Solved

VBSCRIPT Help

Posted on 2009-05-18
6
403 Views
Last Modified: 2012-06-27
Hello all i am currently modifying the code below, i am tryin to add this line, but have had no luck, i want it to tell me if it could not find the user i input. the full code is at the code window
else      
   strResp=Msgbox(strUser & " not found.  Would you like to retry?", vbYesNo, "Problem with account information")
   If strResp=vbYes Then Reset
end if
End Sub
'This Script will disable and move a user, also remove memberships accept Domain Users and hide from Exchange Addressbook
 

Const ADS_PROPERTY_DELETE = 4

Const E_ADS_PROPERTY_NOT_FOUND  = &h8000500D

 

UserName=InputBox ("Enter Username (samAccountName): ", "Account Disable")

IF LEN(Trim(UserName)) <=0 Then wscript.echo "A user account must be entered." 
 
 

Incident=InputBox ("Enter Incident ID: ", "")

IF LEN(Trim(UserName)) <=0 Then wscript.echo "A Incident ID Must be Entered."
 
 

SET adoCon = CreateObject("ADODB.Connection")

SET adoCmd =   CreateObject("ADODB.Command")

adoCon.Provider = "ADsDSOObject"

adoCon.Open "Active Directory Provider"

SET adoCmd.ActiveConnection = adoCon

adoCmd.Properties("Page Size") = 1000

adoCmd.Properties("Timeout") = 30

adoCmd.Properties("Cache Results") = False

 

SET objRootDSE = GetObject("LDAP://RootDSE")

strDNSDomain = objRootDSE.Get("defaultNamingContext")

strFilter = "(&(sAMAccountType=805306368)(SAMAccountName=" & UserName & "))"

strFields = "distinguishedName, ADsPath"
 
 
 

'Change this OU Name

strNewOUDN="OU=voIP,DC=ABC,DC=local"

strQuery = "<LDAP://" & strDNSDomain & ">;" & strFilter & ";" & strFields & ";subtree"

adoCmd.CommandText = strQuery

SET adoRec = adoCmd.Execute

DO UNTIL adoRec.EOF

      SET objUser = GetObject(adoRec.Fields("ADsPath").Value)

      arrMemberOf = objUser.GetEx("memberOf")

      If Not Err.Number = E_ADS_PROPERTY_NOT_FOUND Then

            For Each Group in arrMemberOf

                  Set objGroup = GetObject("LDAP://" & Group) 

                  objGroup.PutEx ADS_PROPERTY_DELETE, "member", Array(adoRec.Fields("distinguishedName").Value)

                  objGroup.SetInfo

            Next

      End If

objUser.info = Incident 

objUser.SetInfo

      objUser.AccountDisabled = TRUE

      objUser.HideFromAddressBook = True

      objUser.SetInfo

      SET objCont = GetObject("LDAP://" & strNewOUDN)

      objCont.MoveHere adoRec.Fields("ADsPath").Value, vbNullString

      Msgbox "Account disabled and moved to new OU.", vbInformation, "Confirmation"

      adoRec.MoveNext

LOOP

adoRec.Close

SET adoRec = Nothing

adoCon.Close

SET adoCon = Nothing

Open in new window

0
Comment
Question by:EfrenM
6 Comments
 
LVL 67

Assisted Solution

by:sirbounty
sirbounty earned 100 total points
ID: 24415764
Not sure where you're intending to put that, as it doesn't match up with your code, but if you're trying to ensure input, you could use something like the attached (though it does have the potential for an 'endless loop')
While UserName = ""  

  UserName=InputBox ("Enter Username (samAccountName): ", "Account Disable")

Wend

Open in new window

0
 
LVL 7

Accepted Solution

by:
crokeefe28 earned 200 total points
ID: 24415844
How about creating a function to find the user:

ldapPath = FindUser(username)

if ldapPath = "Not Found" then
      wscript.echo "User not found!"
EndIf

Function FindUser(Byval UserName)
      on error resume next

      set objRoot = getobject("LDAP://RootDSE")
      domainName = objRoot.get("defaultNamingContext")
      set cn = createobject("ADODB.Connection")
      set cmd = createobject("ADODB.Command")
      set rs = createobject("ADODB.Recordset")

      cn.open "Provider=ADsDSOObject;"
      
      cmd.activeconnection=cn
      cmd.commandtext="SELECT ADsPath FROM 'LDAP://" & domainName & _
                  "' WHERE sAMAccountName = '" & UserName & "'"
      
      set rs = cmd.execute

      if err<>0 then
            wscript.echo "Error connecting to Active Directory Database:" & err.description
            wscript.quit
      else
            if not rs.BOF and not rs.EOF then
                       rs.MoveFirst
                       FindUser = rs(0)
            else
                  FindUser = "Not Found"
            end if
      end if
      cn.close
end function
0
 
LVL 3

Assisted Solution

by:Cameron_S
Cameron_S earned 200 total points
ID: 24415871
I think if I understand correctly, you want to return a message stating that the account was not found, yes? If so, something like this should work. I do not think you need an End Sub at the location you are at, and from what I see the Else should trap if the If Not Err.Number = E_ADS_PROPERTY_NOT_FOUND Then
flags True.
If Not Err.Number = E_ADS_PROPERTY_NOT_FOUND Then

            For Each Group in arrMemberOf

                  Set objGroup = GetObject("LDAP://" & Group) 

                  objGroup.PutEx ADS_PROPERTY_DELETE, "member", Array(adoRec.Fields("distinguishedName").Value)

                  objGroup.SetInfo

            Next

Else

strResp=Msgbox(strUser & " not found.  Would you like to retry?", vbYesNo, "Problem with account information")

   If strResp=vbYes Then <DO SOMETHING OR CALL SOMETHING HERE>

   End if

End If

Open in new window

0
Is Your Active Directory as Secure as You Think?

More than 75% of all records are compromised because of the loss or theft of a privileged credential. Experts have been exploring Active Directory infrastructure to identify key threats and establish best practices for keeping data safe. Attend this month’s webinar to learn more.

