Remove Computer Account from the domain problems

I am trying to remove a computer account from the domain, but for whatever reason when I try to run even a simple 3 line computer removal script I get the attached error.

What can I do to get this to work? Why would I not be able to set the value of objComputer?


strComputer = "EBTESTVM2003"
 
set objComputer = GetObject("LDAP://CN=" & strComputer & ",CN=Test,CN=Servers,DC=Domain,DC=com")
 
objComputer.DeleteObject (0)

Open in new window

error.bmp
mlptechnicalAsked:
Who is Participating?

[Webinar] Streamline your web hosting managementRegister Today

x
 
BigBadWolf_000Connect With a Mentor Commented:
Hmmmm it may. I tested on 2003 domain...don't have 2008 domain to test on..
Try this script...

http://groups.google.com/group/microsoft.public.adsi.general/browse_thread/thread/419098cbfb3b7f55/cd52d33f0a597f3b
 
0
 
StappmeyerCommented:
Check your LDAP context.  I am guessing you created the OUs "Test" and "Servers".  
The context is likely to be "ou=Test,ou=Servers,DC=Domain,DC=com"

The CN=Users and CN=Computers containers are computer-protected objects. For backward compatibility reasons.  (This is why the have the CN= designation.)

Steve
0
 
BigBadWolf_000Commented:
You are missing the underscore after &
see bekow
set objComputer = GetObject("LDAP://CN=" & strComputer & _
    ",CN=Test,CN=Servers,DC=Domain,DC=com")

Open in new window

0
Free tool for managing users' photos in Office 365

Easily upload multiple users’ photos to Office 365. Manage them with an intuitive GUI and use handy built-in cropping and resizing options. Link photos with users based on Azure AD attributes. Free tool!

 
BigBadWolf_000Commented:
Ooops ignore above entry
0
 
AmericomCommented:
There's nothing wrong on your script. Double check on your your OU path and make sure there is a computer account object in the "Test" OU and this OU is under the "Servers" OU and so on.
0
 
BigBadWolf_000Commented:
Use this script to get/verify you are using correct LDAP path for the computer object in your original script.

'replace with the computer account with $ on the end
Public Const ADS_NAME_INITTYPE_GC = 3
Public Const ADS_NAME_TYPE_1779 = 1
Public const ADS_NAME_TYPE_NT4 = 3
 
sSAMAccountName = "domain\computername$"
 
Set oNTr = WScript.CreateObject("NameTranslate")
oNTr.Init ADS_NAME_INITTYPE_GC, ""
oNTr.Set ADS_NAME_TYPE_NT4, sSAMAccountName
GetDNFromSAM = oNTr.Get(ADS_NAME_TYPE_1779)
 
Set oUser = GetObject("GC://" & GetDNFromSAM)
sUserContainerDN = Replace(lcase(oUser.distinguishedName), lcase("cn=" & oUser.cn) & ",", "")
WScript.Echo sUserContainerDN 

Open in new window

0
 
mlptechnicalAuthor Commented:
All,

That path I gave is just a test path. I have a real script that runs that looks up the computer name and returns the full path. The path that it is currently trying to use is:

LDAP://10.6.24.221/CN=TESTEB04,OU=Production,OU=Desktops,OU=MLPComputers,DC=DallasMlp,DC=COM

i am not manually entering this into the script, but i am using this command to set the object:

Set objComputer = GetObject(objRecordSet.Fields("ADsPath").Value)

It fails no matter which computer I use, it fails if i try and set it manually or automatically, and I am having lots of issues with it


0
 
BigBadWolf_000Commented:
Can u post your script...it will be easier to troublshoot
0
 
mlptechnicalAuthor Commented:

Set objNetwork = CreateObject("WScript.Network") 
strComputer = objNetwork.ComputerName 
 
if isComputerAccountExists(strComputer) = true then
	msgbox(strComputer & " Is on the Domain")
	DeleteComputer(strComputer)
else
	msgbox(strComputer & " Is not on the Domain")
end if
 
 
Function DeleteComputer(ComputerName)
	Const ADS_SCOPE_SUBTREE = 2
	
	Set objConnection = CreateObject("ADODB.Connection")
	Set objCommand =   CreateObject("ADODB.Command")
	objConnection.Provider = "ADsDSOObject"
	objConnection.open "active directory provider", "DallasMLP\username", "password"
	
	Set objCommand.ActiveConnection = objConnection
	objCommand.Properties("Page Size") = 1000
	objCommand.Properties("Searchscope") = ADS_SCOPE_SUBTREE 
	
	objCommand.CommandText = "SELECT ADsPath FROM 'LDAP://192.168.5.221/dc=DallasMLP,dc=com' WHERE objectCategory='computer' " & "AND name='" & ComputerName & "'"
	Set objRecordSet = objCommand.Execute
	
	objRecordSet.MoveFirst
	Do Until objRecordSet.EOF
		strADsPath = objRecordSet.Fields("ADsPath").Value
		
		Set objComputer = GetObject(objRecordSet.Fields("ADsPath").Value)
		
		msgbox(strADsPath)
		msgbox("delete")
		strADsPath.DeleteObject (0)
		Wscript.Echo "The Computer Account has been deleted."
		
		objRecordSet.MoveNext
			
	Loop
	End Function 
 
 
 
Function isComputerAccountExists(host)
	Dim conn, cmd , rs
	Set conn = CreateObject("ADODB.Connection")
	Set cmd = CreateObject("ADODB.Command")
 
	conn.provider = "adsdsoobject"
	conn.open "active directory provider", "DallasMLP\username", "password"
	cmd.activeconnection = conn
	cmd.commandtext = "<LDAP://192.168.5.221/dc=DallasMLP,dc=com>;" & "(&(objectcategory=computer)(objectclass=computer)(cn=" & host & "));cn;subtree"
 
	Set rs = cmd.Execute
 
	If rs.recordcount = 0 Then
	isComputerAccountExists = False
	Else
	isComputerAccountExists = True
	End If
 
	Set rs = Nothing
	Set cmd = Nothing
	Set conn = Nothing
		End Function 

Open in new window

0
 
mlptechnicalAuthor Commented:
Any updates? The problem still boils down to the fact that for whatever reason, objComputer can't get the value assigned to it.

Please Help!
0
 
BigBadWolf_000Commented:
Ran with line below and it worked fine...Are u runnning the first script u posted on a DC or from a client PC
set objComputer = GetObject("LDAP://CN=" & strComputer & ",CN=computers,DC=mydomain,DC=us,DC=com")
0
 
mlptechnicalAuthor Commented:
From a client computer that isn't joined to the domain. But it does connect and pass admin credintials.
0
 
BigBadWolf_000Commented:
FYI....i ran the first script on a DC.
Have you tried running it on a PC on the domain? just to eliminate syntax vs accesscontrol issues
0
 
mlptechnicalAuthor Commented:
Yup, i even tried that simple three line one on the domain and that still didn't work.
0
 
mlptechnicalAuthor Commented:
does it make a difference if the OS is running server 2008 or not?
0
All Courses

From novice to tech pro — start learning today.