damoncf1234
asked on
Delete computer account from AD from a workstation not on domain
Hello,
I'm looking for a script that will prompt a user for a computername, then search AD for that computername, and delete it. The script needs to be able to run from an XP machine that is not a member of the domain (yet).
I've found several vbscripts on EE's website that query AD and delete computer accounts, and they work great as long as you run them from a machine that is on the domain.
Basically, I'd like a script that prompts the user for not only the machine name they'd like to delete, but also for their admin username and password. I've found one vbscript on another post courtesy of kelvinight, but it needs to be able to prompt the user for network credentials as well as the computer name...
Any help would be appreciated. I'm including the vbscript from kelvinight below. Here's the question that came from:
https://www.experts-exchange.com/questions/24062723/Delete-domain-computer.html
I'm looking for a script that will prompt a user for a computername, then search AD for that computername, and delete it. The script needs to be able to run from an XP machine that is not a member of the domain (yet).
I've found several vbscripts on EE's website that query AD and delete computer accounts, and they work great as long as you run them from a machine that is on the domain.
Basically, I'd like a script that prompts the user for not only the machine name they'd like to delete, but also for their admin username and password. I've found one vbscript on another post courtesy of kelvinight, but it needs to be able to prompt the user for network credentials as well as the computer name...
Any help would be appreciated. I'm including the vbscript from kelvinight below. Here's the question that came from:
https://www.experts-exchange.com/questions/24062723/Delete-domain-computer.html
Const ADS_SCOPE_SUBTREE = 2
Const ADS_SECURE_AUTHENTICATION = 1
Set objConnection = CreateObject("ADODB.Connection")
Set objCommand = CreateObject("ADODB.Command")
objConnection.Provider = "ADsDSOObject"
objConnection.Properties("User ID") = "test\admin"
objConnection.Properties("Password") = "home"
objConnection.Properties("Encrypt Password") = True
objConnection.Properties("ADSI Flag") = 1
strComputer = "test"
strDomain = "srv.test.com"
objConnection.Open "Active Directory Provider"
Set objCommand.ActiveConnection = objConnection
objCommand.Properties("Page Size") = 100
objCommand.Properties("Cache Results") = False
objCommand.Properties("Searchscope") = ADS_SCOPE_SUBTREE
objCommand.CommandText = _
"SELECT ADsPath FROM 'LDAP://" & strDomain & "' WHERE objectCategory='computer' " & _
"AND Name='" & strComputer & "'"
Set objRecordSet = objCommand.Execute
objRecordSet.MoveFirst
strADsPath = ""
While Not objRecordSet.EOF
strADsPath = objRecordSet.Fields("ADsPath").Value
objRecordSet.MoveNext
Wend
If strADsPath = "" Then
MsgBox "Computer not found."
Else
MsgBox "Computer path: " & strADsPath
Set objNS = GetObject("LDAP:")
Set objComputer = objNS.OpenDSObject(strADsPath, "test\admin", "home",ADS_SECURE_AUTHENTICATION)
objComputer.DeleteObject (0)
End If
ASKER CERTIFIED SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
ASKER
Thanks for the help.
Sorry Hubasan - I didn''t refresh before posting.
damoncf1234 - I don't think either script masks user input. I'm not sure how you would do this with VBS.
Glad you got it sorted though...
damoncf1234 - I don't think either script masks user input. I'm not sure how you would do this with VBS.
Glad you got it sorted though...
No problem bluntTony,
It happened a lot to me when I first started here, so now I just refresh the thread before posting to make sure users are not getting help from another expert :-)
damoncf1234,
Masking the password is not possible in VBS, while using a default wscript.exe provider as a default. So unless you were to use HTA with embedded VBS which is an unnecessary complication in my opinion, you will not be able to do it.
It happened a lot to me when I first started here, so now I just refresh the thread before posting to make sure users are not getting help from another expert :-)
damoncf1234,
Masking the password is not possible in VBS, while using a default wscript.exe provider as a default. So unless you were to use HTA with embedded VBS which is an unnecessary complication in my opinion, you will not be able to do it.
ASKER
Tony, thanks for the help as well. One thing with your proposed solution; the user's admin password was not masked, so anyone looking over someone's shoulder would be able to see a password being typed in...