Solved

VBScript to Edit Computer Attribute in Active Directory

Posted on 2012-03-20
6
489 Views
Last Modified: 2012-03-21
I need a VBScript that will edit the Active Directory attribute "extensionAttribute12" to equal "Test-PCS-07" when it has no value within an OU named "Computers" that is directly under the domain "Contoso".

Anyone have the script syntax that needs to be run? Thanks!
0
Comment
Question by:brendan-amex
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
  • 4
  • 2
6 Comments
 
LVL 23

Accepted Solution

by:
yo_bee earned 500 total points
ID: 37745556
Try this. I used something similar a while back.
It may work for you.

Option Explicit
Const adStateOpen = 1

Const ADS_PROPERTY_CLEAR = 1
Const ADS_PROPERTY_UPDATE = 2
Const ADS_PROPERTY_APPEND = 3
Const ADS_PROPERTY_DELETE = 4

Dim objConn 'ADO Connection object
Dim objRS 'ADO Recordset object
Dim strAlt, strName, StrADs 
Dim objUser
 

Set objConn = CreateObject("ADODB.Connection")
objConn.Provider = "ADSDSOObject"
objConn.Open
If objConn.State = adStateOpen Then
WScript.Echo "Authentication Successful!"
Else
WScript.Echo "Authentication Failed."
WScript.Quit(1)
End If
Set objRS = objConn.Execute _
("<LDAP://DC=contoso,DC=local>;(&(objectCategory=computer)" _
& "(objectClass=computer));Name,ADsPath,extensionAttribute12;SubTree")
While Not objRS.EOF
strAlt = objRS.Fields.Item("extensionAttribute12").Value
strName = objRS.Fields.Item("Name").Value
strADs = objRS.Fields.Item("ADsPath").Value

If (strAlt) = vbNullString then
'Wscript.Echo strName  & _
'vbCrLF & strADs & _
 'vbCrLf & strAlt & vbCrLf
 wscript.echo strAlt
 Set ObjUser = getobject(strADs)
objuser.Put ADS_PROPERTY_UPDATE, "extensionAttribute12",  "Test-PCS-07"
objuser.SetInfo              ' Now the property has no value.

else

end IF
objRS.MoveNext
Wend
Set objRS = Nothing
objConn.Close	

Open in new window

0
 

Author Closing Comment

by:brendan-amex
ID: 37745576
Thank you, I'll try it!
0
 
LVL 23

Expert Comment

by:yo_bee
ID: 37745581
Thanks for accepting my solution untested.  You did not have to accept this as of yet for further questions and solutions
0
Does Powershell have you tied up in knots?

Managing Active Directory does not always have to be complicated.  If you are spending more time trying instead of doing, then it's time to look at something else. For nearly 20 years, AD admins around the world have used one tool for day-to-day AD management: Hyena. Discover why

 
LVL 23

Expert Comment

by:yo_bee
ID: 37747213
I just tested the scripted and it did not work, but I have resolved it with the script below.

Option Explicit
Const adStateOpen = 1

Const ADS_PROPERTY_CLEAR = 1
Const ADS_PROPERTY_UPDATE = 2
Const ADS_PROPERTY_APPEND = 3
Const ADS_PROPERTY_DELETE = 4

Dim objConn 'ADO Connection object
Dim objRS 'ADO Recordset object
Dim strAlt, strName, StrADs 
Dim objUser
 

Set objConn = CreateObject("ADODB.Connection")
objConn.Provider = "ADSDSOObject"
objConn.Open
If objConn.State = adStateOpen Then
WScript.Echo "Authentication Successful!"
Else
WScript.Echo "Authentication Failed."
WScript.Quit(1)
End If
Set objRS = objConn.Execute _
("<LDAP://DC=contoso,DC=local>;(&(objectCategory=computer)" _
& "(objectClass=computer));Name,ADsPath,extensionAttribute12;SubTree")
While Not objRS.EOF
strAlt = objRS.Fields.Item("extensionAttribute12").Value
strName = objRS.Fields.Item("Name").Value
strADs = objRS.Fields.Item("ADsPath").Value

If (isNull(StrAlt)) = true then

Set ObjUser = getobject(strADs)
objuser.Put "extensionAttribute12",  "Test-PCS-07"
objuser.SetInfo              ' Now the property has no value.



end IF
objRS.MoveNext
Wend
Set objRS = Nothing
objConn.Close	

Open in new window

0
 

Author Comment

by:brendan-amex
ID: 37747236
Thank you. I accepted it because I'm thinking about using power shell so I might just not use VBScript at all but that's good to know the above works. Thanks!
0
 
LVL 23

Expert Comment

by:yo_bee
ID: 37747381
I think PS is probably a better way to go anyway.
0

Featured Post

Office 365 Training for Admins - 7 Day Trial

Learn how to provision tenants, synchronize on-premise Active Directory, implement Single Sign-On, customize Office deployment, and protect your organization with eDiscovery and DLP policies.  Only from Platform Scholar.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Always backup Domain, SYSVOL etc.using processes according to Microsoft Best Practices. This is meant as a disaster recovery process for small environments that did not implement backup processes and did not run a secondary domain controller that ne…
Did you know that more than 4 billion data records have been recorded as lost or stolen since 2013? It was a staggering number brought to our attention during last week’s ManageEngine webinar, where attendees received a comprehensive look at the ma…
This Micro Tutorial hows how you can integrate  Mac OSX to a Windows Active Directory Domain. Apple has made it easy to allow users to bind their macs to a windows domain with relative ease. The following video show how to bind OSX Mavericks to …
Attackers love to prey on accounts that have privileges. Reducing privileged accounts and protecting privileged accounts therefore is paramount. Users, groups, and service accounts need to be protected to help protect the entire Active Directory …

717 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question