 
LVL 2

Author Comment

by:EfrenM
ID: 24416155
wasnt able to get them to work =[ , any other ideas?
0
 
LVL 3

Expert Comment

by:Cameron_S
ID: 24416322
Here is some code from MS on how to do an AD search for a user:

http://www.microsoft.com/technet/scriptcenter/guide/sas_usr_seaa.mspx?mfr=true

It will return the values if the user exists, or let you know if it does not. From here you can just add whatever additional code to perform your operations.
0
 
LVL 2

Author Comment

by:EfrenM
ID: 24417415
well i found out here is the finsh code, i added If adoRec.EOF Then ' User not found in AD
                  WScript.Echo "No Records Found"
                  Else

and now it works =] ,
'This Script will disable and move a user, also remove memberships accept Domain Users and hide from Exchange Addressbook

On Error Resume Next

Const ADS_PROPERTY_DELETE = 4

Const E_ADS_PROPERTY_NOT_FOUND  = &h8000500D

 

UserName=InputBox ("Enter Username (samAccountName): ", "Account Disable")

IF LEN(Trim(UserName)) <=0 Then wscript.echo "A user account must be entered." 
 
 

Incident=InputBox ("Enter Incident ID: ", "")

IF LEN(Trim(UserName)) <=0 Then wscript.echo "A Incident ID Must be Entered."
 

SET adoCon = CreateObject("ADODB.Connection")

SET adoCmd =   CreateObject("ADODB.Command")

adoCon.Provider = "ADsDSOObject"

adoCon.Open "Active Directory Provider"

SET adoCmd.ActiveConnection = adoCon

adoCmd.Properties("Page Size") = 1000

adoCmd.Properties("Timeout") = 30

adoCmd.Properties("Cache Results") = False

 

SET objRootDSE = GetObject("LDAP://RootDSE")

strDNSDomain = objRootDSE.Get("defaultNamingContext")

strFilter = "(&(sAMAccountType=805306368)(SAMAccountName=" & UserName & "))"

strFields = "distinguishedName, ADsPath"
 
 
 

'Change this OU Name
 

'strNewOUDN="OU=voIP,DC=ABV,DC=local"

strQuery = "<LDAP://" & strDNSDomain & ">;" & strFilter & ";" & strFields & ";subtree"

adoCmd.CommandText = strQuery

SET adoRec = adoCmd.Execute

If adoRec.EOF Then ' User not found in AD  

			WScript.Echo "No Records Found"

			Else

		DO UNTIL adoRec.EOF

      SET objUser = GetObject(adoRec.Fields("ADsPath").Value)

      arrMemberOf = objUser.GetEx("memberOf")

      If Not Err.Number = E_ADS_PROPERTY_NOT_FOUND Then

            For Each Group in arrMemberOf

                  Set objGroup = GetObject("LDAP://" & Group) 

                  objGroup.PutEx ADS_PROPERTY_DELETE, "member", Array(adoRec.Fields("distinguishedName").Value)

                  objGroup.SetInfo

            Next
 
 

      End If

objUser.info = Incident 

objUser.SetInfo

      objUser.AccountDisabled = TRUE

      objUser.HideFromAddressBook = True

      objUser.SetInfo

      SET objCont = GetObject("LDAP://" & strNewOUDN)

      objCont.MoveHere adoRec.Fields("ADsPath").Value, vbNullString

      Msgbox "Account disabled and moved to new OU.", vbInformation, "Confirmation"

      adoRec.MoveNext

LOOP

adoRec.Close

SET adoRec = Nothing

adoCon.Close

SET adoCon = Nothing
 
 
 

end if

Open in new window

0

Featured Post

Is Your Active Directory as Secure as You Think?

More than 75% of all records are compromised because of the loss or theft of a privileged credential. Experts have been exploring Active Directory infrastructure to identify key threats and establish best practices for keeping data safe. Attend this month’s webinar to learn more.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

When it comes to writing scripts for a Client/Server computing environment it is essential to consider some way of enabling the authentication functionality within a script. This sort of consideration mainly comes into the picture when we are dealin…
This script will sweep a range of IP addresses (class c only, 255.255.255.0) and report to a log the version of office installed. What it does: 1.)      Creates log file in the directory the script is run from (if it doesn't already exist) 2.)      Sweep…
This video demonstrates how to create an example email signature rule for a department in a company using CodeTwo Exchange Rules. The signature will be inserted beneath users' latest emails in conversations and will be displayed in users' Sent Items…
Need to grow your business through quality cloud solutions? With everything required to build a cloud platform and solution, you may feel like the distance between you and the cloud is quite long. Help is here. Spend some time learning about the Con…

914 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

20 Experts available now in Live!

Get 1:1 Help Now