Solved

Remove Disabled Users from an AD security group

Posted on 2011-03-16
4
1,197 Views
Last Modified: 2012-05-11
Hello...

Is there a way to remove ONLY disabled users from an AD security group via VB script?

TY,
Quan
0
Comment
Question by:qvn7
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
  • 2
4 Comments
 
LVL 65

Expert Comment

by:RobSampson
ID: 35153895
Hi, this script will remove disabled accounts from the specified Active Directory group.

Regards,

Rob.
Const ADS_UF_ACCOUNTDISABLE = 2
Set objGroup = GetObject("LDAP://CN=TestUsers,OU=TestOU,DC=Domain,DC=Com")
For Each objUser In objGroup.Members
	If objUser.Class = "user" Then
		intUAC = objUser.userAccountControl
		If intUAC And ADS_UF_ACCOUNTDISABLE Then
			WScript.Echo Mid(objUser.Name, 4) & " is disabled"
			objGroup.Remove objUser.AdsPath
			WScript.Echo Mid(objUser.Name, 4) & " was removed from " & Mid(objGroup.Name, 4)
		Else
			WScript.Echo Mid(objUser.Name, 4) & " is not disabled"
		End If
	End If
Next
MsgBox "Done"

Open in new window

0
 

Author Comment

by:qvn7
ID: 35156818
Thanks to those who provided great suggestions/solutions.  Appreciate it very much!!!
0
 
LVL 65

Accepted Solution

by:
RobSampson earned 500 total points
ID: 35162338
Did it work well enough for you to close the question?  I noticed you posted another question, I'll check it out.

Regards,

Rob.
0

Featured Post

Free NetCrunch network monitor licenses!

Only on Experts-Exchange: Sign-up for a free-trial and we'll send you your permanent license!

Here is what you get: 30 Nodes | Unlimited Sensors | No Time Restrictions | Absolutely FREE!

Act now. This offer ends July 14, 2017.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

This article demonstrates probably the easiest way to configure domain-wide tier isolation within Active Directory. If you do not know tier isolation read https://technet.microsoft.com/en-us/windows-server-docs/security/securing-privileged-access/s…
A hard and fast method for reducing Active Directory Administrators members.
This video shows how to use Hyena, from SystemTools Software, to bulk import 100 user accounts from an external text file. View in 1080p for best video quality.
There are cases when e.g. an IT administrator wants to have full access and view into selected mailboxes on Exchange server, directly from his own email account in Outlook or Outlook Web Access. This proves useful when for example administrator want…

728 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question