ALIGN = center>
<img src="wavylogo.bmp" alt="Domain"></P>
<BR>
<P ALIGN = center><h2 ALIGN = center>
Welcome to the Domain Account Deletion Script</P></h2>
<BR>
<table width="100%" border="0">
<tr><th COLSPAN=2>Please Select the Action type<hr></th></tr>
</table>
<table width="100%" border="1">
<tr><td width="33%" valign="top" border= "black"><input
type="radio"
name="RadioDisable" name="Disable_Accounts"
onclick="Disable_Click">Disable User Accounts<BR>
<td width="33%" valign="top" border= "black"><input
type="radio"
name="RadioDelete" name="Delete_Accounts"
onclick="Delete_Click">Delete User Accounts<BR></td>
</tr>
<table width="100%" border="0">
<tr><th COLSPAN=2>Please Select the deletion type<hr></th></
tr>
</table>
<table width="100%" border="1">
<tr><td width="33%" valign="top" border= "black"><input
type="radio"
name="AccSingleRadio" name="Delete_Single_Account"
onclick="Delete_Single_Click">Single User Account<BR>
<td width="33%" valign="top" border= "black"><input
type="radio"
name="AccMultiRadio" name="Delete_Multiple_Accounts"
onclick="Delete_Multiple_Click">Multiple User Accounts<BR></td>
</tr>
<table width="100%" border="0">
<tr><th COLSPAN=2>Please Enter the Users Information<hr></th></
tr>
</table>
<table width="100%" border="0">
<tr><td>Please enter the AD account username:</td><td><input
type="text" id="txtusername" size="30"></td></tr>
<tr><td>Please enter the request reference number:</
td><td><input
type="text" id="txtreference" size="30"></td></tr>
<tr><td>Please enter your initials:</td><td><input
type="text"
id="txtinitials" size="30"></td></tr>
</table><hr>
<table width="100%" border="0">
<tr><td><P ALIGN = center><input type="button"
id="btnUserOption"
Value="Submit" onclick="btnRunScript_Click"><input type="button"
id="btnReset" Value="Reset" onclick="btnReset_Click"><input
type="button" id="btnClose" Value="Close" onclick="window_Close"></
P></
th></tr>
</table>
</body>
</html>


Many Thanks in advance.


.

---

• Follow-Ups:
  • Re: Problem disabling and deleting AD Account
    • From: meridean

• References:
  • Problem disabling and deleting AD Account
    • From: meridean

• Prev by Date: Re: XCACLS.vbs /r switch removes everyone
• Next by Date: Re: User Accounts how to show Created by:
• Previous by thread: Problem disabling and deleting AD Account
• Next by thread: Re: Problem disabling and deleting AD Account
• Index(es):
  • Date
  • Thread

We are proud to have Web Hosting and Rack Housing from 9 Net Avenue Deutschland.
(18)